Customers Log-InTrue size of a DDoS attack?
So your provider calls and tells you “You’re receiving a 10 Gbps DDoS attack, we’re going to have to null route your IP until it passes.” Really?! Maybe they told you that you could upgrade to a protection plan to stop this attack. It might cost you €20.00, €1000.00, or maybe even €20,000.
Stop and ask your self: “Is this legitimate?” Every day Engine Networks receives e-mails from customers stating that they’re under a 10 Gbps or 20 Gbps DDoS attack. Once we even had someone swear they had 50 – 100 Gbps attacks. Where are our customers getting this information? If we were gambling men (and women) I would say they’re either making it up or someone else put it into their heads. Perhaps a competitor told them this to beat the heat of having to explain that they’re not a protected provider or that the protection they offer is inadequate.
So what is the true size of a DDoS attack and the cost of protecting against it? Here at Engine Networks only a few hundred euros will be enough to stop a 1 Gbps or 500,000 packet per second attack (compare to €1500 to €11,000 elsewhere). This is where a typical sales conversation may spin into, “Only 1 Gbps? I need more, my provider says i’m receiving 10 Gbps.” In the real world attacks of this size cost five to six figures to mitigate and generally cause severe disruptions across the internet that would have the global network engineering communities up in arms and at the ready. People on NANOG would be talking about it.
“Respectfully sir, I don’t believe you are,” we may reply. Why? It has been our experience in the past six years of focusing on DDoS protection that relatively few attacks burst past 1 Gbps. A typical attack against 99% of web sites might top out at 200 – 300 Mbps. Once in a blue moon a customer will make enemies with some seriously dangerous persons resulting in a 1 – 3 Gbps attack. We even had a potential customer just the other day claim one of our competitors was stopping these phantom 10 – 20 Gbps attacks on a routine basis at €250.00 per month. I wish they were, I really do that way I could just buy service from them and resell it instead of investing thousands into our own infrastructure and human capital.
At the end of the day if a provider tries to tell you that you need more than a couple Gbps of protection or that they’re going to sell you 10 – 20 Gbps of protection at something less than four to six figures then we will leave you with this: You’re probably the victim of a scam.
