Prolexic Issues Recommendations For Validating DDoS Defenses

Best practices also apply to protection services received from mitigation providers

May 15, 2013

3 Min Read


HOLLYWOOD, FL – (May 14, 2013) – Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced today that it has issued a number of recommendations that organizations can use to validate their DDoS defenses, as well as protection services they receive from mitigation providers.

"Making sure a provider can actually deliver on the level of service it promises is a critical step that many organizations overlook," said Stuart Scholly, president at Prolexic. "Mitigation failure is such a common problem that the majority of Prolexic clients came to us after the DDoS protection they had in place did not work."

Prolexic recommends that organizations work closely with their DDoS mitigation provider(s) to complete a professional, planned provisioning and service validation. The only way to be sure that DDoS protection will be effective is through proactive validation against different types of attack scenarios.

Prolexic recommends the following best practices for DDoS mitigation service testing and validation:

· With the DDoS mitigation service active, verify that all applications are performing properly.

· Verify that all routing and DNS is working.

· In partnership with your mitigation service provider, generate a few gigabits of controlled traffic to validate the alerting, activation and mitigation features of the service.

· Test small levels of traffic without scrubbing and without any DDoS protection to validate that your on-premise monitoring systems are functioning correctly. This action will also help you identify the stress points on your network.

· Conduct baseline testing and calibrate systems to remediate any network vulnerabilities.

· Schedule validation tests on a regular basis (yearly or quarterly) with your DDoS mitigation service provider to validate that the service configuration is still working correctly – and eliminate the risk of network element failures due to DDoS. If network issues arise during testing, your service provider may need to make modifications based on recent changes to your network, such as modified firewall rules, firmware updates and router reconfiguration.

"Based on the test results, Prolexic also recommends developing a mitigation playbook as part of an incident response plan," said Scholly. "This helps ensure that everyone in the organization knows what to do and what to expect if an attack strikes."

Additional DDoS service validation recommendations and guidance on how to develop a DDoS mitigation playbook can be found in Prolexic's latest white paper, "Planning for and Validating a DDoS Defense," which can be downloaded for a limited time from

About Prolexic

Prolexic is the world's largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission-critical Internet-facing infrastructures for global enterprises and government agencies within minutes. Ten of the world's largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world's first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks and protect your business, please visit, follow us on LinkedIn, Facebook, Google+ , YouTube , and @Prolexic on Twitter.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights