Firewalls fail to stem tide of DDoS attacks, survey finds

Over-reliance on old-fashioned packet walls

Companies still rely heavily on firewalls to defend themselves against denial-of-service attacks despite the fact that this class of device is often not up to the task, a new survey by F5 Networks has found.

The survey of 1,000 medium and large organisations in 10 countries found that up to 45 percent of respondents experience such attacks on a regular basis, a mixture of application and network-layer incursions.

About half rated denial of service attacks as highly effective with 79 percent saying they still relied on firewalls to deflect them despite 42 percent finding that such devices were ineffective against conventional attacks at the network layer.

The research also found that nearly half had detected attempts to access encrypted data on networks, with 44 percent noticing attacks against DNS servers, one of the most difficult-to-defend assets.

"Whilst many organisations can view insider threats as the most difficult to defend against, the research clearly demonstrates that external threats remain a potent force, and companies need to be aware of the most effective ways to safeguard themselves," said F5's technical director, Gary Newel.

Attacks on DNS servers were a clear worry, rated as being in the top three hard to repel attacks by a third of those asked.

"IT managers are between a rock and a hard place as attacks become more sophisticated and the cost of a breach continues to rise," said Newel.

The anxiety over DDoS attacks is far from new although exactly how to defend against it, not surprisingly, divides vendors.

Some see the best solution as being better routing infrastructure because routers are the first to handle DDoS packets as they move into a network. F5 is out to push its Big-IP Application Delivery Controllers which act in effect as load-balancing application firewalls. Another option is to use multiple layers and bundle the hardware level as a service.

During the recent launch of the Technology Operations Centre for the 2012 Olympic Games in London, organisers touted an array of security measures to counter the menace of a large DDoS disrupting content distribution from the global event.