Akamai Diversity

The Akamai Blog

How to evaluate a DDoS mitigation solution

How fast could your IT team stop a DDoS attack? IDG Research found that it takes an average of 10 hours before a company can even begin to resolve an attack. On average, an attack isn't detected until 4.5 hours after its commencement and typically an additional 4.9 hours passes before mitigation can commence. With outage costs averaging $100,000 per hour, it means that a DDoS attack can cost an Internet-reliant company $1 million before the company even starts to mitigate the attack.

Today's online businesses must have mitigation protection in place or risk severe financial loss, damage to brand reputation, as well as the loss of customer and investor confidence. Akamai cautions, however, that cyber-attack mitigation solutions are not one-size-fits-all. Like any web security solution, a mitigation solution must fit your business requirements, as well as protect your IT infrastructure. Chapter 4 in Akamai's free eBook "Threats and Mitigations: A Guide to Multi-Layered Web Security" discusses some of the key questions you should ask before adopting a mitigation solution. For example:

  • Does the solution absorb all attack traffic?
  • Is the solution always on?
  • Does the solution deliver scalable bandwidth to handle the volume of the attack?
  • Does it stop attacks before they reach your data center?
  • What is the total cost of ownership?

These are just a few of the tough questions you should ask your mitigation provider, and our eBook will give you some guidelines as to why you should ask these questions and what kind of answers you want to hear. We've also included guidance from OVUM industry analysts in regard to 10 enterprise criteria for evaluating a DDoS mitigation provider. The bottom line: when it comes to building a strong DDoS mitigation defense you can't rush into the first solution that is returned by a search engine.

Download our free eBook, "Threats and Mitigations: A Guide to Multi-Layered Web Security," and learn how to make the best decisions on web security.