Frequently Asked Questions
No. The DDoS RADAR® is based on a revolutionary non-disruptive DDoS testing technology that has ZERO impact on ongoing operations.
Yes. The DDoS RADAR® tests environments against over 100 different types of DDoS attack vectors, from layers 3, 4 & 7 (Application Layer) attacks.
Continuously & on demand.
You can generate a report of your DDoS Vulnerabilities (DDoS Mitigation Gaps) at any time from your MazeBolt Account. We called this report a Vendor Report.
The DDoS RADAR<sup>®</sup> vendor reports include a comprehensive and complete story of what took place during that particular DDoS attack simulation. For example, on a per attack simulation basis, the vendor can see:
- Duration of DDoS attack simulation
- Rate of DDoS attack simulation
- Cumulative attack simulation traffic sent
- Cumulative attack simulation traffic received
- Target response monitoring during DDoS attack simulation
- Graphical illustrations of charting during attack simulation
- Knowledge base article on attack simulation with PCAP example of attack
MazeBolt’s SOC team generates an Executive summary once a quarter.
Yes. The MazeBolt TAP UI has a wealth of information on all DDoS attack simulations.
- The DDoS RADAR<sup>®</sup> testing cycle (for each IPs address) starts with the 18 BaseLine DDoS attack vectors that each run for approximately 3-10 Mins.
- The DDoS RADAR<sup>®</sup> automatically moves on to the next IP address until the company’s entire DDoS Attack surface has been tested against the 18 BaseLine DDoS attack vectors.
Generally speaking, DDoS attacks start at a default of 10 Mbps (for Layers 3 & 4) and work their way up to a maximal bandwidth of 1Gbps, this will also take into account any SLA’s you may have with your DDoS mitigation vendor.
The DDoS RADAR<sup>®</sup> only reads meta data from the DDoS testing it performs.
No. The DDoS RADAR<sup>®</sup> does not read PII
No. The DDoS RADAR<sup>®</sup> does not decrypt traffic by default and by default it is not required to validate most environments.
We identify our attack traffic by looking for and filtering our attack traffic's source IP's only. In a default configuration we do not even capture any other traffic other than traffic originating from MazeBolt source IP's. However there is an exception to this rule, and that is for CDN based traffic, this will turn the device into a mode whereby we begin capturing all traffic, identifying the true source IP in the X-Forward-For header and then using those statistics to send out. It is important to note that we send out ONLY traffic statistics and NO PII information or any other data other that TCP related data is sent out via our secure API, our API has 2 factor authentication and communicates only with our data center.
If we have any such new feature in the future, this will first have in place a contractual agreement with the customer prior to any such feature being enabled on the device.
- Yes. We have many considerations we take into account for compliance, our Data Center is well segmented, and no unnecessary data is stored. MazeBolt is also ISO 27001 compliant and certified (Since 2013). Upon request this documentation will be provided.
- MazeBolt undertakes through 3rd party contractors pen-testing on a regular basis.
Yes. The DDoS RADAR<sup>®</sup> can test hybrid DDoS mitigation solutions by creating a separate profile for each DDoS mitigation solution.
- The user of the system will add the network to be validated by the DDoS RADAR<sup>®</sup>. These networks IPs are then automatically and continuously verified for DDoS Mitigation Gaps.
- FQDN names or specific IP’s can also be added manually to the system.
The DDoS RADAR<sup>®</sup> requires a TAP (Mirror) Port immediately downstream from your DDoS mitigation
The TAP port needs to be downstream from the DDoS mitigation
- The ongoing concurrent traffic rate.
- Seeing all traffic toward the targets planned to be validated.
Red Team DDoS Testing
A DDoS Test simulates a real DDoS attack against your website or network. The test is run with your participation to check the capabilities of your current security posture. This test will check your response teams preparedness and procedures you have in place to deal with a successful DDoS attack.
MazeBolt’s DDoS Testing has three basic stages:
- Planning & Scheduling – MazeBolt’s SOC team works with you to understand your needs and tailor the DDoS Tests accordingly (i.e. number of tests, type of tests, bandwidth, geo-distribution and more).
- Testing – MazeBolt’s SOC team runs the tests with you following in real-time via the User Interface. Your emergency button allows you to stop the tests at any time.
- Reporting – Once testing is completed MazeBolt issues a DDoS Test Report that highlights points of strengths and weakness of your DDoS attack handling with recommendations for further action.
Yes, it’s absolutely legal!
Not only do many Fortune 500 and large organizations regularly use DDoS testing, but in some countries, DDoS Testing has become a recommended regulation for validating the organization’s human response and procedural handling to DDoS attacks.
MazeBolt's DDOS testing is customized to the size and complexity of each organization’s IT network and comprises multiple tests for ongoing and iterative improvements.
Yes, you do.
Penetration testing checks the ability of an attacker to exploit your network and gain access to data. DDoS testing attempts to see how mitigation systems and response teams respond to a DDoS attack. To evaluate DDoS vulnerabilities RADAR® should be used.
Yes, we can. Provided you get approval in writing from the relevant cloud provider.