Type your search and hit enter
Firewalls fail to stem tide of DDoS attacks, survey finds

Firewalls fail to stem tide of DDoS attacks, survey finds

Over-reliance on old-fashioned packet walls

Companies still rely heavily on firewalls to defend themselves against denial-of-service attacks despite the fact that this class of device is often not up to the task, a new survey by F5 Networks has found.

The survey of 1,000 medium and large organisations in 10 countries found that up to 45 percent of respondents experience such attacks on a regular basis, a mixture of application and network-layer incursions.

About half rated denial of service attacks as highly effective with 79 percent saying they still relied on firewalls to deflect them despite 42 percent finding that such devices were ineffective against conventional attacks at the network layer.

The research also found that nearly half had detected attempts to access encrypted data on networks, with 44 percent noticing attacks against DNS servers, one of the most difficult-to-defend assets.

"Whilst many organisations can view insider threats as the most difficult to defend against, the research clearly demonstrates that external threats remain a potent force, and companies need to be aware of the most effective ways to safeguard themselves," said F5's technical director, Gary Newel.

Attacks on DNS servers were a clear worry, rated as being in the top three hard to repel attacks by a third of those asked.

"IT managers are between a rock and a hard place as attacks become more sophisticated and the cost of a breach continues to rise," said Newel.

The anxiety over DDoS attacks is far from new although exactly how to defend against it, not surprisingly, divides vendors.

Some see the best solution as being better routing infrastructure because routers are the first to handle DDoS packets as they move into a network. F5 is out to push its Big-IP Application Delivery Controllers which act in effect as load-balancing application firewalls. Another option is to use multiple layers and bundle the hardware level as a service.

During the recent launch of the Technology Operations Centre for the 2012 Olympic Games in London, organisers touted an array of security measures to counter the menace of a large DDoS disrupting content distribution from the global event.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags softwareapplicationshardware systemsF5 NetworksConfiguration / maintenance

More about F5F5 NetworksTechnology

Show Comments