Click here to close now.

Welcome!

Virtualization Authors: Lori MacVittie, Roger Strukhoff, Hovhannes Avoyan, XebiaLabs Blog, Pat Romanski

Blog Feed Post

Hybrid DDoS Needs Hybrid Defense

#DDoS  #infosec #cloud #F5 acquires Defense.Net

Everyone, no doubt, can easily find one of the myriad articles and reports indicating that the volume of DDoS attacks is on the rise. Not just the frequency of but the sheer size of these attacks are growing year over year at a frightening rate.

It should be no surprise, then, that surveys like TechTarget's 2014 IT Priorities Survey indicate that 45% of respondents will be adding new capacity in network security and 35% plan on adding threat detection and management, and financial institutions are now being required by regulators to have DDoS mitigation solutions in place.

Problematic, of course, is the sheer volume in terms of bandwidth that can be consumed by an attack. With bandwidth consumption often measured in the hundreds of gigabits per second thanks to the deadly combination of amplification and reflection attack techniques, many organizations targeted by such an attack will find that their Internet connectivity is a serious obstacle in mitigating these attacks. While emerging technologies software-defined architectures and network virtualization promise to address the immediate need for additional capacity for network-related services, the reality is that if connectivity is compromised, additional capacity that lies beyond the corporate perimeter is unlikely to provide the relief needed.

Put simply: if an attacker can throw enough malicious traffic at you to completely saturate your Internet pipe, there’s simply not much an on-premise solution can do by itself.

That's why many top analysts recommend as best practices a hybrid approach to preparing for (what we're told is the inevitable) DDoS attack.

The Hybrid DDoS Approach

A hybrid approach combines an off-premise (cloud) based DDoS detection and mitigation service with on-premise protections. Such an approach allows organizations to take advantage of the greater bandwidth capacity that lies along the Internet backbone where most cloud-based DDoS providers reside when attacks oversubscribe their own connectivity while maintaining a strong security posture on-premise that can handle most volumetric attacks and is better suited to addressing more insidious application-layer DDoS attacks.

Hybrid solutions provide the resilience and scale of cloud-based solutions with the granularity and always-on capabilities of on—premise solutions. More importantly, a well-integrated hybrid DDoS architecture enables organizations to more effectively and cost-efficiently deal with threats that occur infrequently but are far more dangerous. A SANS 2012 survey on Log and Event Management indicated that for the first time respondents reported they were "unable to detect active attacks in their networks." This frightening statistic is brought to you by attackers whose goal is to overwhelm systems using network-based attacks whilst hiding more advanced, application-layer attacks amidst the noise such volumetric attacks generate.

Moreover, these attacks are made more dangerous because of the way in which organizations (naturally) respond to a DDoS attack. It's quite common for organizations that find themselves under attack to focus on preventing service outages. As computationally expensive security network services start to fail in the face of overwhelming traffic, the response is often to shut them down. That means IPS, application firewalls and anti-fraud detection systems, among others, are eliminated from the critical path. The network DDoS traffic may be detected and rejected, for the most part, but suddenly the application-layer attacks hiding in the volumetric network attack are free to make their way back to applications. Basically, the application-layer defenses are treated as ballast and tossed aside in favor of keeping the network boat afloat.

A hybrid approach can take advantage of the additional capacity available in the cloud to ensure organizations aren’t overwhelmed by the excessive volume generated by some attacks while enabling the organization to protect itself against the more frequent but easily managed attacks. A pure cloud DDoS solution can be cumbersome to implement if used to mitigate every single DDoS attacks, but worth the cost in the face of an overwhelming attack. 

A hybrid approach is certainly the best architectural approach available today for organizations to cost-efficiently mitigate the risk associated with DDoS overall, and an integrated solution that provides both a cloud and on-premise solution ensures the onboarding process is seamless.

Complementary Technology for a Hybrid DDoS Architecture

F5 sees in Defense.Net the ability to provide just such a hybrid approach to mitigating DDoS attacks whether traditional bandwidth-consuming attacks or more modern, multi-vector attacks. By combining the cloud-based services of Defense.Net with an on-premise F5 Application Delivery Firewall (ADF), organizations will be better armed to detect and mitigate DDoS attacks at the network and application layers simultaneously. 

While Defense.Net supports traditional architectural deployments - asymmetric GRE configuration and a symmetric proxy configuration - it also supports a destination NAT configuration that eliminates GRE MTU and other challenges. This approach requires only inbound traffic to be inspected, which dramatically decreases its bandwidth requirements compared to symmetric DDoS technology. It further benefits organizations in reducing the latency incurred by traditional approaches, which means less of an impact on application performance and the quality of experience demanded to keep customers and employees satisfied. 

Defense.Net's multilayer approach to scrubbing and architectural flexibility is highly complementary with F5's technology as well as our architectural vision, Synthesis. By bringing together both a cloud-based and an on-premise solution, F5 is extending its portfolio of security services to include cloud-based DDoS as a service or in the cloud as part of a broader security architecture designed to provide comprehensive DDoS coverage for applications deployed anywhere, accessed at anytime from any device.

