NSFOCUS Zero-Trust Anti-DDoS Solution Enhances Protection Capability against C&C and Bot Attacks

NSFOCUS Zero-Trust Anti-DDoS Solution Enhances Protection Capability against C&C and Bot Attacks

fevereiro 2, 2023 | NSFOCUS

Santa Clara, Calif. February 02, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been selected in Forrester’s recently published report, The Forrester Tech Tide™: Zero Trust Threat Prevention, Q4 2022 for its NSFOCUS Anti-DDoS System (ADS). The report presents an in-depth analysis of technology maturity and business value of 14 Anti-DDoS vendors, which can serve as a reference for customers to choose professional security products.

With the application of 5G networks and IoT technologies, the number of endpoint devices connected to the network is increasing exponentially. This also means an opportunity for hackers to make endpoint devices become bots. As a result, it is found that attack events occur more frequently and the attack traffic volume is increasing remarkably because hackers control large numbers of bots to launch brute-force attacks, DDoS attacks, and malicious scanning. Here are some examples:

  • Amazon AWS was hit by the biggest DDoS attack in history in February 2020 with a peak traffic volume of 2.3 Tbps, exceeding the peak record of 1.7 Tbps in March 2018.
  • Since February 2022, the Russia-Ukraine war has been aggravated and cyberspace has also become a new battlefield. DDoS attacks have led to critical infrastructure system failures and network system crashes, seriously affecting social communities.
  • July 2022 saw a series of targeted DDoS attacks against Brazil’s government websites, network operators, educational institutions, and news portals during Brazil’s presidential election.
  • In September 2022, Sheep a Sheep, a popular mobile game, became a frequent target of DDoS and C&C attacks. The attack booted thousands of players offline, seriously affecting customer experience and causing customer loss.

Frequent large-scale DDoS attacks not only do harm to customers’ business operations and cause financial loss, but also damage systems, putting them at risk of other attacks such as ransomware and data breaches.

DDoS attacks are very destructive. There are three common types of DDoS attacks:

  • Bandwidth consumption attacks

Attackers use packet transmitters or attack tools to construct volumetric attacks that consume bandwidth and overload routes, negatively affecting network connection. Common attacks of this type are SYN flood, UDP flood, and ACK flood.

  • Resources consumption attacks

Attackers control zombie hosts to send requests for the target service or application and simulate client behaviors that consume host resources, thus slowing down or overloading the server. Common attacks of this type are HTTP GET flood and DNS flood.

  • Application attacks

By taking the characteristics of the target service into consideration, attackers send a large number of requests and utilize the service logic flaw to degrade the server performance, thus making the server unable to respond to requests. For example, attackers add excessive items to the online shopping cart to cause traffic anomaly.

All these attacks are related to bad bots. How to defend against different types of DDoS attacks and DDoS attack variants is a hard nut for many businesses.

Built on over 20 years of Anti-DDoS expertise, NSFOCUS has developed a creative zero-trust DDoS protection solution based on its proprietary zero-trust security defense system. The solution can greatly improve protection against C&C attacks and bots.

In NSFOCUS’s zero-trust DDoS protection solution, clients are authorized to send security environment information to the controller. After identification verification, the controller returns a secure application list, which can avoid exposing the server to the Internet and effectively protect against layer 4 to layer 7 DDoS attacks. In addition, the solution can analyze user behaviors in real-time, monitor the status of devices, and continuously ensure that trusted access users are given the least privilege, thus protecting the server in an all-around way.

Compared with traditional Anti-DDoS solutions, NSFOCUS’s zero-trust Anti-DDoS solution features a powerful DDoS attack traffic scrubbing capability and can continuously monitor traffic based on trusted authentication and filter out attack traffic. By collaborating with the traffic scrubbing device, this solution can automatically tune protection policies and block attack traffic precisely, offering simplified and intelligent protection capabilities to customers.


NSFOCUS, Inc., a network and cyber security leader, protects telecommunications, Internet service providers, hosting providers and enterprises from advanced cyberattacks. NSFOCUS’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against ever-evolving cyberattacks.