DoS attacks – Over the past couple of years there has been a marked resurgence of DoS attacks, along with significant changes in the nature of the threat itself. No longer are only the largest Internet properties coming under fire. Thanks to the widespread availability of inexpensive toolkits and botnets—for DoS creation and execution, respectively—now every business, regardless of size or industry affiliation, is at risk. Detecting these attacks is also much harder than in the past, as stealthy, low-bandwidth, application-layer variants focused on exhausting backend resources have now joined the ever-familiar, high-volume attacks intended to flood your Internet pipes or knock over frontend network devices such routers, firewalls or basic ADCs.
Web-specific, app-layer attacks – The threat in this case is not new, but continues to be significant. Faced with a plethora of commonly deployed defenses operating at the network layer, hackers have logically chosen to focus their efforts at the higher layers of the computing stack to achieve more-favorable results. The outcome is a substantial percentage of attacks targeting weaknesses discovered in both widely distributed web technologies and components—such as the HTTP protocol itself, Java or popular web servers and apps—and an organization’s own custom web apps. Common threats that fall into this category include cross-site scripting, cross-site request forgery, SQL injection and buffer overflow attacks, just to name a few.
Usability threats – Degraded usability is often overlooked or discounted on the basis that it is technically more of a performance problem than a true security threat. However they are classified, though, usability issues introduced by security solutions are still a very real threat, at least as far as the business is concerned. Poor performance resulting from compute-intensive inspection routines, SSL overload, convoluted logon processes and inconsistent access capabilities can lead users to pursue insecure workarounds and prompt customer dissatisfaction and, ultimately, defection. In addition, compensating for these conditions may require organizations to purchase considerably more or higher-capacity hardware than originally planned. IT security teams, therefore, need to be mindful that security solutions themselves can become a threat if not architected to avoid or otherwise compensate for these types of usability problems.
The bottom line is that defending modern web properties requires accounting for all of these classes of threats, not just advanced malware. The risks incurred by failing to do so include greater potential for data loss or exposure, customer defection, higher total cost of ownership (TCO) and non-compliance liabilities.
Modern defenses: The role of Citrix ADC
Citrix ADC, the best ADC for building enterprise cloud networks, is also the ideal solution for defending modern web properties. Already a strategic component in thousands of enterprise datacenters and cloud provider networks, Citrix ADC delivers extensive web defense capabilities that perfectly complement advanced malware protection solutions, such as those available from FireEye and Palo Alto Networks. With Citrix ADC, enterprises obtain everything they need to ensure the availability, security, usability and agility of their web properties while successfully thwarting DoS and app-layer attacks intended to disrupt the business and exfiltrate valuable data. Moreover, all of these essential capabilities are available as a tightly integrated solution on a single, highly scalable platform. As a result, enterprises no longer need to invest in and incur the added complexity of operating multiple, standalone security products.
Keeping the lights on
Web properties that are not accessible due to outages are next to worthless, and can even cause damage to a company’s reputation. Therefore, Citrix ADC defenses for web properties start with an extensive set of capabilities for protecting against threats that can disrupt operations and render key services unavailable.