NetScout : Is Your VPN Gateway Vulnerable to DDoS Attacks?

NETSCOUT

March 23rd, 2021

RSS Feed

It's already difficult to remember when working from home wasn't the practice for many workers. As this new reality set in, businesses of all stripes had to increasingly rely on their network connectivity to continue business-as-usual activities. According to a McKinsey survey conducted in June 2020, '85 percent of respondents indicated that their businesses have somewhat or greatly accelerated the implementation of technologies that digitally enable employee interaction and collaboration, such as videoconferencing and filesharing.'

For most businesses, a secure virtual private network (VPN) connections have been a lifeline for remote workers. However, cyber attackers increasingly have targeted VPN gateways with distributed denial-of-service (DDoS) attacks that threaten to disrupt or even shut down these vital connectivity points, effectively denying employees access to key business applications.

VPN gateways are a crucial link for business performance, which makes them a ripe target. Taking steps to protect these gateways is prudent.

Better Safe Than Sorry

Cybersecurity experts at NETSCOUT recommend that organizations take the following measures to better defend vulnerable access points from cyber attackers:

• Make the most of built-in protection. Most software-as-a-service (SaaS) providers utilize DDoS protection to maintain the availability of their services. For this reason, it makes sense to use SaaS-based services for everyday business applications, content sharing, collaboration, and communications, because these connections are already well protected.
• Double check that you are using the Best Current Practices (BCPs). Implementing BCPs for network infrastructure, servers, and services such as DNS is key to building in attack resilience. For starters, make sure you've deployed intelligent DDoS mitigation systems to protect all public-facing servers, services, applications, data, and support infrastructure such as remote access technology against DDoS attacks.
• Use dedicated internet transit links for VPNs. Using links not associated with components such as DNS servers and public-facing websites can cut down on the likelihood that events such as DDoS attacks will prevent remote security operational IT from responding when their skills are needed the most.
• Use remote-access integration. Make sure that remote-access mechanisms are integrated with the organization's authentication, authorization, and accounting systems, and require the use of multi-factor authentication (MFA) technologies for user access.
• Get smart about DNS naming. Many attackers do their homework before launching targeted DDoS attacks, so don't make their jobs easier by doing something like using the string 'vpn' in DNS resource records for VPN concentrators. Instead, choose a DNS naming convention that provides useful information to operational personnel while keeping attackers in the dark about key functional areas.

Building DDoS protective measures into your security plans from the outset can go a long way toward minimizing exposure of vital VPN gateways and ensuring your network performance.

Learn how to mitigate and reduce the risk of DDoS attacks