Alcatel-Lucent, Arbor Networks Partner on Cloud-Based DDoS Protection

Under a new Alcatel-Lucent and Arbor Networks partnership, service providers would be able to offer customers cloud-based defenses against distributed denial of service (DDoS) attacks.

Arbor Networks’ Threat Management System (TMS) software has been integrated into blades installed inside Alcatel-Lucent’s 7750 router, the companies said Jan. 18. Each blade can handle 5G bps of traffic and fit inside the SR-7 and SR-12 versions of the router, Tom Bienkowski, director of product marketing at Arbor Networks, told eWEEK.

Service providers using the 7750 router would be able to filter out attack traffic at the network edge as it comes in before it reaches the servers, Bienkowski said. Once a DDoS attack is detected, all traffic is diverted to a regional “scrubbing” data center in order to filter out the malicious traffic from legitimate traffic.

This partnership is the first time Arbor has embedded its software into a third-party router, as it generally sells standalone Threat Management System appliances, according to Bienkowski. Currently, 20 providers of varying sizes and across industry sectors are running pilot programs.

The copy of TMS that is part of the Alcatel-Lucent router is capable of the same DDoS protection that Arbor provides on its TMS appliances, including comprehensive anomaly detection and mitigation tools, according to Bienkowski. The provider would also be able to collect data and have access to research from Arbor’s ASERT threat research team on attack patterns.

Companies are increasingly coming under DDoS attack and they are struggling to mitigate these kinds of attacks on their own, according to Bienkowski. When organizations were asked which IT functions they were willing to outsource, DDoS mitigation was easily one of the top answers, Bienkowski said. The world’s top 5 percent of Internet data centers experience as many as 500 attacks a month, according to Arbor Networks. There is “strong pent-up demand” for cloud-based DDoS protection, according to Bienkowski.

Malicious attackers use massive botnets, or networks of infected computers, to bombard Websites with traffic that lock up server resources and prevents legitimate user traffic from getting through. Once the server is overwhelmed, the site is no longer accessible, resulting in downtime, lost productivity and potential financial losses for the organization.

Blogging host WordPress was crippled last year when several of its major sites were knocked offline because a handful of sites hosted on the platform came under attack. Attackers breached the Sony PlayStation Network last spring while the company’s IT staff was distracted trying to deal with the large DDoS attack in progress.

Cloud-based DDoS defenses are becoming increasingly popular, as it is easier for cloud service providers to absorb the tremendous amount of malicious bandwidth being sent as well as to clean up the traffic without disrupting service. Enterprise customers would be able to shift their resources away from trying to handle DDoS attacks toward other IT activities. For smaller businesses that may not be able to afford dedicated IT staff internally, being able to take advantage of the managed service provider’s specialized skills to detect and block malicious traffic would be important, according to Bienkowski.