Distributed Denial of Service (DDoS) attacks have been on the rise, leaving organizations scrambling for more consistent ways to mitigate the risks. Gartner’s Market Guide for DDoS Mitigation Services highlights the solutions that address these risks.

Since 2013, DDoS Mitigation has grown steadily out of the Web Application Firewall (WAF) sector to become its own market. As it is a relatively young marketplace, new providers have entered the DDoS Mitigation realm in droves, but many, unfortunately, have limited experience in mitigating actual DDoS attacks.

Consequently, it can be difficult to find the right vendor for your company’s security needs. To help you make a more informed decision about your DDoS Mitigation vendor selection, Gartner released their 2018 Market Guide for DDoS Mitigation Services to discuss current risk factors, share recent attack vector data, and to provide an unbiased overview of the top vendor offerings in the market.

Proper DDoS Defense Depends on Your Environments

As cybercriminals become wiser to traditional defenses, they make their attacks more complex and multi-faceted in response. This complexity has brought about greater need for more diverse DDoS mitigation services that enable organizations to accurately detect and address DDoS attacks as they occur.

In Gartner’s Market Guide for DDoS Mitigation Services, DDoS mitigation providers fall into four main categories:

  • Scrubbing Centers – Scrubbing vendors typically have multiple “scrubbing centers” made up of DDoS mitigation equipment that has the bandwidth to handle substantial amounts of traffic (with more bandwidth added every day). When a company is under DDoS attack, the company can redirect traffic to the closest scrubbing center where the mitigation vendor will “scrub out” the bad traffic and reroute the good traffic back to the original destination.
  • Content Delivery Networks – Content Delivery Network (CDN) providers increase website performance by routing website content to a distributed network of global caching servers, making the website more resistant to DDoS attacks. In addition to distributing the traffic, CDNs reduce latency and improve website availability because of the closer proximity of the target audience to the CDN edge-caching server.
  • CSPs and Hosting Providers – Cloud Service Providers (CSPs) and hosting providers often provide certain levels of DDoS mitigation services to their enterprise customers. This enables organizations to bundle DDoS protection alongside purchased bandwidth.
  • IaaS – Infrastructure as a Service intrinsically offers marginal protection from basic DDoS attacks (because of the size and scale of IaaS infrastructure). However, many IaaS providers also offer enhanced DDoS mitigation for an additional cloud fee.

Match Your Risk Level to a DDoS Mitigation Solution

To choose the best DDoS mitigation service for your company, Gartner’s Market Guide for DDoS Mitigation Services suggests that you match your level of attack risk to the capabilities of the DDoS mitigation provider offering:

  • Medium-to-High Risk – Organizations in this category should consider scrubbing center solutions. As these scrubbing vendors protect both externally facing websites and non-web resources, this service provides the best protection against multi-layered threats.
  • Low-to-Medium Risk – Mid-tier risk companies should consider getting DDoS mitigation from their CSP or hosting provider. These providers tend to offer lower monthly premiums, but the number of mitigation events that they can handle are sometimes limited (and can only protect external-facing websites).

Evaluate Your Infrastructure Needs

Traditional on-premise DDoS protection enables your company to maintain direct control of your DDoS mitigation protocols through your owned and operated devices. However, this still leaves your enterprise vulnerable to volumetric attacks that overwhelm your limited bandwidth.

Due to the increased complexity of current DDoS attacks, many companies look for a more scalable, cloud-based DDoS mitigation managed service solution. This is a great option for businesses that do not operate from traditional datacenters or for those that lack the in-house staff and/or bandwidth to manage on-premise DDoS protection. And with 87% of businesses housing workloads in multiple clouds, comprehensive cloud-based DDoS mitigation services are more vital than ever.

Companies with multiple environments will especially benefit from a hybrid strategy that uses both on-premise and cloud-based DDoS attack protection. A hybrid solution also enables your organization to retain control of mitigation timing and techniques while providing protection from large, bandwidth-consuming attacks through the on-demand augmentation of your cloud provider.

Gartner’s Market Guide for DDoS Mitigation Services Highlights F5 Silverline

While new and inexperienced DDoS vendors have flooded the market, Gartner’s Market Guide for DDoS Mitigation Services shares its research on the few vetted companies with the qualifications to handle most mid-size enterprises’ needs.

As such, Gartner highlighted F5 for its effective DDoS mitigation solutions that consistently protect companies at higher risk of sophisticated DDoS attacks. This should come as no surprise given that the DDoS mitigation market grew naturally out of WAF. F5 has become a formidable Gartner MQ leader in the WAF industry in recent years, and this market excellence transfers directly to the company’s DDoS mitigation.

ADAPTURE security experts have found that F5 is particularly effective in DDoS mitigation due to its hybrid approach. F5 creates a flexible, customizable solution that integrates with on-premise and hybrid data centers alike. Moreover, F5’s Silverline is a fully managed, cloud-based protection service that leverages sophisticated cloud-scrubbing technologies to detect, identify, and mitigate large-scale, SSL, and application-targeted attacks in real-time. With Silverline’s layer 7 attack protection, only scrubbed traffic routes back to your environments during an attack, thus reducing downtime and keeping you and your applications online.

In addition, F5 facilitates mitigation transparency. The Silverline customer portal provides attack mitigation visibility and reporting before, during, and after the attack, enabling you to better prepare for future threats.