[SECURITY] Application layer attacks/DDoS attacks

jim deleskie deleskie at gmail.com
Sat May 23 14:32:55 UTC 2015

To many pieces to answer on a weekend on NANOG, but those of us that work
in the DDoS space the last number of years have seen huge growth in the
application layer attacks. This does not mean a decrease in volumetric
attack, just that now you have to worry about both and lots of each.  FW's
while they have got better are still not the solution for many reasons.
Moving things to the "cloud" helps in come cases but not all.  This is an
arms race, the better we protecting the better the "bad guys" get at


On Sat, May 23, 2015 at 9:56 AM, Ramy Hashish <ramy.ihashish at gmail.com>

> Hello there,
> As a reaction to the increasing demand -from enterprises- over the DDoS
> protection services, a fierce competition between vendors is about to start
> in this playground, big upfront investments started to happen in the tier
> one, tier two and tier three ISPs, IMHO this will have its aggressive
> effect on the volume of the DDoS attacks, and will eventually steer the
> mindset of the enterprises towards hosting the most critical
> applications/services in a well geographically-dispersed cloud and
> increasing the surface area using anycast then relatively decreasing the
> attack volume.
> Back to the DDoS protection, most anti-DDoS vendors are marketing their
> products as application layer attack DDoS defense, I am little bit
> confused; aren't the application firewalls" -either integrated in a "NGFW
> or a UTM"- the responsible for mitigating application layer attacks?
> Thanks,
> Ramy

More information about the NANOG mailing list