Arbor Intros 40-Gig DDoS Defense
The new Arbor PeakFlow SP Version 5.1 is aimed at enabling service providers to offer more robust managed security services for their large data center operations, and large enterprises to better protect their Internet-facing infrastructures. This latest version also adds IPv6 capability to the product line, something Arbor claims is an industry first. (See Arbor Watches the Net.)
Adding 40-Gig mitigation of distributed denial-of-service attacks is critical because DDoS attacks are getting larger and more sophisticated, and because cloud-based services are creating a more complex infrastructure that needs greater protection, says Rakesh Shah, director of product management for Arbor Networks. Arbor PeakFlow SP Version 5.1 detects abnormal quantities of traffic on a link, re-routes that traffic through its Threat Management System, separates the illegal traffic from the legitimate traffic, which is then reinjected into the service provider network, and conducts further analysis on the illegal traffic.
“Typically, we are dealing with attacks that needs to be remedied pretty quickly, and then there are options for deeper analysis,” Shah says. “It’s important to a service provider to block illegitimate traffic at its border, where it may be coming inbound from various other providers, so we are not passing malicious traffic all the way through the [service provider’s] network, where it can cause collateral damage to other customers.”
DDoS attacks remain the No. 1 threat, Shah observes, and real-time detection and mitigation of those attacks is even more important as service providers shift to cloud-based services such as cloud-based computing. Service providers need to offer DDoS mitigation services to large data center operators to mitigate the shared impact of attacks aimed at applications including Web services and applications, voice over IP, and DNS.
“If they can’t stop and mitigate those attacks real-time, their only other option is to shut down the link [on which illegal traffic is showing up], which is disruptive to their service."
The deeper analysis of the malicious traffic can generate “fingerprints,” which can be shared upstream with managed service providers and data center operators to enable them to block the traffic at its source, according to Shah.
“In the future, data center operators must be able to do their own detection and mitigation but also buy services from upstream providers, and we are looking at a means of linking local DDoS detection and mapping with detection that is happening in the cloud."
Adding IPv6 protection to this version of PeakFlow SP was important because IPv6 traffic grew 1,400 percent last year, Shah notes.
"This is our opportunity to get ahead of the curve," he says, "and help our customers as they make the transition."
— Carol Wilson, Chief Editor, Events, Light Reading