Introduction

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks leverage stolen computing power from infected endpoints to flood target networks and web applications with malicious or spurious traffic. By consuming available network bandwidth or server resources, DoS attacks disrupt the online operations of target organizations. These attacks reduce the amount of computing resources available to legitimate end users and can cause massive economic and reputation impact.

In general, any organization that has a significant online presence - such as finance, retail, healthcare, entertainment and technology companies - are likely targets. DDoS attackers have typically focused on infrastructure (network and session) level attacks, but application-centric attacks are becoming more common.

The LoadMaster network processing engine provides protection against common infrastructure attacks. The Web Application Firewall (WAF) augments our network processing engine by preventing application-specific attacks. The LoadMaster also includes additional security controls to stop, shape, steer, secure, and manage traffic to limit the likelihood and impact of DDoS attacks. The LoadMaster should be thought of as a part of a comprehensive defense in depth strategy – providing another layer of defense against skilled and organized attackers.

Please note that DoS and DDoS are used interchangeably in this document with the main difference being scale of attack – the mitigation strategies are the same.