Are your systems vulnerable to a complex cyber-attack?

JOHANNESBURG – August 23, 2017 – Today’s Distributed Denial of Service (DDoS) attacks have grown in complexity and now employ a combination of volumetric, TCP-state exhaustion and application-layer attack vectors.

Without the right protection in place, an advanced, high-volume DDoS attack could bring your business to a grinding halt by interrupting access to your applications and services. So if the attacks are coming in layers, then prepare to fight fire with fire and protect your networks in layers too.

This is according to Arbor Network’s territory manager for Sub-Saharan Africa, Bryan Hamman, who says, “Arbor Networks recommends a layered approach to security to avoid any downtime. This includes its Arbor Cloud DDoS Protection for Enterprises solution, which provides in-cloud protection from volumetric DDoS attacks while ensuring your networks remain operational.”

Haman says the trend for DDoS attacks is not favorable for enterprises, with volumetric attacks growing and the increasing popularity of reflection/ amplification attacks adding a new layer of complexity. He adds, “Arbor Cloud DDoS Protection for Enterprises (Arbor Cloud) provides cloud-based traffic scrubbing services tightly integrated with on-premise DDoS mitigation defense. This multi-layered approach to DDoS protection is an enterprise best practice for mitigating today’s dynamic DDoS threats.”

The practicalities of layered protection against today’s DDoS attacks

Hamman clarifies that, as part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks without interrupting access to your applications and services. He says, “Arbor Cloud’s on-demand traffic scrubbing service, staffed by Arbor’s DDoS security experts, defends against volumetric DDoS attacks that are too large to be mitigated on-premise. In addition, Arbor Cloud’s on-premise component, Arbor Networks APS, provides always-on, in-line, packet-based DDoS attack detection and mitigation.”

The Arbor APS can detect and stop all types of DDoS attacks. However, in the event of a large volumetric DDoS attack that will overwhelm internet-facing circuits and local protection, the Arbor APS can automatically notify and re-route attack traffic to an Arbor Cloud scrubbing location where the attack is mitigated. It does this by using a feature called Cloud Signaling.

“Thus,” continues Hamman, “the combination of Arbor APS on-premise, Cloud Signaling and Arbor Cloud offers the most comprehensive protection from today’s multi-pronged DDoS attacks.”

In addition, the Arbor Cloud Flow-Based Detection option offers an alternative to the Arbor APS on-premise. Via flow collection and analysis, DDoS attacks are automatically detected and a Cloud Signal is sent to the Arbor Cloud for in-cloud mitigation. A deployment could have the combination of both Arbor APS and Flow-Based Detection for on-premise automated DDoS attack protection.

On-demand, cloud-based traffic scrubbing

Hamman notes that when an attack occurs, speed and agility are critical to business continuity. He says, “In the event of a volumetric attack, the on-premise APS serves as the first line of defense detecting the attack. As the attack approaches your bandwidth capacity and APS signals for Arbor Cloud to take over, Arbor Cloud then re-routes inbound traffic to one of Arbor’s four global scrubbing centers for cloud-based mitigation.

“The scrubbing centers have collectively multi-Tbps of DDoS mitigation capacity at your disposal. When this occurs, Arbor Cloud’s 24×7 Security Operations Center (SOC) works hand-in-hand with your security / IT teams to quickly block malicious DDoS traffic while returning all of your legitimate traffic back to your data center.”

Arbor Cloud provides global IPv4 and IPv6 scrubbing capacity and can handle today’s largest and most complex attacks.

 Hamman concludes, “The size and sophistication of Distributed Denial of Service (DDoS) attacks are growing and without the right protection, you risk the loss of service and damage to your company’s reputation. Using a layered approach to protect your network is therefore critical.”

For more information about Arbor in Africa, please contact Bryan Hamman at bhamman@arbor.net.

About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization, and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.

To learn more about Arbor products and services, please follow us on Twitter @ArborNetworks. Arbor’s research, analysis, and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, the Arbor Networks logo, and ATLAS are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.