I heard about a new type of service that's available -- cloud-based DDoS mitigation. When should I consider utilizing
cloud-based services such as this in my enterprise? Are there benefits of employing cloud-based vs. in-house services?
Ask the expert
Have questions about network security for our experts? Send them via email today! (All questions are anonymous.)
If cloud-based distributed denial-of-service (DDoS) attack protection is within your organization's budget, I definitely suggest leveraging it. The benefits of these services far outweigh the costs of purchasing and maintaining a traditional DDoS-prevention device that resides on your local network, especially if you are a small to medium-sized business (SMB). Oftentimes it is more economically feasible to outsource DDoS protection rather than hire the personnel and purchase the infrastructure. I liken this to the Web hosting paradigm that has been made popular by GoDaddy and other such companies -- rarely will you see SMBs hosting their own websites. I'm quite certain that this paradigm will hold true for many security services in the future -- not the least of which will be DDoS mitigation.
As to your second question, there really isn't much of a benefit to performing this function in-house over adopting a cloud service. While some might argue that they prefer to own the entire DDoS mitigation process due to either their high likelihood of facing a DDoS attack or simply their desire for control, others may argue that they simply do not have the budget to outsource services such as this. Different businesses may deem certain aspects of their budget better spent elsewhere. One thing that I would keep in mind, however, is that as the cloud-based security paradigm matures, the different packages offered by cloud-based vendors will likely become significantly cheaper, not to mention that vendor lock-in risk is greatly reduced; it's far easier to transition from one service to another than it is to buy and implement a brand new device.
Dig deeper on Denial of Service (DoS) Attack Prevention
Related Q&A from Brad Casey, Contributor
Can Project Sonar, an Internet-scanning project, benefit enterprise network security? Expert Brad Casey discusses.continue reading
Does your enterprise track eliminated firewall rules? It's one of the change management best practices suggested by expert Brad Casey.continue reading
The Department of Defense is using a converged network security architecture to simplify security management. Learn about the security benefits.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.