Business depends upon Internet reliability and security, so when it comes to choosing your Internet Service Provider (ISP), it pays to ask the right questions. Given the prevalence of distributed denial of service (DDoS) attacks, one can no longer assume that that your Internet service will be 1) always reliable or 2) “clean.”
First, let’s discuss reliability. Depending on your business, any downtime, even for an hour per month, could be detrimental to your bottom line and your reputation. Second, let’s clarify the issue of “clean pipe.” Lately, “clean pipe” matters more and more, because DDoS attacks are often small, to escape the “radar” of traditional DDoS mitigation solutions. Even though such attacks won’t cripple your network or website, smokescreen DDoS attacks mask more dangerous security breaches that can have far-reaching and long-lasting impacts on your organization.
Therefore, before you lock your business into any ISP contract, you’d be smart to ask the following questions:
1. Can you help protect my enterprise data?
The short answer is no; ISPs are not responsible for preventing or controlling enterprise data breaches. However, as discussed above, DDoS protection has become a fundamental element of network security. ISPs observe traffic flowing into their network, and can block suspicious traffic. Because of Net neutrality laws, in which Internet carriers treat all packets the same, telecommunications companies have directed traffic from one destination to another, without passing judgment about the content. But the tide of opinion is changing; our research has shown that nearly 90% of enterprise customers are turning to their providers to weed out DDoS traffic.
2. How do you block DDoS traffic?
Anti-DDoS hardware and software solutions have evolved in recent years, but not all solutions are equal. Traditional, or legacy, solutions tend to rely on human intervention to 1) notice and attack in progress and 2) respond by diverting traffic to a scrubbing service. Ask your ISP if they have a dedicated, in-line automated DDoS mitigation appliance at the peering and transit points that blocks all DDoS traffic from entering their network. Corero technology enables real-time, algorithmic identification of network anomalies and subsequent mitigation of the attack traffic, eliminating the DDoS attacks before they can traverse the network and impact downstream customers.
3. What happens when other customers are hit by a DDoS attack?
When hackers launch a DDoS attack against one ISP customer, it can have damaging effects for other downstream customers that were not directly targeted. That is, if a hacker succeeds in launching large scale DDoS attack to take another website offline, it will almost certainly affect customers who co-reside or are reliant on the infrastructure transporting the attack. Therefore it’s important for ISPs to appropriately detect and block all DDoS attack traffic.
4. Can you provide reporting on what DDoS attack events have occurred or targeted my business?
DDoS event reporting and analytics is available to provide ISPs with complete visibility across networks to analyze DDoS attacks and cyber threats; some ISPs offer this traffic capture as a service to their clients. (ISPs also benefit from this analysis by capturing the necessary data to feed historical analysis of DDoS threat activity including identification of attack vectors, fingerprinting attacker identity, breach characterization and intelligence gathering for preparation against emerging threats.)
5. Do you offer DDoS protection as a service?
To stay competitive, some ISPs offer DDoS protection as a standard part of their service bundle. Others charge additional fees for such protection. It’s much more cost-effective to get DDoS protection from your ISP than to try to do it in-house. By distributing the cost across their customer base, ISPs can offer DDoS protection to their customers at an affordable rate.
For more information, contact us.