Adaptive DDoS Protection for AED defends against DNS water torture
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT), a leading provider of performance management, cybersecurity, and DDoS attack protection solutions, has launched Adaptive DDoS Protection for Arbor Edge Defense (AED) to protect ISPs and enterprises from DNS water torture attacks. According to the NETSCOUT DDoS Threat Intelligence Report, Domain Name System (DNS) water torture attacks increased 353% in the first six months of 2023, overwhelming Authoritative DNS server resources and bringing down critical DNS services.
RELATED: Global cyberattacks continue to rise with Africa and APAC suffering most
“DNS water torture DDoS attacks have been around since 1997, yet many organisations still struggle to efficiently identify and mitigate them,” said John Grady, principal at Enterprise Strategy Group. “These attacks send invalid requests to an Authoritative DNS server to slow it down and prevent legitimate requests from getting a response. Security teams cannot broadly block this traffic without potentially impacting valid requests due to the pervasiveness of DNS and can easily misdiagnose an attack as a performance issue. NETSCOUT’s Adaptive DDoS Protection auto-learns and adapts to changes in DNS server configuration, enabling AED to identify and mitigate these attacks.”
DNS water torture is one of many attack techniques adversaries can adopt to bring down DNS infrastructure. NETSCOUT’s Adaptive DDoS Protection for AED protects against many DDoS attack techniques at scale by:
- Auto-learning legitimate hostnames for each domain by continually analysing DNS query and response packets
- Adapting to DNS server configuration changes to prevent blocking legitimate domains and changes to attack techniques
- Intelligently blocking DNS water torture IP sources on a query-by-query basis
Adaptive DDoS Protection gives SOC teams a scalable, always-on, stateless packet processing solution that uses unmatched visibility into more than 50% of all internet traffic, real-time global DDoS attack threat intelligence, and decades of DDoS mitigation experience to automatically detect, adapt to, and mitigate dynamic DDoS attacks.
“Adaptive DDoS Protection for AED provides customers with a unique hybrid multi-layer DDoS defence architecture,” said Scott Iekel-Johnson, AVP, DDoS and Threat Intelligence at NETSCOUT. “It can learn and filter millions of legitimate hostnames and thousands of domains backed by our ATLAS® Intelligence Feed (AIF) to thwart modern-day attacks and advanced threats.”