Networking

08:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Arbor Networks Offers Enterprise Data Center Appliances To Counter Application-Based DDoS

Arbor Networks is introducing a new line of appliances designed to protect Internet-facing enterprise data centers against application-layer distributed denial of service (DDoS) attacks. The Pravail Availability Protection System (APS) family of appliances complements Arbor's network-based Peakflow appliances, which are primarily sold to carriers and service providers.

Arbor Networks is introducing a new line of appliances designed to protect Internet-facing enterprise data centers against application-layer distributed denial of service (DDoS) attacks. The Pravail Availability Protection System (APS) family of appliances complements Arbor's network-based Peakflow appliances, which are primarily sold to carriers and service providers.

The Peakflow appliances are designed to detect and mitigate traditional high-volume DDoS attacks, such as SYN floods, which service providers are well-positioned to deal with. However, more targeted, application-layer attacks go after the enterprise web server. Detection requires inline packet inspection, which would be prohibitive in terms of cost and possibly performance for massive volumes of network traffic at the carrier or ISP level.

"There's been an uptick in application-layer attacks; they have a similar objective to high- volume attacks, to inundate resources so they don't function," says Michael Suby, director at Stratecast, a division of Frost & Sullivan. "Attacks are going up in total, and neither type is going down."

Application-layer attacks can't be detected with network-based anti-DDoS technologies because they don't meet the bandwidth thresholds for anomalous traffic volume. They fly beneath the threshold of requests served by a web server, Suby says, and exploit certain types of requests that are consuming resources.

Enterprises have a number of anti-DDoS options, including buying excess bandwidth from their providers to meet surges in demand, as well as to absorb the impact of attacks. In addition to network-based protection from ISPs, enterprises can purchase focused anti-DDoS services from companies such as Verisign.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed