By Ronen Priel, VP Product Management at Allot Communications.

DDoS attacks are a growing threat for enterprises and service providers, driven in large part by new technology trends such as the Internet of Things (IoT), where the focus has been more on functionality than security.

According to Frost & Sullivan’s latest whitepaper, Service Provider Requirements for DDoS Mitigation, DDoS attacks have been steadily growing in terms of scale, frequency, and complexity for years.

But DDoS took an unprecedented leap forward in 2016, peaking at over 1TBps for the first time ever – often targeting service provider networks.

At the same time, these attacks have become more accessible due to publicly available tools on the internet and for-hire DDoS services. In essence, DDoS has gone mainstream.

Threat actors have become more innovative by inventing new techniques and procedures in order to evade defences.

For example, some attackers have started doing “drive-by” attacks that last only a few minutes as a means of defeating time-dependent defences such as centralised scrubbing centres or on-demand cloud services.

It should come as no surprise then that DDoS attack mitigation is now a top priority for enterprises and service providers alike.

But the current state of enterprise security is insufficient to combat today’s DDoS attacks, and service providers find themselves in the crossfire, which is always costly.

DDoS also negatively impacts the Quality of Experience (QoE) subscribers have come to expect.

That is why they must be as innovative as the threats have become.

This requires solutions that not only address challenges unique to service provider networks, but also have the potential to yield benefits beyond attack mitigation.

For example, service providers that offer DDoS mitigation to their customers as a value-add feature or as a dedicated premium service can give them a competitive advantage in the market.

What to look for when it comes to DDoS protection

To address the realities of today’s DDoS landscape, service providers need to make sure they have the most innovative security solutions implemented on their network.

This also means revisiting DDoS defences and strategies on a regular basis to re-evaluate their effectiveness and ability to meet the service-level agreements and maintain a consistent QoE for their subscribers.

A comprehensive service provider security solution will need to be composed of the following characteristics:

•    Scalability and efficiency to face different types of attacks. Being able to defeat DDoS attacks inline, in real time, at the attacker source will allow service providers to be more efficient at threats. They should begin by setting limiting policies on network infrastructure elements to ensure that they are not overwhelmed.

•    Rapid detection and response to identify attacks. Inline solutions allow service providers to mitigate attacks in seconds in real time. This method provides exact and rapid mitigation of DDoS attacks, including short duration attacks. Coupled with deep packet inspection (DPI), inline solutions can manage the network traffic and provide service provider customers with a consistent QoE through prioritisation. DPI solutions can detect suspecting behaviours quicker and to mitigate attacks in real time without impacting the quality of the network at any time.

•    Broad visibility of the network to have a clear picture of all network activity. Using multiple inline detection appliances is key for service providers when it comes to DDoS protection. A centralised controller would coordinate these inline devices, thereby allowing the service provider to detect attacks that are spread over multiple peering points. This distributed, but centrally managed, model gives service providers full visibility of their entire network so that they can be able to detect threats more efficiently.

•    Granular controls across network entry points to differentiate IoT device traffic from other sources. This will minimise the impact of IoT-driven DDoS attacks, which are becoming increasingly common.

Service providers need modern mitigation solutions to face this ever-changing DDoS environment.

The key is to combine the advantages of a DPI inline appliance and a centrally coordinated DDoS mitigation model to mitigate attacks in an efficient way.

It will result in an optimal protection for service providers and their customers, and support asymmetric routing, application identification, and session awareness.

These kinds of comprehensive solutions are extremely difficult to find in the security market in a single, purpose-built appliance, but could offer vital capabilities for protecting service provider networks.

Last but not least, service providers who offer such high-level solutions will be rewarded with reduced costs and network optimisation.

More Features

Opinion: Could second brands become operators’ training ground? Opinion: Could second brands become operators’ training ground? By Jonathan Plant, Senior Marketing Manager, Openet More detail
Opinion: Cloudification is coming, but processes and culture must change Opinion: Cloudification is coming, but processes and culture must change By Santiago Madruga, VP of Communications Service Providers market, Red Hat EMEA More detail
Vodafone’s IoT head hits out at "annoying" criticisms of operator role Vodafone’s IoT head hits out at The claim that connectivity is a commodity has existed in the mobile industry for some time and has recently extended itself to the Internet of Things. More detail
Telcos bet on eSports to get down with the kids Telcos bet on eSports to get down with the kids In some circles, attempting to shrug off the image of being a bunch of crusty old network engineers by buying an eSports team would be regarded as the very definition of having a midlife crisis. More detail
Deutsche Telekom’s Head of Europe rails against “really dangerous” regulatory mindset Deutsche Telekom’s Head of Europe rails against “really dangerous” regulatory mindset Complaining about the regulatory landscape has been de rigueur in European telecoms for many a long year. More detail
    

 

European Communications is now
Mobile Europe and European Communications

  

From June 2018, European Communications magazine 
has merged with its sister title Mobile Europe, into 
Mobile Europe and European Communications.

No more new content is being published on this site - 

for the latest news and features, please go to:
www.mobileeurope.co.uk 

 

@eurocomms

Other Categories in Features