i experienced DDOS attack before 9monts ago.When it happen i only studied about the attack,but first time i experienced it.Thankyou to WAF team for monitoring 24/7 of our critical servers.So many scripts are running at a time and getting servers slow.
When i saw this attack, then we proactively detached our Network Devices and Servers started analyes all measure data from different source through WAF tool. We scrutinized the Firewall policy and investigate the traffic using WAF Firewall. We investigate all our servers and also monitored the traffic in the WAF firewall. We informed the indusfaceteam and also submitted the programmed report forther action.
Afterwards indusface discussed with management and started taking anticipatory steps for reinstate of attacked system along with carry all before one.. The WAF team was given access to find the security inadequacy and check Incident readiness . VA-PT team worked for the resolution.
At the end situation was under control with lot of escalations and reports publication.
I will suggest , IT security is a proactive job rather than reactive Job. SO take the necessary proactive steps and place the process, tool and technology before any incident happens in critical environment.