Arbor Networks has integrated its Threat Management System into Alcatel-Lucent's IP routers to create clouds capable of blocking distributed denial of service attacks.
Under a new Alcatel-Lucent
and Arbor Networks partnership, service providers would be able to offer
customers cloud-based defenses against distributed denial of service (DDoS)
Arbor Networks' Threat
Management System (TMS) software has been integrated into blades installed
inside Alcatel-Lucent's 7750 router, the companies said Jan. 18. Each blade can
handle 5G bps of traffic and fit inside the SR-7 and SR-12 versions of the
router, Tom Bienkowski, director of product marketing at Arbor Networks, told eWEEK.
Service providers using the
7750 router would be able to filter out attack traffic at the network edge as
it comes in before it reaches the servers, Bienkowski said. Once a DDoS attack
is detected, all traffic is diverted to a regional "scrubbing" data
center in order to filter out the malicious traffic from legitimate traffic.
This partnership is the
first time Arbor has embedded its software into a third-party router, as it
generally sells standalone Threat Management System appliances, according to
Bienkowski. Currently, 20 providers of varying sizes and across industry sectors
are running pilot programs.
The copy of TMS that is part
of the Alcatel-Lucent router is capable of the same DDoS protection that Arbor
provides on its TMS appliances, including comprehensive anomaly detection and
mitigation tools, according to Bienkowski. The provider would also be able to
collect data and have access to research from Arbor's ASERT threat research
team on attack patterns.
Companies are increasingly
coming under DDoS attack and they are struggling to mitigate these kinds of
attacks on their own, according to Bienkowski. When organizations were asked
which IT functions they were willing to outsource, DDoS mitigation was easily
one of the top answers, Bienkowski said. The world's top 5 percent of Internet
data centers experience as many as 500 attacks a month, according to Arbor
Networks. There is "strong pent-up demand" for cloud-based DDoS protection,
according to Bienkowski.
Malicious attackers use
massive botnets, or networks of infected computers, to bombard Websites with
traffic that lock up server resources and prevents legitimate user traffic from
getting through. Once the server is overwhelmed, the site is no longer
accessible, resulting in downtime, lost productivity and potential financial
losses for the organization.
Blogging host WordPress was
crippled last year when several of its major sites were knocked offline because
a handful of sites hosted on the platform came under attack. Attackers breached
the Sony PlayStation Network last spring while the company's IT staff was
distracted trying to deal with the large DDoS attack in progress.
Cloud-based DDoS defenses
are becoming increasingly popular, as it is easier for cloud service providers
to absorb the tremendous amount of malicious bandwidth being sent as well as to
clean up the traffic without disrupting service. Enterprise customers would be
able to shift their resources away from trying to handle DDoS attacks toward
other IT activities. For smaller businesses that may not be able to afford
dedicated IT staff internally, being able to take advantage of the managed
service provider's specialized skills to detect and block malicious traffic
would be important, according to Bienkowski.