Arbor improves IP attack defenses
New 40-gig box focused on denial of service and DNS attack protection
Arbor Networks today released a new, larger version of its Peakflow threat management platform, beefing up throughput, improving protection against key attacks and setting the stage for service provider migration to IPv6.
The new version 5.1 of Arbor Peakflow SP boosts throughput to 40 Gb/s for the integrated Threat Management System (TMS) application, which identifies and helps remove network and application attacks – without interrupting traffic flow.
As service providers drive IP deeper into their networks and also deliver new cloud-based IP services from their data centers, they become an ever larger target for attacks. Distributed attacks in particular are challenging to defend, because even one infected client endpoint can create disruptions for all customers on a network. That’s both the strength and one of the key vulnerability points for IP networks and cloud-based architectures.
Flood-based attacks like distributed denial of service (DDOS) in particular are a huge challenge for carrier IP networks in that hundreds if not thousands of “botted” clients – typically desktops but increasingly mobile clients as well – are taken over and pitted against carrier systems. Arbor claims its new box is the first 40-gig DDOS mitigation-capable platform, important because the number of attacks capable of reaching those levels has grown steadily over the past few years, said Rakesh Shah, Arbor’s director of product management.
“[DDOS attacks] are the number-one threat to data centers and clouds,” Shah said. “The number of attacks are increasing at a dramatic pace, as is the size of those attacks. In addition, the sophistication of attacks is increasing as well. It’s more than just flood-based attacks these days; we’re seeing very sophisticated application layer attacks as well.”
Those attack trends and the increased throughput of the new box make it especially suited toward “large [points of presence] or large data center deployments – maybe even regional mitigation centers,” Sha said, adding that the PeakFlow platform enables providers to not only protect their own networks from attack but to offer DDOS-protection as a managed security service to its large enterprise customers and network partners as well.
In addition to 40 Gb/s mitigation of DDOS and application layer attacks, the updated platform includes new capabilities to secure domain name server (DNS) infrastructure, another common target of attacks, as well as other network services and protocols such as HTTP, VoIP, IM, P2P and – Arbor claims for the first time for a security focused deep packet inspection (DPI) box – IPv6 traffic.
As a larger box, the 40 gig Peakflow can serve as a network aggregation point, working side-by-side with 10-gig Arbor boxes. The overall platform architecture lets providers manage up to five boxes from a single management user interface, offering great flexibility in deploying the platform, Shah said.
Want to use this article? Click here for options!
© 2013 Penton Media Inc.
In this Webinar you will learn how to create a real-time relationship with your customers, how to proactively improve the customer experience, and how to successfully target and cross-sell services to boost incremental revenue.
- Megabytes to Megabucks, Bandwidth to Business Models: How 4G Is Changing Everything
- How to Unplug Your Redundant Telco Apps To Save Money and Improve Efficiency
- When IaaS Isn't Enough: Service Provider Business Models to Drive Growth and Build Margin
- How to Transform Your Aging Telco Voice Network to Drive New Profits and Revenue
- Creative Licensing Approaches for Telcos & Their Network Equipment Vendors
- Smart Home Opportunity: Balancing Customer Data & Privacy
This paper discusses the rise of Diameter and benefits of Diameter Protocol.
- Conducting The Orchestration – Order Management at the Speed of Business
- Toward a Converged Network Edge
- Beyond Spam – Email Security in the Age of Blended Threats
- 6 Important Steps to Evaluating a Web Filtering Solution
- The Expertise to Protect You from Botnet and DDoS Attacks
- Seeing is Believing – Bridging the Order Visibility Gap
Service providers are under tremendous pressure to turn up new services faster then before and, at the same time,
to do it at less expense - and intra-office fiber is one of the biggest challenges in terms of both cost and service
From the Blog
Join the Discussion
Get more out of Connected Planet by visiting our related resources below:
Connected Planet highlights the next generation of service providers, as well as how their customers use services in new ways.Subscribe Now