A growing number of organisations are turning to telecommunications service providers to provide early-intervention defences against a climate in which distributed denial of service (DDoS) attacks are rapidly growing in size and severity, according to executives of DDoS mitigation specialist Arbor Networks.
To bolster its profile within large service-provider environments, Arbor recently clinched a deal with Cisco Systems that will see Arbor's anti-DDoS technology integrated into Cisco's ASR-9000 (Aggregation Services Router) to provide a defence environment that can detect and block DDoS activity on trunk lines running at tens of gigabits per second.
By being built onto an interface card, the Arbor Networks technology can be added to the modular ASR-9000 – hugely popular amongst providers of Metro Ethernet networks pushing masses of video and other high-bandwidth applications over high-speed networks.
This capability will, Arbor APAC vice president Jeff Buhl told CSO Australia, allow service providers to cater for the growing base of customers that see DDoS attacks as “one of those issues that they just want to go away.”
“DDoS is very complicated to fight if you're trying to solve it with bubble gum and duct tape,” he continued, “but when you have a solution that is very good at doing this – and it's part of the core infrastructure platform that you have selected – it makes life easier. It takes away a very complicated issue for customers, and something that could have a serious impact on your business.”
DDoS attacks saw a resurgence in the last quarter of 2014 after a period of relative stability, according to recent figures from Akamai. Just this week, what was termed an “extremely large” DDoS attack on code-hosting site GitHub ran across several days as the organisation scrambled to avoid prolonged downtime.
Another recent survey found that DDoS attacks were the top security fear amongst businesses, who fear that outages and inconsistent delivery will taint customers' perceptions of the organisation.
Forrester Research recently flagged a growing role for service providers in fighting DDoS attacks – not the least because, with DDoS attacks getting worse, a robust defence will help customers defend increasingly centralised information resources being driven that way by the confluence onto cloud computing and big-data storage.
“Data centre consolidation is a reality we are all living with,” said director of strategic alliances Chris Stewart, who noted that the Arbor-ASR 9000 combination also ties into evolving security incident and event management (SIEM) platforms from the likes of IBM and HP.
“Things are changing and in a positive way,” Stewart said, noting that the Arbor technology can scale to 20, 40, 80 or more Gbps of DDoS protection depending on customer requirements.
“Because we have the ability to relay information to those engines to correlate the attacks, it makes it easier to push this capability out past the edge of the network. This will make service providers' jobs easier, and [scalability] is only really limited to the number of slots that they have.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.
- DDoS top security fear as businesses weigh reputational damage risk
- DDoS volumes plateau as hackers try new attack vectors: Akamai
- Security Watch: Akamai adds new web application and DDoS protection
- Cloud-hungry businesses need data centre security – even outside of the data centre
- Attackers clobber Telegram messaging app in Australia, APAC