Sunday, 29 November 2020

Fighting DDoS attacks... now without the hardware headache

posted by Deutsche Telekom
Tuesday 20 October 20

Distributed denial-of-service (DDoS) attacks have become a growing threat for organisations worldwide in an ever more connected society

Some of these cyberattacks, which can create major disruption by overloading the network with traffic from multiple sources, have even hit the terabit level in the past couple of years.   The rapid take-up of billions of new devices through technologies such as Internet-of-Things (IoT) has widened the range of attack points, while issues have been highlighted during the coronavirus pandemic by reports of surging DDoS incidents as even more day-to-day activities have shifted online.   Yet even before the current crisis, organisations have been increasingly demanding top…

Some of these cyberattacks, which can create major disruption by overloading the network with traffic from multiple sources, have even hit the terabit level in the past couple of years.
 
The rapid take-up of billions of new devices through technologies such as Internet-of-Things (IoT) has widened the range of attack points, while issues have been highlighted during the coronavirus pandemic by reports of surging DDoS incidents as even more day-to-day activities have shifted online.
 
Yet even before the current crisis, organisations have been increasingly demanding top-quality attack mitigation from their telecoms providers – which have responded by seeking to make things as efficient and cost-effective as possible for customers. There have also been calls for rising sophistication in these products to thwart the rapid manoeuvring of perpetrators to find new and multi-layer attack methods. 
 
 
“Platinum” protection
 
One issue that organisations face is that the on-premise devices they currently deploy not only take up valuable space, but can also be costly and have long lead times for installation. On top of that, these devices do not have unlimited capacity to fight off attacks if they come under heavy bombardment. 
 
During such events, carriers can step in to help. In the case of Deutsche Telekom Global Carrier – which offers DDoS protection services via its 360° Defense portfolio that can even combat terabit-scale volumetric and application attacks – backbone-based mitigation is automatically activated when an organisation’s on-premise equipment hits capacity and signals for help. Once this kicks in, it “washes” out the bad traffic and returns it along its normal route.
 
 
But this can now go a step further, through a new product called DDoS Defense Platinum – which helps fulfil the need for efficiency by shifting the function of an on-premise device into Deutsche Telekom Global Carrier’s backbone network. 
 
As an equipment cluster located in the core of the carrier’s network in Germany, the service takes away the need for the customer to incorporate hardware at their premises, slashing the expense of these devices and removing the need to wait for on-site installation.
 
In this way, such protection can work in tandem with the carrier’s existing backbone protection to mean always-on inline DDoS mitigation. The concept is the same, with the service turning to the backbone for help during heavy attacks – and activating backbone filtering functions spread across 15 global locations before returning traffic for final washing – but many of the inconveniences are taken out of the customers’ hands.
 
Having both of these mechanisms is key for fully effective protection, with local devices providing a higher level of always-on, real-time precision in dealing with threats, but the backbone network stepping in when volumes become too high for these to deal with alone.
 

Efficiency benefits
 
“DDoS Defense Platinum makes things much easier and more convenient for the customer,” says Max Röttgermann, Senior Product Manager for IP Transit and DDoS Defense at Deutsche Telekom Global Carrier. “It means that they can avoid paying and waiting for costly on-site hardware, get highly effective protection at an affordable price, and save valuable space that would otherwise be taken up by equipment.”
 
Röttgermann explains that the product is scalable and has much higher capacity than on-premises equipment, providing multiple 100Gbps devices. It can also be speedily implemented – even within minutes during emergencies.
 
“We think this is a one-of-a-kind innovation that really fills a gap in the market by removing the hardware headache from the customer while giving them top-quality DDoS protection,” says Röttgermann. “Day by day, attackers get more sophisticated in the methods they use to disrupt the network, but these innovations keep ourselves and customers ahead of the curve.”
 
 
 
Deutsche Telekom are presenting in numerous panels at this year's Total Telecom Congress. Have you registered your place yet?

Since you're here...

...the Telecoms industry is characterised by constant change and evolution. That's why it's crucial for telecoms professionals to keep up-to-date with what is happening. Join 35,000+ of your peers and sign up to our free newsletter service today, to be in the know about what is going on. PLUS, as a member you can submit your own press releases!

See all membership options

Please enable JavaScript to view the comments powered by Disqus.

Newsletter signup

Quickly get on board and up to date with the telecoms industry