Its not widely that DDOS attacks also cause damage from state exhaustion in devices. A recent study why Netscout surprised me that many engineers are aware of overload bandwidth or routing devices but give less considerations to state exhaustion in application aware devices.
Firewalls, IPS and reverse proxies are subject to overload failure when the internal state is exceeded. This includes server side caches (Varnish, memcache etc) and all this elements should be part of your DDOS strategy.
Roland Dobbins talks about the nature of these attacks and how to implement stateful protection while using stateless DDOS technology.
Netscout has more information on the topics covered in this tech byte podcast at the following links:
The Protect Firewall service – www.netscout.com/ProtectFirewall
Solution description on Protect Firewall – https://www.netscout.com/solutions/omnis-smart-edge-protection/protect-firewalls
Situational awareness comes from threat analysis and insights. Netscout Horizon provides data and insights into the threat landscape. – https://www.netscout.com/horizon
Netscout Atlas security and response team – keeping you up to date and finding the bad things – https://www.netscout.com/asert