In Part One of this series, we examined internal server, network and infrastructure monitoring applications. Now let's take a look at another way to capture DDoS information: external performance monitoring.
Option #2 – External Performance Monitoring Solutions in the Cloud
A second approach IT administrators can use to assess a potential DDoS attack is to use an external performance monitoring solution. Unlike network/infrastructure tools — which are usually installed inside a customer's network — external performance monitoring solutions are typically provided by a third party and leverage monitoring locations from around the world.
External monitoring tools can encompass several elements:
From a DDoS perspective, an external third-party monitoring solution makes sense. The purpose of this type of solution is to constantly monitor a Website, service or application and notify the user of downtime, slow responses or other issues. All of these are potential indicators of a DDoS attack.
That said, although a third party external monitoring solution can work at capturing DDoS attacks, these solutions are not foolproof. An external solution can tell an IT administrator that performance is degrading or has failed, but it cannot determine the reason. As I mentioned in our previous post, abnormal response times and downtime do not always indicate a denial of service condition.
Originally, the goal of third-party monitoring was to ensure that ISPs, hosting companies and servers were functioning as designed. Slow response times and outages could indicate a provider or server being down.
As mentioned in part one of this series, it is important to carefully analyze any data from a third-party before enabling your DDoS protection service.
Companies that do not host their own websites and use third parties like Amazon EC2 would benefit the most from third-party monitoring solutions.
Stay tuned for the next segment in our three-part series where we discuss Netflow/Peakflow monitoring and on-premise equipment.
By Donald Lee, Technical Sales Engineer at Neustar
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DNS Services
Neustar DDoS Protection