“For more than a decade, Arbor Networks has developed innovative, market-leading DDoS detection and mitigation solutions that are deployed in the vast majority of the world’s largest and most valuable service provider networks. Arbor has leveraged this experience to create the Arbor Pravail APS, bringing carrier-class DDoS detection and mitigation capabilities to the data center,” said Colin Doherty, Arbor Networks president. “Pravail is purpose-built to address the number one threat to the availability of IDC resources — application-layer DDoS attacks. This new product is squarely addressing a major concern for IDC operators and for those thinking about adopting a Cloud Computing model.”
“In recent months, high profile attacks and outages have gotten the attention of C-level executives,” said Rob Ayoub, Global Program Director, Network Security at Frost & Sullivan. “They are starting to understand that security begins with availability. If your data center is not available, all the compliance or data integrity in the world is not going to help your customers, business or your brand,” said Ayoub. “Arbor is addressing the number one threat to the availability of data center resources and that is the increasing prevalence and effectiveness of application-layer denial of service attacks that target infrastructure, and potentially, existing security devices themselves.”
While key elements of an overall security strategy, firewalls and Intrusion Prevention Systems are not effective solutions against DDoS attacks. Because these devices maintain state information for every session established between a client on the Internet and the corresponding server in the data center, these products themselves are commonly the targets of DDoS attacks. According to Arbor’s 2010 Worldwide Infrastructure Security Report, a solid majority of those who have deployed these devices within their IDCs experienced stateful firewall and/or IPS failure as a direct result of DDoS attacks during the survey period. Arbor Pravail APS is a purpose-built platform to identify and block application-layer DDoS attacks that threaten IDC availability.
Arbor Pravail APS highlights:
Purpose-built for IDC deployment scenarios
– Out of the box, carrier-class DDoS attack identification and mitigation capabilities
– Can be rapidly deployed with little configuration, even during an attack
– Focused on detecting and stopping application-layer DDoS attacks
– A single, easy-to-manage platform with extensive reporting capabilities
– A protocol to facilitate both customer-edge mitigation of application-layer attacks and upstream mitigation of volumetric attacks in an automated and real-time manner
– Only mechanism available today to provide complete protection against both application and volumetric DDoS attacks
ATLAS Intelligence Feed
– Leverages Arbor’s extensive data collection and world-renowned team of security researchers
– Automates the identification of botnet-borne attacks against data center infrastructure
– Updates for new threats are delivered automatically and also include geo-location data
Arbor’s Pravail APS Cloud Signaling capability helps to ensure the availability of IDC infrastructures and speed time-to-mitigation for DDoS attacks. Arbor believes that the only way for IDC and Cloud operators to have optimal protection against DDoS attacks is through a combination of on-premise and in-cloud protection. Working with its Internet service provider (ISP) and managed security services provider (MSSP) customers, Arbor has developed a protocol to facilitate both customer edge mitigation of application-layer attacks and upstream mitigation of volumetric attacks in an automated and real-time manner. Cloud Signaling is an efficient and integrated system bridging the customer premise to the service provider cloud.
Carrier-class Detection and Mitigation for the IDC
Application-layer DDoS attacks have quickly become the most significant threat to availability of IDC and Cloud-based services. Application-layer attacks are low bandwidth, difficult to detect and target both end customers and network operators’ own ancillary supporting services, such as HTTP Web services, domain name system (DNS), etc. The Arbor Pravail APS provides visibility into critical IP services and applications running in the IDC, such as HTTP, DNS, VoIP/SIP and SMTP traffic. The Arbor Pravail APS also protects IDC infrastructure against numerous types of attack, including TCP State Exhaustion, HTTP/Web Attacks, DNS Floods/Authentication Attacks, TCP SYN Floods, Spoofed / Non-Spoofed Attacks, UDP Floods and dozens more.
ATLAS Intelligence Feed
The Arbor ATLAS intelligence feed enables Pravail APS to provide unprecedented protection against botnet-fueled DDoS attacks. Over the past five years, Arbor has tracked the rise of botnet-fueled DDoS attacks -- in this year’s Worldwide Infrastructure Security Report, botnets were identified as the primary engine fueling DDoS attacks that threaten the availability of data center and cloud-based infrastructures. Arbor has unique visibility into DDoS botnets because of its ATLAS infrastructure, which combines a darknet sensor network with traffic data from more than 100 service provider customers around the world.
This enormous dataset enables Arbor’s security researchers to develop a unique, globally-scoped view of malicious traffic traversing backbone networks that form the Internet's core. This insight is critical, as botnets are constantly changing and updating to thwart detection. The new ATLAS Intelligence Feed delivers deep DDoS signatures in real time to keep the data center edge protected against hundreds of botnet-fueled DDoS attack toolsets and their variants. Moreover, this new feed includes geo-location data and automates the identification of attacks against data center infrastructure and services from known botnets while ensuring that updates for new threats are automatically delivered without software upgrades. Arbor's researchers are constantly analyzing DDoS botnet attacks--more than 4,300 to date. The ATLAS Intelligence Feed enables customers to directly benefit from the depth and breadth of Arbor’s research team.
For more information on Arbor Networks DDoS Detection & Mitigation Solutions
About Arbor Networks
Arbor Networks, Inc. is a leading provider of network security and management solutions for next-generation data centers and carrier networks, including the vast majority of the world’s Internet service providers and many of the largest enterprise networks in use today. Arbor’s proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the Active Threat Level Analysis System (ATLAS'). Representing a unique collaborative effort with 100+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions.