The market demand for managed security services is real and growing. Moreover, the managed security and security monitoring services segment will continue to yield the highest percentage of total revenue in the Managed Security Services Provider (MSSP) market. Service providers have some inherent advantages that enable them to capitalize on this demand because they own the 'pipes' that transmit data across the Internet. This makes ISPs in
The Three Types of DDoS Attacks
'Volumetric' DDoS attacks are usually generated by Internet bots or compromised PCs that are grouped together in large-scale botnets. Because of the high-bandwidth and distributed nature of these attacks, the congestion is likely occur upstream in the provider's network and therefore cannot be stopped at the enterprise or data-center edge.
In addition, 'application-layer' DDoS attacks compromise the business viability of service provider customers. These attacks target specific services and consume lower bandwidth. These newer application-layer DDoS attacks threaten a myriad of services ranging from Web commerce and DNS services to email and online banking. And they are becoming far more frequent than ever before. In Arbor's Annual Worldwide Infrastructure Security Report, nearly 90% of survey respondents admitted to having experienced application-layer attacks.
The convergence of volumetric and application-layer DDoS attacks poses a significant threat to online services, and customers will be looking for solutions.
An increasing threat these days in the region is the targeting of stateful devices. Since firewall and IPS devices are "stateful" inline solutions, they are also vulnerable to DDoS attacks and often become the targets themselves. Firewall and IPS devices will continue to choke even during moderate DDoS attacks and can be first points of failure during DDoS attacks.
Why ISPs are ideally positioned to respond
The best place to stop volumetric DDoS attacks is in the ISP cloud via network-based DDoS protection because saturation happens upstream and can only be re-mediated in the provider's cloud. On the other hand, the best place to perform application-layer DDoS detection is in the data center itself because the attack can only be detected and quickly mitigated at the data center edge. Only ISPs can provide both a network-based service component to stop volumetric DDoS attacks and a Customer Premises Equipment (CPE) based service component to stop application-layer DDoS attacks. This approach presents a distinct competitive advantage.
There are cost efficiencies at work, too. Today with ISPs already supplying managed firewalls, Secure Socket Layer virtual private networks (SSL VPNs), intrusion detection systems (IDS), intrusion prevention systems (IPS) and other security measures, adding an incremental managed DDoS protection service can be relatively straightforward and cost-efficient.
Providers hoping to add a comprehensive DDoS mitigation service to their offerings must ensure that the solution they implement support the following:
• Both in-line and, more importantly, out-of-band deployment to avoid being a single point of failure on the network.
• True 'distributed' DoS (DDoS) attack detection, which requires broad visibility into the network, not just from a single network perspective, and the ability to analyze traffic from different parts of the network.
• Attack detection using multiple techniques such as statistical anomaly detection; customizable threshold alerts; and fingerprints of known or emerging threats that are based on Internet-wide intelligence.
• Mitigation that can easily scale to handle attacks of all sizes, ranging from low-end (e.g., 1Gbps of mitigation, deployed in the data center) to high-end (e.g., 40Gbps of mitigation, deployed in the ISP network).
The solution must also feature managed security service enablers. These include application programming interfaces (APIs) for integration with existing systems; the ability to launch a customer portal easily; provisioning templates; fault tolerance; and redundancy.
DDoS attacks are continuing to rise and both public and private data centers are prime targets. Today's data center operators are seeking solutions to this pressing problem. ISPs in
Most Popular Stories
- Toxic Algae Threatens Florida Fishing, Tourism
- Eva Mendes Gives Birth to a Baby Girl
- Hispanic Groups Lead Voter Registration Drive
- Fed Signals It Will Keep Key Rate at Record Low
- Plus-Size iPhones Live Up to The Hype
- FedEx Adding 50,000 Holiday Jobs
- Stocks Rise Before Fed Statement
- Occupy Wall Street Buys Up Student Debt
- Cool Features on Today's New iOS 8
- Kohl's Hiring 67,000 for the Holidays