Arbor Networks announced a significant breakthrough in DDoS attack detection and mitigation response capabilities within its Peakflow platform. With Peakflow 7.0, service providers can now detect Fast Flood DDoS attacks in as little as one second and initiate mitigation in less than thirty seconds.
When you’re under attack, every second counts. Time to mitigation is critical for service providers because Fast Flood attacks can ramp up to multi-hundred gigabits in size in a matter of seconds, and have the potential to cause significant collateral damage across a provider network. Through the end of the third quarter, Arbor has seen more than 130 attacks larger than 100Gbps, a dramatic spike in the frequency of volumetric attacks compared to previous quarters.
“The majority of the world’s service providers rely on the Peakflow SP platform for network intelligence and DDoS protection. More than sixty providers utilize the Peakflow SP platform to also offer DDoS managed services to their customers. Our continued innovation in the area of DDoS attack detection and mitigation has duel benefits for our service provider customers, helping protect their own infrastructure while also improving their ability to deliver DDoS managed security offerings,” said Arbor Networks President Matthew Moynahan.
The Peakflow Threat Management System now includes an optional on-box SSL acceleration card to deliver an integrated, one-appliance solution to inspect encrypted traffic for DDoS threats. The Peakflow Threat Management System now includes enhanced threat protection delivered as part of the ATLAS Intelligence Feed. Arbor Peakflow 7.0 delivers an improved set of countermeasures designed to stop the most advanced HTTP, DNS, and TCP connection attacks. Two new countermeasures included in this release provide enhanced protection against flooding and server exhaustion attacks.
Redesigned DDoS attack alert dashboards now include substantial new data analysis for DDoS attacks, including geographic information (what countries attacks are coming from), network information (which networks the attacks are coming from), and automatic identification of major attack patterns to enable operators to quickly and easily identify the attack and understand how to block it.