We are excited to announce the launch of Advanced DDoS Statistics, a new feature set that offers deep monitoring and analysis of DDoS attacks. Building upon our standard metrics of attack magnitude in BPS (bits per second) and PPS (packets per second,) this advanced suite introduces a range of detailed statistics, providing a more granular view of attack vectors and their characteristics. Read on to discover why Advanced DDoS Statistics matters and to see the new feature in action.
Key Features of Advanced DDoS Statistics
When it comes to security, the adage “knowledge is power” rings true: Understanding the nuances of DDoS attacks is crucial for effective mitigation. Gcore’s Advanced DDoS Statistics provides security teams with insights into network threats, facilitating a more sophisticated and effective approach to DDoS attack analysis and mitigation.
Detailed Metrics
Advanced DDoS Statistics offers four metrics: packet size analysis, geographic source analysis, top source and destination IPs, and top source and destination ports. Let’s look at what each can tell you about a DDoS attack.
Packet Size Analysis
Packet size analysis allows you to understand the distribution of attack packets with detailed insights into packet sizes and their respective percentages within the attack traffic. You can fine-tune firewall rules and filters, detect anomalies in packet size patterns to pinpoint potential zero-day attacks, and optimize your load balancing and traffic distribution settings.
Geographic Source Analysis (BPS and PPS)
Gain a clear picture of the attack’s geographic origin with statistics on the source countries in both BPS and PPS. As a result, you can easily implement geo-blocking to mitigate attacks originating from specific regions, prioritize security measures for network segments that receive higher traffic, and identify potential infrastructure vulnerabilities in certain regions.
Top Source and Destination IPs (BPS and PPS)
Identify the primary source and target IPs involved in the attack, detailed in both BPS and PPS. This data includes the volume and percentage, offering a clear view of the most highly affected and most common originating IPs.
IP analysis helps you to isolate compromised IPs in order to prevent further damage and disrupt botnets, blacklist malicious IPs at the network edge to prevent future attacks, and prioritize security patching and vulnerability assessment for systems associated with targeted IPs.
Top Source and Destination Ports (BPS and PPS)
Delve into the specifics of the ports targeted and used in the attack with data on the top source and destination ports in both BPS and PPS, including volume and percentage. Port-based analysis allows you to implement port-based filtering, harden specific ports by disabling unused services (or applying stricter access controls), and identify potential vulnerabilities in applications associated with targeted ports. By understanding attack vectors, you’re empowered to harden network defenses accordingly.
Customizable Time Scale
Advanced DDoS Statistics allows for a customizable time scale, enabling you to view data over various periods from real-time analysis to historical data examination. This flexibility lets you monitor and assess attacks as they happen, perform post-event analysis for future preparedness, track attack trends, and generate reports for compliance, incident response, and internal communication.
Conclusion
Gcore’s Advanced DDoS Statistics provides a new level of detail and insight into DDoS attacks, empowering network administrators and security professionals with the data they need to analyze, understand, and counter these threats effectively. At Gcore, we’re committed to continuously evolving our security services to ensure the highest level of network security and intelligence for our users. Upgrade your DDoS protection today and unlock the power of advanced statistics.
