DDoS Mitigation While Reducing Operational Complexity
New TMS HD1000 for High Volume Attack Protection; Enhanced Automated Cloud Signaling Enables Surgical Mitigation in the Cloud
BURLINGTON, Mass., 10. Mai 2016 – Arbor Networks Inc., the security division of NETSCOUT (NASDAQ: NTCT), today announced several enhancements to its distributed denial-of-service (DDoS) mitigation portfolio for enterprise and service provider networks that enable customers to better manage the increasing size and complexity of modern DDoS attacks.
“Innovation is the lifeblood of Arbor Networks and has been since our founding in 2000 following a DARPA grant. With Cloud Signaling, we’ve created a fast and automated way to connect the enterprise on-premise with the service provider cloud. This multi-layered approach championed by Arbor is today the de facto best practice for DDoS defense. We’re constantly evolving our defenses to keep ahead of the attackers who rightly view availability as the lifeblood of the modern business,” said Arbor Networks Vice President of Product Management Eric Jackson.
Scaling Mitigation Capacity to Meet DDoS Attack Growth
Driven by the use of reflection/amplification techniques, the size of DDoS attacks is growing at a phenomenal rate. According to Arbor’s annual Worldwide Infrastructure Security Report, 500Gbps was the largest attack reported by respondents in 2015, a 50X increase over the past decade. DDoS attacks today target not just connection bandwidth, but multiple devices that make up your existing security infrastructure, such as firewall/IPS devices, as well as a wide variety of applications that the business relies on, like HTTP, HTTPS, VoIP, DNS and SMTP. At a time when businesses are more reliant than ever on the availability of websites, online services and applications, DDoS protection is a fundamental aspect of business continuity.
Arbor Networks TMS
The Arbor TMS DDoS mitigation platform is deployed by hundreds of internet and cloud service providers, including nearly every tier 1 service provider globally. In addition to the Arbor Cloud service, Arbor TMS powers more than 60 DDoS-managed services globally. A new high-capacity solution, the Arbor TMS HD1000 is a 2U appliance capable of supporting up to 160Gbps of mitigation at the lowest cost per gigabit in the Arbor portfolio. The Arbor TMS HD1000 allows network operators to save finite mitigation capacity through IPv6 rate limiting and automatically offloading traffic to the network using BGP Black Hole mitigation methods.
Arbor also announced 100 Gigabit Ethernet support on the TMS 5000 mitigation platform. The broadly deployed TMS 5000 can now be used with up to four 100G Ethernet ports, resulting in more efficient connectivity for carrying mitigation and clean traffic compared to legacy 10G links.
Enhanced Cloud Signaling Reduces Time to Mitigation
Arbor has built on its creation of Cloud Signaling technology by developing new surgical mitigation capabilities that can be done automatically or manually based on the enterprise’s preferred mitigation strategy. The on-premise Arbor APS 5,9 can initiate surgical mitigation in the cloud on traffic going to the target of ongoing attacks, with no impact to normal traffic for hosts or services that are not under active attack. This helps ensure the availability of websites, applications and infrastructure by reducing time to mitigation for DDoS attacks.
Even with the ability to automate surgical mitigation in the cloud, customers do not want to be left in the dark about attacks against, or responses protecting, their networks. Arbor customers see the active mitigation status in the user interface delivering real-time intelligence, as well as granular post-mortem reports with details of the attack and the steps taken to mitigate the attack. Powerful new reports provide an executive-level summary of malicious activity and normal traffic over time, including volume of traffic inspected and passed or dropped as malicious, as well as outbound threats detected and blocked. These reports can be generated for all traffic seen by an Arbor APS or for specific protection groups to provide a service-level view to service owners within the enterprise.
NSS Labs On-Premise DDoS Test
The Arbor Networks APS on-premise solution earned a “Recommended” rating and the highest Overall Security Effectiveness score in the first ever NSS Labs’ DDoS Prevention Test Report released in March. A “Recommended” rating from NSS Labs indicates that a product demonstrates outstanding performance and deserves serious consideration from customers. This rating is reserved for only the top performing products, regardless of vendor market share, size or industry presence. The scope of this particular test includes: Security Effectiveness, Performance, Stability and Reliability and Total Cost of Ownership.
Highlights from Arbor Networks APS Test Report include:
- 100% Score for Application-Layer Attacks versus 80% Group Average: Across HTTP Get Flood; RUDY (Low and Slow); LOIC; NTP Reflection; 10G DNS Reflection and SIP Invite Flood attacks.
- 90,8% Score for Overall Attack Mitigation: Across volumetric, protocol and application-layer DDoS attacks.
- Real-World Mitigation Test: Performed at 20Gbps, as claimed, for “Real-World” Protocol Mix (Data Center – Financial; Data Center – Mobile Users and Applications; Data Center – Web-Based Applications and Services and Protocol Internet Service Provider (ISP) Mix).
About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor Networks Spectrum™ advanced threat solution delivers complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of attack campaigns, malware and malicious insiders. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.