Both the network and physical (hardware) and software firewalls often prevent a lot of the flak from DDOS attacks although its often the software or scripts clients use that put a large load on the server that are then exploited by those who carry out the attacks.
Most of the time the only solution is to constantly monitor and nullroute the domain or port or offline the server in the worst case scenario if it contains important data that is more important than keeping it online, which I would imagine to be the case.
Being proactive in monitoring your clients scripts and the server loads is the only real solution other than the obvious security measures.