(Newswire.net — November 2, 2016) — For website owners and organizations of all sizes, the prospect of getting hit with a DDoS attack can feel like facing down a natural disaster. So it’s only fitting that DDoS protection platforms face exactly that while stress testing. Get yourself a TRex, then throw in an Avalanche and you’ve got a sure-fire way to make sure DDoS mitigation can handle everything that will be coming at it during an attack – including legitimate traffic from users who are just trying to go about their day.
Facing the firing squad
When it comes to DDoS attacks, few organizations live and breathe them the way leading mitigation provider Incapsula does. In between dealing with attacks that range from short burst flailings from booters and stressors to crafty multi-vector assaults to massive brute-force barrages for clients that range from small websites to major corporations to oft-targeted online gaming platforms, Incapsula is continuously working to provide impenetrable protection that offers no hint that anything is amiss to the rest of the internet.
But updates and improvements to a distributed denial of services protection platform can’t just go live on the internet when they’re ready. They need to be exhaustively tested in brutal real-world attack conditions. And that’s where the snow and dinosaurs come in.
From appliance to open-source
According to Incapsula, they’ve long been using the Spirent Avalanche traffic generator for simulating large and diversified flows of traffic. However, there are drawbacks: Avalanche is a stateful traffic generator, which means hardware appliances, which means pricey. These appliances also don’t have the flexibility required by a firm like Incapsula that’s rapidly adapting and changing. Avalanche and other such generators also lack the scalability necessary for simulating the gargantuan attacks Incapsula is regularly dealing with.
The solution to these issues lies in Cisco’s open source traffic generator TRex. Open source traffic generators are a new and exciting development for the DDoS protection industry. TRex is software, so no hardware appliances required, flexible so it can create all kinds of traffic patterns, and enormously scalable, able to amplify its traffic flow to simulate ICMP, UDP and TCP-SYN floods and to generate truly massive crushes of traffic that do a fine job of impersonating the huge distributed denial of service attacks that have been coming from mobile botnets lately.
TRex is also more affordable than Avalanche, costing about $10,000 compared to the Avalanche’s price tag of $100-200,000 while also boasting a higher performance capability. But just as with the real t-rex and its short little arms, TRex has a flaw.
Creating the perfect assault
What TRex lacks is its own TCP/IP stack, which means it can’t maintain connections the way Avalanche can due to its stateful status. So when simulated clean traffic from TRex has its TCP connection altered, say by a proxy server used by Incapsula to get the clean traffic through to the targeted website, the connection is lost. This renders TRex unable to simulate clean traffic alongside attack traffic.
It’s a significant issue because in order to provide leading distributed denial of service mitigation, Incapsula has to ensure all legitimate users trying to access the targeted website or other online service remain completely unaffected by the attempted attack. Without simulated clean traffic, there’s no way to test that.
The answer, it turns out, was there all along. In order to generate the necessary clean traffic, Incapsula is using Avalanche alongside TRex. Traffic from Avalanche takes the proxy server route, terminating a connection and then opening up a new one at the origin server. Together, TRex and Avalanche help Incapsula ensure it can deal with traffic of all types during a DDoS attack.
Something old, something new
If you think about it, Incapsula’s customized traffic generation system is kind of a heartwarming story about an old faithful tool teaming up with the new kid on the block to do the best possible job. Don’t you just love it when vicious beasts and deadly disasters can get together like that? For website owners and organizations around the world, it’s a beautiful thing.