Distributed Denial of Service (DDoS) attacks can target any application or service that is reachable from the internet . Web servers, DNS servers, routers, session border controllers, and many other services are constantly subject to attack. Identifying and mitigating these attacks is done using on-premises solutions, cloud-based solutions, or a hybrid solution combing both.
DDoS mitigation is not static. With the power, sophistication, and frequency of DDoS attacks rising, DDoS mitigation must continually evolve in order to protect against the latest attack scenarios. But how can you be sure you are protected? Waiting for an attack to happen to test your resilience is a risky proposition. NETSCOUT’s SpectraSecure solution helps you eliminate that risk.
The NETSCOUT Solution for DDoS Mitigation Testing
SpectraSecure tests DDoS resilience in a controlled manner using configurable threat vectors that can mimic the malicious traffic launched by botnets. SpectraSecure utilizes test-botnets to simulate real-world attack scenarios in a customer’s controlled environment. Using SpectraSecure, you can validate the resilience of any potential target, including networks, applications, and services. Test attacks launched by SpectraSecure appear massively distributed, even when the test-botnet consists of a small number of Virtual Machines. A single test using a volumetric attack vector may appear to originate from millions of unique endpoints.
Although traditional lab testing is essential, it cannot assess the organizational readiness required for holistic DDoS attack mitigation. Conducting war games is one of the best ways to verify that the teams, tools, and processes will all be on the same page when an attack occurs.
Maintaining a blacklist of source addresses can present a challenge. Use SpectraSecure in the lab to verify the target can handle high volume DDoS attacks from blacklisted sources. In a production network, SpectraSecure can launch low-bandwidth attacks to verify that blacklisted packets are handled properly.
Deep Packet Inspection Testing
Solutions that use Deep Packet Inspection (DPI) to identify attacks require test traffic with specific content at the application layer. Using SpectraSecure, simulated attacks can contain a mix of traditional attack vectors and packets that contain application-specific content to trigger DPI-based filters.
Identifying and mitigating DDoS attacks often involves automatic notification of staff and external systems. Use SpectraSecure to verify these critical steps are occurring as required.
Multi-Vector and Custom Attacks
Use SpectraSecure to stay ahead of threat actors by verifying resilience to multi-vector attacks and custom attack scenarios. SpectraSecure’s built-in attack vectors can be modified and combined together to create unique scenarios that exercise all aspects of a mitigation system.