Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 8 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Proactive vs. Reactive: Which is Better for DDoS Defence?

by The Gurus
January 29, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

Distributed denial of service, or more commonly abbreviated as DDoS, is a classic form of cyber-attack in the world of enterprises. The last 18 months has ushered in the era of supercharged, colossal DDoS attacks capable of reaching 1Tbps and more. IT professionals across the world have taken notice and are ready to combat this. Whilst there are many ways to fight DDoS attacks, like scaling and bandwidth metric analysis, in my experience the best methods are proactive and reactive deployment modes.

The question now is, which is the better deployment mode? Both have pros and cons, so perhaps the best way to answer this question is to break it down and see what fits best for your business.

To figure out which of these methods is best for enterprises, we should first explain what ‘proactive’ and ‘reactive’ methods of deployment actually mean. Like the name implies, the proactive mode of DDoS defence is when your defences are constantly looking for potential attackers. A proactive mode uses an in-line tool that has 100 percent visibility through packet analysis. It checks the credentials of every piece of traffic received and uses pre-determined information and behavioural indicators to decide what could be a bot or an attack and blocks it, while allowing regular, human traffic through.

Reactive is the opposite or proactive. With a reactive mode, you leverage the flow data that is available from the edge routers and switches, and perform meta-data analysis to try to detect anomalies.  If this packet analysis gets a hit on something dangerous, like a DDoS attack, it then reacts by inserting the mitigation device. This means the mitigation of traffic only activates once a danger has been detected, rather than all the time.

Based on those definitions, which is the best for business?

Proactive often sounds better, as it is always on and active. Proactive also has the highest resolution detection capabilities available. Some examples of where proactive is used is with real-time applications like those found with voice, video and gaming software, or when protecting critical things like DNS infrastructure.

All good things have a downside, however, and for a proactive mode it is the price. As the system is always on and requires 1:1 capabilities, it can be expensive to set-up and maintain. This is especially true when you have a bigger network.

On the flip-side, a reactive mode uses flow that is already built into the network for its analysis and mitigation is only put in-line during times of attack. This makes it more cost-effective for smaller networks that don’t leverage real-time applications to build defences and oversubscribe your mitigation capabilities. Reactive mode, however, does have limited resolutions of flow, meaning it may take slightly longer to identify an attack. The time to react is also often slower.

Both modes have the same responsibility of surgically mitigating attack traffic and both need to be able to differentiate what is normal and what is a bot.

So now we answer the question of which is better? Like most decisions, it comes down to your business’ specific needs. Can you pay more to have always-on defence or will your business be ok with the more affordable solution? To decide this, factors such as the size of your network, company finances and the importance of what you are trying to defend all need to be considered.

There are plenty of good solutions out there from industry leading companies which can supply both proactive and reactive modes to protect enterprises from cyber-attacks. With solutions that can scale based on the attack and leverage virtualisation and the cloud to better defend from DDoS attacks. Many businesses will be secure regardless of which deployment mode you choose. Just make sure your business has at least one of these solutions, otherwise you won’t be prepared for that eventual attack.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Here we go again… UK Prime Minister urges nerds to come up with magic crypto backdoors

Next Post

Is the bright web more dangerous than the dark?

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information