Windstream today launched its latest advanced service for the business market, bringing a DDoS Mitigation Service to market in response to growing customer demand.

The frequency and duration of distributed denial of service (DDoS) attacks has reached a point where businesses that once relied on traditional approaches to network security are now asking for specific measures to keep their networks up and running, says Trent Pham, head of security for Windstream Communications Inc. (Nasdaq: WIN).

And while Windstream isn't early to the party of offering DDoS mitigation, it is working to address its business customers' specific needs by offering a service that will capture DDoS traffic aimed at sites that it serves and those served by other network operators. That traffic is then directed to one of three scrubbing centers before being directed to the customer, either over Windstream's network or via a secure tunnel through another operator's network.

Figure 1:

"Customers have tried to buffer DDoS attacks by using burstable networks and their own premises technology," Pham says in an interview. "But once the attack is larger than the last mile, it nullifies any type of solution that an enterprise might have put in place."

DDoS attacks today reach an average of 15 Gbit/s in the Windstream network, and average between 5 and 50 Gbit/s elsewhere, he says. There are massive attacks such as the recent Cloudslayer that "take advantage of protocols that can create a volumetric attack" and any of these would completely overwhelm an enterprise-based solution, Pham notes.

Windstream's DDoS Mitigation is based on its national fiber backbone, three distributed scrubbing centers and multiple other points of presence. DDoS traffic is redirected to a scrubbing center and mitigated then clean traffic is passed on to the business, with only a small degree of latency that most companies find easily tolerable, Pham says.

Windstream offers both monitoring and mitigation in a pricing plan that is reasonable and predictable, for both on-net locations and off-net sites. Most of Windstream's larger customers are multi-location, and invariably some of their locations are on other networks, he says. Proactive monitoring enables Windstream to detect an attack in progress and rapidly begin mitigation, although in many instances there is verification with the customer to make sure the traffic spike is not caused by business applications.

The service visibility offered includes traffic reports that show the composition of traffic, its volume and where it's headed; alert data for potential attacks; and details of any mitigation efforts so that businesses can address persistent issues, Pham says.

The primary goal is keeping the network up and running, which is crucial for companies in most industry verticals, including financial services, data center services, education, government and healthcare. Any business with a web presence is vulnerable to attack, Pham says.

— Carol Wilson, Editor-at-Large, Light Reading