Are you using one of the many cloud-based DDoS services out there to protect your Internet-facing infrastructure? If yes, great! Clearly you are cognizant of the various volumetric attacks that your infrastructure may be exposed to and have taken necessary steps to protect against such attacks by leveraging a cloud-based DDoS service of your choice.
Here’s the bad news: Your cloud-based DDoS service isn’t protecting your Internet-facing infrastructure 100% of the time.
In a recent paper titled “Maneuvering Around Clouds: Bypassing Cloud-based Security Providers,” the authors list 9 (nine) ways in which bad guys can work around the layer of protection provided by cloud-based DDoS services. The authors report that 71.5% of domains protected by a number of well-known DDoS mitigation services are potentially exposed to attacks.
So what’s the solution?
You should consider using a solution that perfectly hides your internal network without ever exposing any IP addresses or even requiring inbound firewall ports to be open.
In short, you should consider using Soha Cloud.
Soha Cloud will ensure that 100% of your infrastructure will be hidden behind our service. No – as in zero - IP addresses are exposed at your edge and you won’t even need to enable inbound traffic access through your firewall or security groups.
If you would like to continue using a security service of choice, that’s fine too. Our service works seamlessly with CDNs and DDoS services, making your infrastructure even more secure.
Questions? Comments? Please feel free to get in touch.