Both of CDN providers (one of them is Akamai) that offers DDoS protection service told
me they don't offer DDoS drills where we simulate an attack situation & started calling
out relevant parties.
Unless the contact persons in the two CDNs / ISPs gave me the wrong info, I believe
they don't offer such a service.
However, our audit pointed out that if such a regular drills are not being practiced
(say yearly), in the event of such attacks, the escalation & callouts will go haywire,
just like DR (Disaster Recovery) drills. Audit told me this is regulatory requirement
My view is DR is a much more complex situation as during disasters, it's chaotic
& involves massive manpower redeployment. Besides both CDN/ISPs has a call
tree documented.
I'm inclined to believe it's not the industry practice to do such DDoS drills as both
CDN providers don't offer them or am I mistaken? Wud like to know how other
people out there practice it esp in financial/banking, healthcare & stock exchanges
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.