By Carl W. Herberger, Vice President Security Solutions, Radware solutions

Managing the security of critical information has proven a challenge for businesses and organizations of all sizes. Even companies that invest in the latest security infrastructure and tools soon discover that these technology-based “solutions” are short-lived. From antivirus software to firewalls and intrusion detection and prevention systems, these solutions are, in fact, merely the most effective strategies at the time of implementation. In other words, as soon as businesses build or strengthen a protective barrier, the “bad guys” find another way to get in. Attackers are constantly changing their tactics and strategies to make their attacks and scams as damaging as possible. The good news is that it appears that attacks and subsequent defenses are breaking down in categories which can be measured systematically. The following areas are of a particular concern as we look towards 2012 planning for attacks:

1. Real-Time Protection Against Volumetric Attacks: According to Wikipedia, volumetric attacks are defined as the following, “Attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. Such attacks usually lead to a server overload. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.” 2011 has seen a dramatic rise in the growth of these attack types and even more ominous is the procurement of more capable ‘weapon systems’ or new application-based tools from which attacks can be launched. The following is a list to consider when making certain you are covering your basis in this category:



a. TCP SYN floods

b. TCP SYN+ACK floods