Are you shopping for DDoS mitigation and you don’t know which questions you need to be asking? If so, this article will help.
Over the last few months, it seemed to me that DDoS Mitigation is increasing in demand and that the preferred way to purchase DDoS is through an ISP. Since we sell all major cloud and Internet service providers, I figured this was an area I could research and share with you.
So this month, I spent many working hours researching DDoS Mitigation providers, in order to create some good content for you to devour. First I scoured 
the 200+ service providers we sell, searching for which providers offer that product. There were 8.
Then, I spent time… that I can never get back… watching webinars, reading brochures, conducting conference calls with engineers and gathering pricing from salespeople.
After all of the research was completed, it seems to me that there are 8 major areas of differentiation of DDoS Mitigation service providers:
1. Whether or not the provider is an ISP
2. Whether or not the provider is ISP Agnostic
3. Scrubbing Centers
4. Proactive vs. Reactive Filtering
5. Ingestion Capacity
6. Maximum Bandwidth
7. Pricing Structure
8. SSL/Public Web Server Capability.
ISP or Not an ISP?
Is the DDoS Mitigation Provider also your ISP and if so, is it their own solution or are they reselling a 3rd party service?
If your DDoS Mitigation Provider is your ISP, the advantage is obvious: they have complete control of your IP Addresses and also your Internet pipe and can therefore, have absolute and immediate control over what enters your Internet pipe. Some ISP’s like Windstream and ViaWest are actually reselling a 3rd party provider but at least they are taking full responsibility to prevent finger pointing.
Anytime you involve a directly contracted 3rd party, finger pointing ensues. Nonetheless, not all ISP’s offer DDoS Mitigation, so you may be forced to use a 3rd party provider. Your current ISP may also have pricing or other features that make it worth using a 3rd party.
ISP Agnostic
Can your DDoS provider do mitigation on both your primary and secondary ISP?
3rd Party DDoS Mitigation providers are all (obviously) ISP agnostic and most ISP’s are obviously not. However, there are some ISP’s such as Level 3, that are also ISP agnostic, allowing them to mitigate traffic on their own Internet pipe as well as any other pipes you have from other providers (i.e. a back-up connection).
Scrubbing Centers
Are there multiple scrubbing centers for redundancy? Where is the nearest scrubbing center?
Latency to the nearest scrubbing center can dramatically affect your service yet they vary in quantity and location. For instance, some providers like AT&T and Level 3 offer both multi-domestic and multi-International scrubbing centers while others like Integra have a few nationally and none internationally.
Proactive vs. Reactive Filtering
Do you have to notify the DDoS Mitigation provider that you are under attack and ask them to start filtering or will they detect it and automatically start filtering? Integra is reactive but their service is very affordable. CenturyLink has both, but charges more for Proactive. The difference is obvious and may make a difference, depending on your company’s needs.
Ingestion Capacity
How large of an attack can your scrubbing centers handle, in terms of total cumulative capacity (i.e. all of their customers combined simultaneous attacks)? Some DDoS Mitigation providers like ServerCentral have unlimited ingestion capacity, others, such as Level 3 and ViaWest are 1TB+ and some smaller providers like Integra are only 30G. Bigger isn’t better if you have to pay for it and you don’t need it.
Maximum Bandwidth
What is the largest Internet pipe they can protect? What is the maximum amount of clean traffic they can guarantee? If you are a big company, pushing huge amounts of data with a high risk, you obviously need a good answer here. Level 3 is 3G/site, CenturyLink is 10G, while others like AT&T, Integra and ServerCentral are unlimited.
Pricing Structure
Does the DDoS Mitigation provider’s pricing structure meet your DDoS threat level?
This is a biggy. Some providers like AT&T offer you a decent size minimum monthly charge that includes 20 hours of mitigation, regardless of the number of circuits you have. Others like Integra charge a very small monthly base amount and then charge for the number of mitigations per month. Others like ViaWest, ServerCentral and Exceda charge per Mbps. of clean traffic that you need guaranteed. Then you have providers like CenturyLink who charge you per Mbps for each circuit and offer unlimited mitigation.
SSL/http:/https:
Lastly, if you have high profile Internet facing website servers, you need to ask if their service will include those. Some will not, some like AT&T and Exceda always do, while others like ServerCentral will charge you a higher price if you need it.
So those are the 8 largest categories of differentiation among DDoS Mitigation service providers. Obviously, if you get into the weeds, you’ll find more but this will at least give you a head start and then you brainiacs can take it from there.
As always, however, you IT Pro’s using this stuff every day are the real experts.
Do you currently have a DDoS Mitigation Provider in place?
Do you like their service? Why or why not? Let other IT Pro’s know by posting your reviews on AeroComInc.com.
About the Author
Mike Smith is the Founder and President of AeroCom and has been helping companies with telecom and cloud services since 1999. He has been the recipient of numerous business telecommunications industry awards and in 2011, he was honored as one of the top 40 business people in Orange County, CA., under 40 years old. Follow Mike on LinkedIn, Twitter or SpiceWorks.
Want an AeroCom expert to help you find all of the DDoS providers available for your company’s needs… for free? Click below.
Related Content
Mike Smith’s Brain Episode 26: DDoS Pricing Structures https://youtu.be/_vxj2fpK1Tg
Want to learn more about DDoS pricing structures for your business? Contact […]
How DDoS Mitigation Pricing Works I heard through the grapevine that you Sys Admins and IT Directors working for mid-size companies think […]
Mike Smith’s Brain Episode 25: DDoS Tips https://youtu.be/3vsKiB7Bq94
Want to learn more about DDoS providers for your business? Contact us and […]![DDOS [INFOGRAPHIC]](https://www.aerocominc.com/info/wp-content/uploads/2015/06/Infographic-Final-150x150.jpg)
DDOS [INFOGRAPHIC]
To learn more please visit: http://www.aerocominc.com/product/it-support/ddos-prevention/
Don’t Let Anyone Take You Down, Protect Yourself with DDoS Mitigation Did you know that as of 2014, DDoS attacks have significantly increased to an average of 28 per […]![How to Navigate Cloud VM Providers [Infographic]](https://www.aerocominc.com/info/wp-content/uploads/2016/06/VM-Cloud-Providers-Preview-Image-150x150.png)
How to Navigate Cloud VM Providers [Infographic] There are hundreds of cloud VM (a.k.a. "public cloud") solutions available to businesses. Are they all the […]