Arbor Networks Introduces New DDoS Mitigation Product


Standalone Threat Management System protects hosting and Internet data centre infrastructure from availability threats

Peakflow SP 5.5 includes new geography-based IP alerting on traffic spikes from unexpected countries; IPv6 BGP to gain unique insight into IPv6 traffic and trends; infected host detection and reporting

October 21, 2010 – Arbor Networks Inc., a leading provider of security and network management solutions for converged carrier networks and next-generation data centres, today announced the availability of version 5.5 of Arbor Peakflow SP, the industry’s leading network-wide infrastructure security and traffic-monitoring platform.

In this release, Arbor is addressing the number one threat to the adoption of cloud computing today, the availability of services and data, by introducing a standalone version of its Threat Management System (TMS). Until now, Peakflow SP and TMS have been tightly integrated, delivering a unique combination of visibility and real-time attack mitigation. Peakflow TMS is now a standalone appliance purpose-built for rapid deployment and surgical mitigation of DDoS attacks targeting Hosting and Internet Data Centre (IDC) infrastructure and customers.

DDoS is Changing
Multi-tenant environments like these are prime targets for DDoS attacks because of their high profile nature and the potential to cause collateral damage across multiple customers. Attacks are also changing rapidly, moving from volumetric-based, where they try to simply overwhelm the connection with data, to more sophisticated application layer DDoS attacks that target specific services. Application layer DDoS attacks are not high bandwidth and therefore difficult to identify, threatening a myriad of services from web commerce to DNS, e-mail and online banking. Peakflow TMS addresses the issue of availability by identifying and surgically removing network and application layer attacks without interrupting the flow of legitimate traffic. This means that customer-facing services and data remain available while operators actively mitigate attacks.

“Enterprises continue to cite security and availability as the top barrier to adoption of cloud computing. The cost savings and efficiencies are enticing, but the prospect of having critical corporate information offline and beyond their direct control remains a real inhibitor to adoption,” said Rob Ayoub, global program director for Information Security research at Frost & Sullivan. “Given these concerns, hosting and other data centre operators today must have the ability to mitigate attacks without interrupting customer facing services. This is no longer an option. Availability strikes at the heart of the cloud computing model, and strong mitigation capabilities are a must.”

“Arbor is delivering carrier-class platforms for the detection and surgical mitigation of both volumetric DDoS and application layer attacks and also from internal threats like malicious insiders and compromised hosts. Firewalls, IPS and other products are key elements of an overall security strategy, but these solutions are designed to provide security functions that don’t address the issue of availability, and therefore, don’t meet the needs of today’s data centre, hosting and cloud providers,” said Rob Malan, Arbor Networks chief technology officer.

Global Country-Based Alerting & Mitigation; Improved Reporting on Infected Hosts
Peakflow SP 5.5 also includes new capabilities and reporting features, including geography-based IP alerting and mitigation when traffic spikes come from unexpected countries, quickly alerting customers to potentially malicious traffic and giving them the ability to block or rate-limit the unexpected traffic. Peakflow SP 5.5’s IPv6 Border Gateway Protocol (BGP) capabilities deliver enhanced visibility and security as customers transition to the IPv6 protocol. Finally, Peakflow SP 5.5 includes new reporting features on infected host detection and reporting, providing security teams with macro visibility into threats across the network. Lastly, the release introduces support for 4-byte Autonomous Systems Numbers (ASNs).

For more information on Arbor Networks DDoS Detection & Mitigation Solutions