keys

Key-sharing tech helps combat encrypted DDoS attacks

Agencies are starting to get Distributed Denial of Service (DDoS) attacks under control as combat attacks from bots or zombie clients. But like the hydra of legend, slay one head, and a new one pops up. The latest threat is the encrypted DDoS attack, which is detected and analyzed by examining packet headers. But packet headers require a customer’s unique secure socket layer (SSL) key to unlock.

Prolexic announced that its SSL key-sharing tools make it easier to detect and stop encrypted Layer 7 (application layer) DDoS attacks while customers maintain control of their SSL keys at all times. 

For quicker and easier DDoS analysis and detection, Prolexic developed the PLXabm SSL Hardware Security Module. Compliant with FIPS-140-2 Level 2 key management standards, this SSL module facilitates decryption of SSL traffic bi-directionally and enables automated alerting when a DDoS attack is detected.

“This enhancement to PLXabm allows our engineers to identify and isolate the source IP address, which they can use to block encrypted Layer 7 attacks,” said Stuart Scholly, president at Prolexic. “Best of all, this approach ensures that our customers can maintain control over their SSL keys at all times.”

Prolexic can also mitigate encrypted DDoS attacks using its PLXproxy service once the customer’s SSL keys and certificates are uploaded and deployed to Prolexic. 

Customers can elect to have their keys and certificates stored securely for reuse or provide temporary ones that are revoked after an encrypted DDoS attack is stopped. To aid in this process, PLXproxy SSL Manager, a secure and efficient way to upload SSL keys and certificates, can be accessed through the PLXportal, an online resource devoted to giving Prolexic customers greater visibility into their Prolexic DDoS mitigation services and activity. 

About the Author

John Breeden II is a freelance technology writer for GCN.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected