The Bots Shall Not Pass: Reviewing Different Types of DDoS Protection Solutions

DDoS attacks come in different shapes and sizes, but they all have a common denominator: they consist of junk traffic, typically involving hundreds of thousands of infected internet-connected devices (called bots), summoned by cyber criminals to bombard a target server, network or service.

The purpose of a DDoS attack is to overwhelm the available resources of the operating system and block legitimate users from accessing it.

While in the past DDoS attacks have focused on sending high volume traffic to flood a network, modern DDoS attacks usually take form of short, sub saturating vector domains, orchestrated to take down localized network infrastructures and servers.

This shift in DDoS attack strategy can be explained by the fact that cyber criminals find executing small scale attacks much easier than large scale attacks.

Small and medium-sized businesses often don’t have the required defence systems in place that can stop DDoS attacks, and so they become the easy and obvious target. In the last two years, more than 50% of DDoS attacks have been conducted against small and medium sized businesses.

Naturally, companies worldwide are concerned by this rising trend, and have started seeking DDoS protection solutions to avoid becoming the next victim of a botnet attack.

There are currently three solutions available that organizations can rely on:

  1. On-premise DDoS defence system
  2. Managed DDoS defence system
  • Hybrid DDoS defence system

An on-premise DDoS defence system, as the name indicates, is a purpose-built DDoS defence system that is deployed at the premises of a company. It might be designed by an outsourced development team or by an in-house team, and is managed and monitored by the company’s own employees. The on-premise DDoS defence system provides protection in real-time.

A managed DDoS defence system is basically an SAAS solution, where a security service provider remotely monitors a company’s traffic in real time. As soon as suspicious traffic hits, the service provider diverts the traffic to their own little cloud, protecting the company’s network from getting overwhelmed.


A hybrid DDoS defence system is a combination of on-premise and cloud-based DDoS solutions. In a typical hybrid DDoS setup, the on-premise application mitigates smaller attacks, while the cloud-based component is responsible for stopping large scale attacks. It must be mentioned here that the cloud-based protection is activated only when prompted by the company and does not provide protection in real time.

Are you a small business owner? What solution do you use to protect your business from potential DDoS attacks?

About Lean Security

Lean Security is a dedicated managed security and IT solutions provider. The company specializes in penetration testing, managed DDoS protection, managed secure cloud hosting, PCI DSS compliance consulting, IT security assessment and other internet-related services. To learn more about the company, call +61 (2) 8078 6952 or email at

Facebook Comments