Technology tends to use a lot of words interchangeably, as if even subtle differences in meaning aren’t relevant. But in some cases, the difference between using one word or another is actually pretty profound. Like the difference between defending and protecting.
While essentially these two are synonyms, consider that defense is usually more reactive; it implies that you’re being attacked and defending yourself (or others). On the other hand, protecting invokes a more proactive system; one that’s “out there, somewhere.”
defense : the action of defending from or resisting attack
Defense implies that something is already happening. Our action is reactive rather than proactive. In too many instances this means the attacker is inside our perimeter.
protection : the state of being kept from harm, loss, etc. : the state of being protected
Protection implies a more proactive approach, that we’ve taken steps to provide for protection already. We aren’t actively being attacked, we’re just preparing for it.
Now perhaps I’m being pedantic (it wouldn’t be the first time) but such subtle differences are important when you start applying them to your applications (and thus the data they have access to). The reality is that because of the way attackers are ramping up multi-vector attacks, you need to both protect and defend applications. Volumetric attacks are designed to saturate resources. Your network, your routers, your firewalls. App specific attacks go after your app resources, overloading servers (because they only have so much memory and I/O and disk capacity) in order to bring the business to a screeching halt. Productivity suffers when corporate users are unable to access the increasingly cloudified business apps they need to do their jobs, and profits suffer when consumer customers can’t browse and buy and generally do business with you because of unresponsive or unavailable applications.
That’s why it’s called a denial of service attack. It denies service to internal and external users by saturating networks and overwhelming servers. Really, they should be called a denial of business attack because that’s ultimately what these increasingly large attacks are doing.
And you’ve got defenses in place; you’ve got an on-premise firewall along with several other security-related services. I know you do, our State of Application Delivery reports tell us security services dominate the 10 or more app services most organizations deploy to deliver apps. But those are defensive; the attack is already at the gates, as it were, where bandwidth is limited and the business’ digital resources are going to be quickly consumed. On-premise protections in the face of a massive, multi-vector attack is the equivalent of fixing bayonets when the attackers breach your lines.
Cloud-based protection, on the other hand, has far more bandwidth and resources in general available with which to fend off attackers. It keeps them out there, away from all the apps and data tucked neatly on-premise and unable to saturate your network connection faster than a rain storm in the Mohave desert.
There’s a reason we call it DDoS protection and not DDoS defense. Because cloud-based DDoS protection is about preventing business disruption by keeping the vandals off the lawn in the first place. It’s about intercepting the bad guys at the end of the street and holding them off, well away from the business’ crown jewels: its apps and data.
Given the state of the Internet and security these days, no one would seriously suggest abandoning defense in favor of protection. Neither should they suggest conversely. Given the serious consequences of a breach, or disruption of service, on the business (and the brand, by the way), it’s better to both protect and defend those assets and resources critical to modern business continuity. Because it’s not just disasters that interrupt business anymore.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...