The Reality of Internal Denial of Service
Internal Denial of Service
It’s a term we don’t often hear. An internal denial of service is simply something on the internal LAN that floods the network with traffic causing a loss of connectivity and it happens more than you think.
Sometimes internal denial of service happens by accident as was the case for a client of Axiom’s earlier this year. A switch had gone bad and was multicasting traffic across the LAN to the point that it brought the company’s phones down. Although the phones had their own VLAN, the faulty switch flooded all VLANs making all applications and phones useless.
Imagine a multi-lane interstate. Normal traffic is organized and manageable. When internal denial of service occurs, flooded traffic takes over all lanes and clogs the highway to the point that no one moves. It’s gridlock. In this example, the customer’s internal applications like Email, CRM and ERP were down, the phones were down and their customers from outside could no longer reach the locally hosted web app. It was a nightmare. Everything was down.
Flash forward to this month. We consulted with a private high school. A couple of students decided they didn’t want to take part in exams so they started an application on a workstation that flooded the network with traffic. In this example, the flood again caused the LAN to be saturated with traffic and the online test came to a halt. The students were identified and removed from the school, but the downtime was significant.
This last example is more common. A client had an internal denial of service at the same time that they were being attacked from the outside. Forensic analysis found that an employee’s computer was infected with a malware that remained dormant for months. At some point before an external distributed denial service, an employee clicked a suspicious link and unknowingly became infected with a malware that would later launch the internal denial of service. This act was coordinated by the external group to coincide and took the business out of commission for nearly a week.
The FBI recently stated that 90% of companies would be susceptible to similar malware. (http://read.bi/1vZbFAr) Axiom has found that just as in the case of UK based Internet Service Provider Talk-Talk, DDoS is a precursor to a breach in a large number of cases.
What’s the solution? Axiom has developed next generation denial of service mitigation appliances that stop the internal and external threats of denial of service. By inspecting every packet on the LAN or WAN, our Sentinel is able to respond within 10 milliseconds of an attack. Sentinel will isolate and absorb that traffic so that it cannot affect the rest of your network. Sentinel can mitigate up to 100GB of traffic in a single 1U appliance and can inspect more than 120 million packets per second.
Axiom is on a mission to stop denial of service attacks. Internal, External, Distributed… We have the solution. With the availability of our next generation, multi-core processors and proprietary algorithms we can make DDoS a thing of the past.
Contact us today for a personalized solution discussion regarding your unique use case. Give us a call at 1-800-519-5070
