The theme for DDoS attacks in 2014 has been very large attacks, enabled by the reflection/amplification capabilities within such disparate network infrastructure components as Domain Name Servers (DNS) and Network Time Protocol (NTP). Arbor’s ATLAS® threat monitoring infrastructure collects data from over 300 service providers and other Internet operators, totaling an astounding 90Tbps of global traffic intelligence. According to ATLAS, there were more than one hundred separate DDoS attacks larger than 100Gbps in the first half of 2014. This represents an unprecedented increase in DDoS attack size and fundamentally changes how organisations need to think about protecting themselves.
Because Arbor Networks equipment and services are deployed pervasively across the world, the company has developed deep expertise in mitigating very large, complex and distributed DDoS attacks including those that leverage reflection/amplification techniques. That expertise was acknowledged by the Communications Security, Reliability and Interoperability Council (CSRIC), a federal advisory committee to the Federal Communications Commission (FCC), when they submitted their final report on Remediation of Server-based DDoS Attacks. The report adapted Arbor Networks’ best practices for DDoS incident response into the Six Phases for DDoS Attack Preparation & Response.
“The trend is clear, and very large attacks are here to stay. Attacks tools are readily available making these attacks easy to execute. This equates to a significant risk for any potential target, be they an enterprise or an ISP. Because we are the manufacturer of the DDoS equipment, we are able to scale the mitigation capacity of Arbor Cloud very quickly. With this capacity expansion program in place, Arbor Cloud customers are assured that we have the mitigation infrastructure available to meet their needs well into the future,” said Arbor Networks President Matthew Moynahan.
Arbor Cloud
Arbor Cloud’s integrated model is the recognised industry best practice for DDoS defence. By tightly integrating DDoS mitigation between the premise and the cloud, Arbor Cloud protects enterprises against the full spectrum of modern DDoS attacks, including volumetric, reflection/amplification, application-layer, state-exhaustion (e.g. targeting firewall/IPS) and multi-vector attacks.
The ease of use of the on-premise Pravail® Availability Protection System enables existing enterprise IT staff to maintain control of the mitigation, and gives them the ability to quickly alert the cloud when attacks reach a certain size that cannot be blocked locally. Arbor’s proprietary Cloud SignalingSM technology automates the connection between enterprise and cloud mitigation equipment, reducing time to mitigation. This tight integration is the best way to ensure the availability of critical network resources. Arbor Cloud customers are supported by a 24x7 Security Operations Center staffed by Arbor Networks DDoS mitigation experts.