Distributed Denial-of-Service Prevention
DDoS 2016 Comparative Report: Performance

DDoS 2016 Comparative Report: Performance

Authors: Thomas Skybakmoen, Jerry Daugherty, Devon James

Implementation of distributed denial-of-service (DDoS) prevention solutions can be complex, with multiple factors affecting the overall performance of the solution. 

The following factors should be considered over the course of the useful life of the product: 

Will it be deployed in combination with external prevention methods? 
Can it provide effective mitigation of attacks without affecting legitimate traffic? 
Will the device respond to attacks autonomously, or will it require tuning for each attack? 
There is frequently a trade-off between security effectiveness and performance. Because of this trade-off, it is important to judge a product’s security effectiveness within the context of its performance, and vice versa. This ensures that new security protections do not adversely impact performance and that security shortcuts are not taken to maintain or improve performance. 

Sizing considerations are critical, as vendor performance claims (where mitigation typically is not enabled) can vary significantly from actual performance (where mitigation is enabled).

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.