By Ronen Priel, VP Product Management at Allot Communications.

DDoS attacks are a growing threat for enterprises and service providers, driven in large part by new technology trends such as the Internet of Things (IoT), where the focus has been more on functionality than security.

According to Frost & Sullivan’s latest whitepaper, Service Provider Requirements for DDoS Mitigation, DDoS attacks have been steadily growing in terms of scale, frequency, and complexity for years.

But DDoS took an unprecedented leap forward in 2016, peaking at over 1TBps for the first time ever – often targeting service provider networks.

At the same time, these attacks have become more accessible due to publicly available tools on the internet and for-hire DDoS services. In essence, DDoS has gone mainstream.

Threat actors have become more innovative by inventing new techniques and procedures in order to evade defences.

For example, some attackers have started doing “drive-by” attacks that last only a few minutes as a means of defeating time-dependent defences such as centralised scrubbing centres or on-demand cloud services.

It should come as no surprise then that DDoS attack mitigation is now a top priority for enterprises and service providers alike.

But the current state of enterprise security is insufficient to combat today’s DDoS attacks, and service providers find themselves in the crossfire, which is always costly.

DDoS also negatively impacts the Quality of Experience (QoE) subscribers have come to expect.

That is why they must be as innovative as the threats have become.

This requires solutions that not only address challenges unique to service provider networks, but also have the potential to yield benefits beyond attack mitigation.

For example, service providers that offer DDoS mitigation to their customers as a value-add feature or as a dedicated premium service can give them a competitive advantage in the market.

What to look for when it comes to DDoS protection

To address the realities of today’s DDoS landscape, service providers need to make sure they have the most innovative security solutions implemented on their network.

This also means revisiting DDoS defences and strategies on a regular basis to re-evaluate their effectiveness and ability to meet the service-level agreements and maintain a consistent QoE for their subscribers.

A comprehensive service provider security solution will need to be composed of the following characteristics:

•    Scalability and efficiency to face different types of attacks. Being able to defeat DDoS attacks inline, in real time, at the attacker source will allow service providers to be more efficient at threats. They should begin by setting limiting policies on network infrastructure elements to ensure that they are not overwhelmed.

•    Rapid detection and response to identify attacks. Inline solutions allow service providers to mitigate attacks in seconds in real time. This method provides exact and rapid mitigation of DDoS attacks, including short duration attacks. Coupled with deep packet inspection (DPI), inline solutions can manage the network traffic and provide service provider customers with a consistent QoE through prioritisation. DPI solutions can detect suspecting behaviours quicker and to mitigate attacks in real time without impacting the quality of the network at any time.

•    Broad visibility of the network to have a clear picture of all network activity. Using multiple inline detection appliances is key for service providers when it comes to DDoS protection. A centralised controller would coordinate these inline devices, thereby allowing the service provider to detect attacks that are spread over multiple peering points. This distributed, but centrally managed, model gives service providers full visibility of their entire network so that they can be able to detect threats more efficiently.

•    Granular controls across network entry points to differentiate IoT device traffic from other sources. This will minimise the impact of IoT-driven DDoS attacks, which are becoming increasingly common.

Service providers need modern mitigation solutions to face this ever-changing DDoS environment.

The key is to combine the advantages of a DPI inline appliance and a centrally coordinated DDoS mitigation model to mitigate attacks in an efficient way.

It will result in an optimal protection for service providers and their customers, and support asymmetric routing, application identification, and session awareness.

These kinds of comprehensive solutions are extremely difficult to find in the security market in a single, purpose-built appliance, but could offer vital capabilities for protecting service provider networks.

Last but not least, service providers who offer such high-level solutions will be rewarded with reduced costs and network optimisation.

More News

BT CEO hails “important day” as operator signs breakthrough Sky content deal BT CEO hails “important day” as operator signs breakthrough Sky content deal BT and Sky will be able to resell each other’s TV content in the UK through a new deal, as Sunrise announced it would offer the Sky Sports app to customers. More detail
T-Mobile Netherlands buys Tele2's Dutch opco to create "consumer champion" T-Mobile Netherlands buys Tele2's Dutch opco to create T-Mobile Netherlands is buying rival Tele2's Dutch operations in a cash and shares deal worth €190 million. More detail
Telia wins connected car deal with “Airbnb of driving” Telia wins connected car deal with “Airbnb of driving” Telia has won a deal to supply its connected car solution to a car-sharing start-up. More detail
Fon takes on “inexcusable” home Wi-Fi with operator solution Fon takes on “inexcusable” home Wi-Fi with operator solution Fon’s operator brand Fontech has launched a Wi-Fi solution to help service providers improve their fixed internet offerings. More detail
China Mobile taps BT to launch UK MVNO China Mobile taps BT to launch UK MVNO China Mobile is using BT’s mobile arm EE to launch an MVNO in the UK. More detail
    

@eurocomms