Home / Blogs

Identify DDoS Attacks with External Performance Monitoring (Part 2 of 3)

Donald Lee

In Part One of this series, we examined internal server, network and infrastructure monitoring applications. Now let's take a look at another way to capture DDoS information: external performance monitoring.

Option #2 – External Performance Monitoring Solutions in the Cloud

A second approach IT administrators can use to assess a potential DDoS attack is to use an external performance monitoring solution. Unlike network/infrastructure tools — which are usually installed inside a customer's network — external performance monitoring solutions are typically provided by a third party and leverage monitoring locations from around the world.

External monitoring tools can encompass several elements:

  1. Virtual browsers to check for basic Website / application uptime and performance
  2. Real browsers to check for Website / application performance, errors and service degradation
  3. Network services such as DNS, FTP and email, among others

From a DDoS perspective, an external third-party monitoring solution makes sense. The purpose of this type of solution is to constantly monitor a Website, service or application and notify the user of downtime, slow responses or other issues. All of these are potential indicators of a DDoS attack.

That said, although a third party external monitoring solution can work at capturing DDoS attacks, these solutions are not foolproof. An external solution can tell an IT administrator that performance is degrading or has failed, but it cannot determine the reason. As I mentioned in our previous post, abnormal response times and downtime do not always indicate a denial of service condition.

Originally, the goal of third-party monitoring was to ensure that ISPs, hosting companies and servers were functioning as designed. Slow response times and outages could indicate a provider or server being down.

As mentioned in part one of this series, it is important to carefully analyze any data from a third-party before enabling your DDoS protection service.

Companies that do not host their own websites and use third parties like Amazon EC2 would benefit the most from third-party monitoring solutions.

Stay tuned for the next segment in our three-part series where we discuss Netflow/Peakflow monitoring and on-premise equipment.

By Donald Lee, Technical Sales Engineer at Neustar

Related topics: Cloud Computing, DDoS, Security

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum

Encrypting Inbound and Outbound Email Connections with PowerMTA

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

What Holds Firms Back from Choosing Cloud-Based External DNS?

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Dyn Evolves Internet Performance Space with Launch of Internet Intelligence

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Sponsored Topics

Port25

Email

Sponsored by
Port25
Afilias

DNS Security

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services