Introduction

Distributed Denial of Service (DDoS) attacks can significantly disrupt a company's online operations. To combat these threats, there are various techniques employed to protect network resources. Two of the common methods used are null-routing and active DDoS mitigation. This article aims to explain the differences between these two approaches.

Null-Routing

Definition:

Null-routing is a method where traffic destined for a specific IP address is discarded or "dropped" at the network's edge. This action effectively makes the targeted IP address unreachable.

Pros:

• Simplicity: It’s a straightforward method and can be quickly deployed.
• Cost-effective: It doesn’t require specialized hardware or services.

Cons:

• Indiscriminate: All traffic to the targeted IP, both legitimate and malicious, is dropped.
• Service disruption: The targeted IP address or service becomes completely inaccessible.

Active DDoS Mitigation

Definition:

Active DDoS mitigation refers to a set of technologies and techniques that dynamically identify and counteract DDoS attacks. It differentiates between legitimate traffic and malicious traffic, and only blocks or mitigates the latter.

Pros:

• Precision: Only malicious traffic is blocked, allowing legitimate users to access the service.
• Flexibility: Can adapt to different types and scales of DDoS attacks.
• Comprehensive: Utilizes a variety of methods, from traffic shaping to rate limiting, to combat attacks.

Cons:

• Complexity: Requires sophisticated systems and expertise for deployment and management.
• Cost: May involve significant investments in specialized hardware, software, and ongoing maintenance.

Company's Current Position:

At EZSCALE Hosting, we currently utilize the null-routing method to manage DDoS threats. This is a proven strategy that serves as an initial layer of defense against these types of attacks. However, we understand that as the cyber threat landscape evolves, the needs of our customers change as well.

Future Offerings:

Given the potential advantages of active DDoS mitigation, we are actively considering offering this service to our clients in the future. Please note that if introduced, this service may come at an additional cost due to the complexities and resources involved. We are dedicated to providing our clients with the best security options available and will keep you informed of any changes to our service offerings.

We hope this article provides clarity on the differences between null-routing and active DDoS mitigation. Should you have further questions or require assistance, please reach out to our support team.