Arbor Networks today introduced its first cloud-based distributed denial-of-service (DDoS) mitigation service to protect enterprises against large-scale attacks intended to swallow up available bandwidth or knock application servers offline.
The Arbor DDoS mitigation service could be applied to filter out unwanted attack traffic at up to about 280Gbps or even higher, according to Gary Sockrider, solutions architect for the Americas at Arbor. Arbor’s enterprise service works in conjunction with the Arbor on-premises anti-DDoS gear the enterprise would have, he said. Arbor’s approach entails “once we see the attack, we re-direct traffic to the scrubbing center,” says Sockrider. Arbor is also seeking to get a different type of customer, the large ISPs, to make use of this cloud-based anti-DDoS service on a re-seller basis.
[ Get expert networking how-to advice from InfoWorld's Networking Deep Dive PDF special report and Technology: Networking newsletter. | Learn how to secure your systems with InfoWorld's Security Central newsletter. ]
Arbor’s cloud-based approach for the enterprise, coupled with its on premises hardware, comes as the anti-DDoS market grows more competitive. Belmont, Calif.-based start-up Defense.net, for example, which is a purely cloud-based anti-DDoS service, made its debut in August. Sockrider says Arbor intends to have a cloud-based pricing model that doesn’t levy charges based on traffic spikes that arise in DDoS attacks. He says some cloud-based DDoS competitors do that.
Five things you need to know about the new Payment Card Industry (PCI 3.0) standard
In August, Arbor issued a report stating that based on DDoS attacks it monitors today via its gear, half of them now reach speeds of over 1Gbps, up 13 percent from the year before. The portion of DDoS attacks over 10Gbps increased 41 percent in the same period, according to Arbor. There was also a doubling of total number of attacks over 20Gbps. The Arbor monitoring system is based on anonymous traffic data from more than 270 service providers. DDoS are often carried out through criminal manipulation of botnets of compromised servers or other computers that can aim attack traffic at the victim’s network.
A year ago, the power of DDoS attacks was clearly seen as the websites of about a dozen U.S.-based banks, including Wells Fargo and Bank of America, were hit so hard their online services weren’t available to the wider public for certain periods.
The massive DDoS attack that struck the spam-fighting organization, Spamhaus, earlier this year is viewed as among the most intense ever in terms of sheer bandwidth, peaking at about 75Gbps. Companies that depend on Internet availability for their customers, such as SG Interactive which provides online games, now regularly point out it’s critical to stop overwhelming DDoS attacks that threaten their entire business.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org
Read more about wide area network in Network World’s Wide Area Network section.