|reply to borntochill |
Re: DDOS Attacks - Is Any VoIPP More Immune ?
You raise good points.
My understanding is that the costs are even higher than you considered.
But here are some problems that I see:
1) How well can these DDoS mitigation services actually prevent the super-massive attacks?
By all accounts, MANY providers have been fending off these attacks on a constant basis.
When it comes to the super-massive attack (imagine Charlie Sheen's reaction if you rear-end his car) it may be that these DDoS mitigation services add little or nothing.
2) If a VoIPP publicizes that it is using a DDoS mitigation service, it becomes more of a target.
3) If a VoIPP keeps it confidential to avoid becoming more of a target and to enhance the safety of their security program, then customers won't know to preferentially choose them. And the VoIPP will suffer as competitors will charge less.
These problems can be surmounted, I am just saying that it is difficult.
I bet that in upcoming months some providers may offer more options of service, security, and support levels. It's a natural evolution.
Those are all good points and good questions, ones unlikely to occupy much mental space for most residential VoIP end-users looking for a dial tone on the cheep (or for free). However, they preoccupy those of us who must put out fires for others when things go south. I have a colleague in a fortune 500 enterprise who I think has been directly involved in DDoS preparedness and I'll bend his ear next time I see him.
In this forum there are frequent posts touting the importance of DNS SRV bypass in choosing a VSP and I do not doubt its value. However, I've set up the majority of my clients on a VSP without it and in the year-and-a-half with that outfit, there's been under a handful of hours of reported issues with the server they're on, more importantly, zero perceived outages from my clients' perspective. Conversely, I put one client on CallCentric because of their stellar reputation for uptime and DNS SRV bypass support, and then ironically experience this multi-day outage. I intend no criticism of CallCentric in mentioning this. The same attack could just as easily happen to any of their competitors, and already has to a few.
What I'm saying is that the spate of sophisticated DDoS attacks against VSPs and their serious impact on end users leave me more inclined to prioritize DDoS protection than, say, DNS SRV. I acknowledge the dilemmas you mention about how, and how much, information providers should share about DDos defenses, but we need some ability to evaluate the relative investment in DDoS preparedness among VSPs all the same.