<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Featured Stories

Nexusguard Product
By
August 21, 2020

The Best of Both Worlds: On-Premise and in the Cloud

To safeguard their businesses from the growing diversity of DDoS attacks, organizations have begun leveraging the combination of on-site appliances for detection with cloud-based mitigation to create an interworking hybrid solution. The collaboration between Fortinet’s FortiDDoS mitigation appliances for detection with Nexusguard’s cloud-based DDoS protection service provides a unified hybrid solution to address this need.


By employing a hybrid solution, attack detection and mitigation kicks in immediately and automatically via the on-premise appliances that stop application attacks from crippling online services. When an attack surpasses the capacity of the Internet uplink, the hybrid solution activates the cloud mitigation and the traffic is diverted to the cloud, where it is scrubbed before being returned to the organization.

 

Interworking Hybrid Solution

Enabling the hybrid solution is easy and only requires a few simple steps via the Nexusguard Customer Portal. FortiDDoS on-premise appliances automatically generate alerts based on predefined attack thresholds and relays them to Cloudshield to begin mitigation services.

 

forrtinet dashboard

 

Through the Cloud Diversion App that runs on Nexusguard’s DDoS mitigation platform, the diversion process is fully automated. Pre-configuration of the Border Gateway Protocol (BGP) routing policy is carried out via the Administration Portal. When an attack exceeds the capacity of the Internet uplink, the traffic is diverted to Nexusguard’s cloud for mitigation prior to being delivered to the customer’s network via multiple Generic Routing Encapsulation (GRE) tunnels.

FortiDDoS on-premise appliances continually monitor returned clean traffic and can also mitigate application attacks locally should the need arise. Attack events and statistics generated from FortiDDoS appliances are delivered to Cloudshield for viewing on the Customer Portal Dashboard. During peacetime, the customer’s portal continues to deliver value by providing visibility into both traffic and threat data.

 

FortiDDoS Diagram (1)fortinet blog remark

With this hybrid approach, the on-premise solution significantly reduces the number of times cloud offload is engaged, thereby reducing costs while delivering a real-time and comprehensive defence. Moreover, when cloud offload is activated and underway, small attacks can still be mitigated by the on-premise solution.

 

Summary of Solution Benefits

- Low network latency

- Decrypted L7 traffic & flow data kept within customer’s premises

- Preserves investment on appliances

- Cloud offload activated only when required, hence reduced costs

- Highly efficient in mitigating small and large scale attacks

 

As DDoS attacks continue to grow in volume and sophistication, having the agility to evolve alongside the attacks and customize our anti-DDoS protection strategies to serve our clients is paramount.