DDoS attacks are growing larger and more complex every day. Today’s hackers can easily send 300GB per second of malicious traffic at a website or application. That’s simply too much for most local hardware appliances and even many cloud based security solutions. If your company depends on your website for revenue, you need a strong DDoS mitigation solution to reduce risk to your business. While many companies are their hardware appliances to the cloud and relying on a CDN or WAF to protect them, that’s not always enough. That’s where scrubbing centers can add another layer of protection.
A scrubbing center is a centralized data cleansing station where traffic to your website is analyzed and malicious traffic (SQL injection, XSS, DDoS and other known exploits) is removed. Scrubbing centers are often used by ISPs and cloud providers because they prefer to route potential malicious traffic to an out of path data cleansing station rather than keeping it in network and bogging down the legitimate traffic. With an on-demand scrubbing center, when an attack is detected, the traffic is redirected (typically using DNS or BGP) to a local scrubbing center where the traffic is analyzed (usually using deep packet inspection) and the attack traffic is filtered out while the clean traffic passes back to the network for delivery. There is also “always-on” where all traffic passes through the scrubbing center regardless whether an attack is detected. The scrubbing center is equipped to handle high volume floods of traffic at both the network and application layers, as well as low and slow attacks and other known vulnerabilities.
Cloud security providers, like Prolexic, who utilize this technology typically have multiple scrubbing centers all over the globe. This increases the scrubbing capacity and allows them to reroute traffic more quickly to a scrubbing center near the attack. The main benefits of using a scrubbing center vs a traditional hardware appliance or a cloud WAF service is increased scrubbing capacity and the ability to filter many different types of attacks, rather than just HTTP attacks. You also get the benefit of having a team of security experts monitoring the traffic 24×7.