DDoS attacks now a threat to interior network applications: US test

New test research out of the United States is shedding light on emerging trends around distributed denial-of-service (DDoS), indicating related attacks are now targeting applications inside the networks of enterprise organizations.

Released this week by information security research and advisory company NSS Labs, the finding is contained in the company’s new Security Value Map and Comparative Report. The research evaluates six leading DDoS prevention solutions for security effectiveness, performance and total cost of ownership.

“Historically, DDoS protection meant protecting an enterprise’s Internet presence. In the constantly evolving battle with cyber criminals, DDoS attacks are now targeting applications inside the networks of enterprise organizations,” notes a statement from the company.

Representing the first public Group Test for DDoS prevention solutions, the test focused on, among other things, volumetric, protocol and application DDoS attacks.

“DDoS attacks continue to grow in prevalence and have become a key pain point for security professionals,” the company points out. “While average protection against volumetric and protocol attacks ranged were 94.4% and 95.1%, respectively, the average protection against application attacks was only 80%,” it adds.

The test methodology also addressed stability and performance impact, namely the ability of a solution to maintain performance while defending against an attack. “This gives enterprise buyers a key additional element for evaluations – the ability of the solution to not only detect and mitigate the attack, but to also allow legitimate traffic while the attack is being suppressed,” the statement notes.

“While vendors have largely become adept at protecting against traditional volumetric attacks with little performance impact, stopping a protocol attack can impact performance by as much as 92.5%,” it adds.