Can anyone provide me with the best network configuration/tools/services to prevent DOS (Denial of service) attacks.
Take for example the following scenario for a website.
• Website with thousands of hits per day.
• Traffic routed to CDN.
• Firewall between CDN and hosting company
• Website hosted by a public hosting company
• Web servers in a DMZ
1. What sort of network design/configuration is recommended to reduce DOS attacks
2. What DOS service/software/hardware is recommended?
3. Can you guide me to some documentation on this?
Please shed some details on the above.