The British Library is a world-renowned UK government organisation that service information to businesses, researchers, and students. With a growing amount of that information being provided online, they implemented an on-premise Distributed Denial of Service (DDoS) mitigation appliance to safeguard crucial IP assets.
These assets were distributed across several data centres, each equipped with separate high-capacity internet connections. This investment in DDoS protection was substantial, yet the system’s performance in an operational setting remained unverified, especially under attack conditions.
Babble was chosen as the preferred supplier to conduct a series of 90-minute DDoS tests. Following the completion of NDAs and commercial agreements, Babble’s engineers initiated a comprehensive technical consultation phase, during which they defined several critical test parameters.
Test duration was carefully selected to ensure they could be executed within regular maintenance windows. A designation target server was set up for testing, and 3rd party service providers were informed, with key monitoring points established. A testing team was assembled, comprising of stakeholders from all critical IT infrastructure areas, and the final DDoS attack types and parameters confirmed and validated.
By conducting multiple tests, adjustments to the mitigation system could be made in between, and the enhancements in security could be quantified.
During the test, stakeholders connected to a live web conference to maintain transparent communication within the team and to monitor the DDoS attack test portal. Throughout the test, the customer had the option to trigger the emergency stop procedure at any moment, allowing them to halt the test within seconds.
The tests involved three distinct attack types and were carried out a 25%, 50%, and 105% of internet bandwidth.
Tests showed that the mitigation device coped well and successfully highlighted some scenarios where further improvement work was required within the British Library. Once improvements were carried out, a repeat test later confirmed that issues had been corrected satisfactorily.
The overall test results provided significant value to the organization, particularly in the following areas:
- Identification of potential weaknesses
- Preparation of people in the event of an attack
- Indicating improvements to the ‘Cyber Attack Run Book’