Improving web security with a CDN
It therefore comes as no surprise that the number and impact of DDoS attacks is growing, with the most destructive of these seeing attack traffic reach heights of over 1TB. Now, more than ever, businesses need to leverage every security expert, strategy and tool in their arsenal to safeguard against attacks and, above all, stay online.
Any business, regardless of industry, should be as prepared as possible – even if they are in an industry that isn’t typically a target for DDoS or cyber-attacks. Our latest research shows that businesses in the gambling sector are most likely to have experienced more attacks than any other industry in the last quarter – 2.7x more attacks than in the same period from the previous year.
But even though the gambling sector is at high risk of DDoS attacks, any business that has an online presence can become a victim. These attacks not only cost a company thousands of pounds to put right, but they can leave cracks in a company’s reputation and a distrust among customers that may never be recovered from.
CDN technology: An unexpected source for DDoS protection
It may not be immediately obvious, but IT departments may already harbour the tools and platforms they need to mitigate DDoS attacks. A Content Delivery Network (CDN), which is typically associated with improving web performance, can in fact help companies keep their websites safe. A lot of providers have opted to add a DDoS protection to their solutions. CDNs are built to analyse and absorb unusual traffic spikes, these can either be the good kinds like the sort that can appear from marketing promotions and the request will be served, or can be identified as bad which means they can be sent into a blackhole, that is specific scrubbing nodes, and protect the website from a DDoS attack before any damage is done.
However, not every CDN is equipped to protect against DDoS attacks. Some CDNs have claimed to offer DDoS protection, when in reality, they rely on their infrastructure to scale and increase the capacity of servers with PoPs placed around the world. This uses sheer size rather than intelligence to absorb attacks without blocking access to web content and applications.
While this will help against low-level DDoS attacks, it won’t be enough for the majority of others.
Not all CDNs are created equal
As the first port of call, a CDN that combines security with the performance of a cloud-based infrastructure can keep a business’ website and web applications secure from hackers and cyber-attacks. So, what does a CDN need to mitigate against DDoS attacks?
- A CDN with specialist DDoS expertise and tools can cope with sudden increases in traffic, maintain fast load times for users even during peak times, and shield websites or web applications from a variety of attacks. This technology can include special PoPs designed to absorb only DDoS traffic, inspection and cleansing of traffic, as well as proactive monitoring tools for attempted attacks.
- Did you know the right CDN will also provide a Web Application Firewall (WAF) that will protect a website as well as online apps from a certain type of DDoS attack? There are different types of DDoS attack – layer 3, that impacts the network; layer 4 that impacts transport and the delivery of data; and layer 7 that impacts the application and in turn, the end user. But only a WAF can protect against layer 7 DDoS attacks. Furthermore, DDoS attacks can be a smoke-screen for hacking attempts, and if used as a distraction for an SQL injection for example, then a WAF will also keep you protected against this too.
Choosing the best equipped CDN can provide a solution to minimise and prevent the damage caused by a DDoS attack. A CDN with specialist DDoS expertise can offer a business years of experience, and the right technology, to monitor its website, mitigate an attack and respond fast if one occurs.
At CDNetworks, our team of deeply experienced network engineers continuously improve our systems and infrastructure to protect our customers from increasingly sophisticated and large attacks.