“This collaboration with Verisign further underscores the momentum in the market for a hybrid approach to DDoS defense,” said Dave Larson, CTO and Vice President, Product, Corero. “Further, the technology integration between the two organizations is an example of combining best-of-breed solutions in both categories in order to better defend customers against DDoS attacks with real-time defense technology.”
The architecture is designed to detect and respond to a large spectrum of DDoS attacks, ranging from high volume denial of service attempts to blended multi-vector threats, as well as low and slow application layer attacks. The solution detects, analyzes and responds to DDoS attacks by inspecting raw Internet traffic at line rate and identifying the threat within the first few packets of an attack. At this stage of mitigation, the Corero do-no-harm approach to DDoS protection allows good user traffic to flow uninterrupted, while attack traffic is stifled immediately. The onset of a pipe-saturating attack signals to Verisign’s cloud-based mitigation to re-route traffic through pre-determined and customized thresholds. These thresholds employ Verisign’s globally connected and redundant backbone of mitigation centers and purpose-built mitigation platform for volumetric and complex application layer attacks.
“Corero’s work to integrate with Verisign’s OpenHybrid APIs has been exceptional,” said Danny McPherson, senior vice president and chief security officer at Verisign. “This integration enables customers to stay ahead of the DDoS challenge through a combined, always-on hybrid DDoS solution based on open standards.”
Verisign OpenHybrid enables interoperability between the Corero SmartWall® Threat Defense System (TDS) and Verisign DDoS Protection Service through an easy-to-use set of open APIs. Leveraging the Corero SmartWall TDS device to signal threat information back to the Verisign DDoS protection cloud provides customers with faster, more efficient detection and mitigation of DDoS attacks. DDoS signals from the Corero on-premises device automatically generate alerts that can trigger a mitigation response from Verisign. All alerts generated as a result of the Verisign OpenHybrid signaling from Corero appliances, and any associated mitigation event, can be viewed in near real time on the secure Verisign DDoS customer portal. In addition, customers will receive 24x7 access to Verisign Technical Support Services supporting the DDoS events.
“DDoS is a complex problem to solve, but the open hybrid approach to DDoS protection utilizes on premises defenses for complete traffic visibility, and real-time attack mitigation coupled with a cloud based solution for defeating full saturation attacks providing protection as needed, has become a more common strategy for the Internet connected business looking to eliminate the DDoS problem in their environment,” said Jeff Wilson, Principal Analyst, Security of Infonetics Research.