The cost of some features such as a proactive security (proactive research) approach will be a factor in your selection.
Tip No.4: Deployment options. Be sure to ask whether the service can be deployed in different ways so that you can select the deployment approach that leaves you feeling confident and comfortable. Choices include setups with everything going through the cloud, arrangements where you have to recognize an attack and then elect to divert traffic to the cloud manually, and setups where the system recognizes an attack and redirects traffic to the cloud service for you.
Service qualities to look for
Cullen offers eight tips for ranking DDoS protection cloud services based on the quality of critical service capabilities.
Quality No.1: Low latency. Test your applications on the service to see whether they offer low latency while they are running scans. “Published scrubbing capacity numbers peg F5 at 2Tb/sec, Imperva at 1.5Tb/sec, and Arbor Networks at 1.1Tb/sec. These three are usually on my short list of vendors to talk to about speed,” says Cullen.
Quality No.2: Security track record. Ask for letters of recommendation and lists of customers whom you can question. F5, Arbor Networks, and Imperva have been in this market a long time and have many letters of recommendation to demonstrate that they perform well in securing their customers, says Cullen.
Quality No.3: Remote ticketing service. Most services offer remote ticketing on your behalf. “We have had good results with vendors like F5 and Akamai for problem resolution and remote ticketing; they seem to own the problem till resolution,” says Cullen.
Quality No.4: Strong UI/dashboards for self-management. Depending on your preference most any provider could come out on top here. “I like the Imperva and F5 dashboards. Arbor Networks gets an honorable mention; it was not as intuitive for us as the others,” says Cullen.
Quality No.5: A Forensics Team. Such a team can help understand the specific challenges and appropriate resolutions on a case-by-case basis. “F5 was a standout vendor for this option with a research team that watches the hacking community for attacks and trends,” says Cullen.
Quality No.6: Logging. Complete data records of attacks culled from logs are critical to prosecuting the culprits behind breaches. This is another option that everyone has and you may end up basing your selection on your own preference.
Quality No.7. Licensing. Providers can offer licensing based on the protection options available, the amount of bandwidth you require or use, and whether you choose an onsite hardware/cloud subscription, says Cullen. Another form of licensing is access-based licensing, which applies to the means you use to access the cloud and can include all services. Akamai and F5 were the best for this last licensing option, according to Cullen.
Sign up for CIO Asia eNewsletters.