We are excited to have the Defense.Net team and its technology join the F5 family. 

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

@ThingsExpo Stories
SYS-CON Events announced today that Litmus Automation will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Litmus Automation’s vision is to provide a solution for companies that are in a rush to embrace the disruptive Internet of Things technology and leverage it for real business challenges. Litmus Automation simplifies the complexity of connected devices applications with Loop, a secure and scalable cloud platform.
In 2015, 4.9 billion connected "things" will be in use. By 2020, Gartner forecasts this amount to be 25 billion, a 410 percent increase in just five years. How will businesses handle this rapid growth of data? Hadoop will continue to improve its technology to meet business demands, by enabling businesses to access/analyze data in real time, when and where they need it. Cloudera's Chief Technologist, Eli Collins, will discuss how Big Data is keeping up with today's data demands and how in the future, data and analytics will be pervasive, embedded into every workflow, application and infra...
From telemedicine to smart cars, digital homes and industrial monitoring, the explosive growth of IoT has created exciting new business opportunities for real time calls and messaging. In his session at @ThingsExpo, Ivelin Ivanov, CEO and Co-Founder of Telestax, shared some of the new revenue sources that IoT created for Restcomm – the open source telephony platform from Telestax. Ivelin Ivanov is a technology entrepreneur who founded Mobicents, an Open Source VoIP Platform, to help create, deploy, and manage applications integrating voice, video and data. He is the co-founder of TeleStax, a...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, will provide some practical insights on what, how and why when implementing "software-defined" in the datacenter.
Chuck Piluso will present a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Speaker Bio: Prior to Data Storage Corporation (DSC), Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Telecommunications Corporation, a facilities-based international carrier licensed by t...
How is unified communications transforming the way businesses operate? In his session at WebRTC Summit, Arvind Rangarajan, Director of Product Marketing at BroadSoft, will discuss how to extend unified communications experience outside the enterprise through WebRTC. He will also review use cases across different industry verticals. Arvind Rangarajan is Director, Product Marketing at BroadSoft. He has over 19 years of experience in the telecommunications industry in various roles such as Software Development, Product Management and Product Marketing, applied across Wireless, Unified Communic...
There are lots of challenges in IoT around secure, scalable and business friendly infrastructure for enterprises. For large corporations, IoT implementations are one of the top priorities of the decade. All industries are seeing a competitive need to sustain by investing in IoT initiatives. The value addition comes from improved customer service, innovative product and additional revenue streams. The data from these IP-connected devices can be leveraged for a variety of business applications as well as responsive action controls. The various architectural building blocks of an IoT ...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and easy to use. MangoApps has been named a "Market Leader" by Ovum Research and a "Cool Vendor" by Gartner...
SYS-CON Media announced today that @ThingsExpo Blog launched with 7,788 original stories. @ThingsExpo Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @ThingsExpo Blog can be bookmarked. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago.
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on Twitter at @MicroservicesE
SYS-CON Events announced today that robomq.io will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. robomq.io is an interoperable and composable platform that connects any device to any application. It helps systems integrators and the solution providers build new and innovative products and service for industries requiring monitoring or intelligence from devices and sensors.
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch of Docker's initial release in March of 2013, interest was revved up several notches. Then late last...
Wearable technology was dominant at this year’s International Consumer Electronics Show (CES) , and MWC was no exception to this trend. New versions of favorites, such as the Samsung Gear (three new products were released: the Gear 2, the Gear 2 Neo and the Gear Fit), shared the limelight with new wearables like Pebble Time Steel (the new premium version of the company’s previously released smartwatch) and the LG Watch Urbane. The most dramatic difference at MWC was an emphasis on presenting wearables as fashion accessories and moving away from the original clunky technology associated with t...
So I guess we’ve officially entered a new era of lean and mean. I say this with the announcement of Ubuntu Snappy Core, “designed for lightweight cloud container hosts running Docker and for smart devices,” according to Canonical. “Snappy Ubuntu Core is the smallest Ubuntu available, designed for security and efficiency in devices or on the cloud.” This first version of Snappy Ubuntu Core features secure app containment and Docker 1.6 (1.5 in main release), is available on public clouds, and for ARM and x86 devices on several IoT boards. It’s a Trend! This announcement comes just as...
The only place to be June 9-11 is Cloud Expo & @ThingsExpo 2015 East at the Javits Center in New York City. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT & Big Data companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterprise. Speakers from all over the world will be hand-picked for their ability to explore the economic strategies that utility/cloud computing provides. Whether public, private, or in a hybrid form, clo...
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of robomq.io, and Fred Yatzeck, principal architect leading product development at robomq.io, will discuss how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at the same time reduce Time to Market (TTM) by using plug and play capabilities offered by a robust I...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this case) takes into account the number and quality of contextual references that a user receives.
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? Join this panel of experts as they peel away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud environment, and we must architect and code accordingly. At the very least, you’ll have no problem filling in your buzzword bingo cards.
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are configurable to any form factor or custom configuration. AIC leads the industry with nearly 20 years of ...