Comments
Re: Opportunity for growth
Happy 2017 @JohnBarnes et. al.
If it was up to the "Google"/"Amazon" et. al, it seems to me that they would not see a need for humans--Will humans stay relevant? That's the ultimate question here--and I for me have profound concerns about the answer as all know by now.
Re: Opportunity for growth
VPMarket82343,
Given how many people are lax about basic health and safety behavior (and that neglect could and does make them sick, get them hurt, and now and then kills them), is there any hope we'll ever improve much with things like maintaining password security?
Re: Opportunity for growth
VPMarket82343,
Interesting point. So although the difference between an attack and a traffic gain is detectable in big data, we still need humans to see the difference? Or do we just need them to train the ML algorithms? Or both?
Re: Opportunity for growth
@dcawrey, Agreed. the lack of awareness from a consumer point of view is major impediment to broader internet hygiene. If folks knew that by leaving their default passwords enabled on their internet gateways, home security systems, etc, they are enabling massive DDoS attacks that actually hurt them (however indirectlly), then they might change their habits. Sadly, the awareness isn't there, but the pain is.
Re: Opportunity for growth
For volumetric attacks, it's possible to get fairly accurate detection today, by using big data to perform the baselining. When you're using a limited amount of computing/memory/storage to do detection, you run into to major problems with intelligent baselining:
1. Network-wide data can be too much to scan quickly. A system that is running on a quad core CPU for example, with N GB of memory, can't do intelligent baselining on a network that is running a good volume of traffic. A single router can easily generate thousands of traffic flow telemetry records per second, which on a daily basis can add up to billions of records. If you have multiple routers, it becomes an overwhelming amount of data. As a result, single server detection approaches have to segment the network data into different tables and perform baselining on a router by router basis. Obviously, that creates alot of data gaps.
2. Static configurations. Network traffic patterns changes organically over time. One of the major problems with most baselining schemes is that they don't actually adapt, so you set a list of servers for example to monitor, but what if patterns change or a new server is added, and you don't adjust your monitoring list? Ideally, network operators/engineers adjust everything in real time to changing conditions but we know that's now how life works. As result, alot fo traffic that should be baselined doesn't get baselined, so you're missing the basis to judge whether new traffic is an attack or not.
Big data doesn't have those constraints. Scale-out storage and tons of memory across tons of computing nodes mean that the system can baseline network-wide data and also has enough compute capacity to automatically adapt baselining to include nodes that exhibit higher levels of traffic for any reason. Just these changes increase accuracy a ton.
Re: Opportunity for growth
Agreed. DDoS should be considered a major part of a continuity plan if a business relies haveily on the Internet for commerce or productivity for sure--too many businesses don't approach DDoS in a proactive, planned way.
Re: Opportunity for growth
You're right. It's fairly trivial to detect and automate the dropping of attack traffic headed to a particular destination IP address today, without needing any sort of appliance. However, to scrub attack traffic that is mixed in with legitimate traffic requires deep packet inspection and the economics of that are still favorable to ASIC-based devices.
Re: Opportunity for growth
You're right. It's fairly trivial to detect and automate the dropping of attack traffic headed to a particular destination IP address today, without needing any sort of appliance. However, to scrub attack traffic that is mixed in with legitimate traffic requires deep packet inspection and the economics of that are still favorable to ASIC-based devices.
Re: Opportunity for growth
There is a major shift happenning as more DDoS protection options are available in the cloud, which means that deploying is much easier and can be done on an Opex versus solely a Capex basis.
For example, it's certainly possible now to get cloud-based detection that will, upon detecting an attack on a destiation IP address, automate a remote triggered black hole (BGP routing traffic to a "null" interface). For residential broadband providers, that's a very feasible solution to many of the attacks they see coming through their networks, because perhaps 40% of all DDoS attacks are gamer on gamer so they're relatively easy to isolate.
Obviously, there are more sophisticated mitigation appliances and more cloud-based mitigation services that are giving businesses more options.
srufolo1
12/31/2016 10:37:35 PM
User Rank Platinum
Big Data DDoS Protection
Enterprises should be vigilant about DDoS threats. It's important that threats should be detected before they wreak havoc and if an attack does occur, there should be a plan in place on how to effectively deal with it. Not enough companies are taking necessary precautions.
|
|
Italy's 5G auction could exceed a government target of raising €2.5 billion ($2.9 billion) after attracting interest from companies outside the mobile market.
The emerging-markets operator is focusing on the humdrum business of connectivity and keeping quiet about some of its ill-fated 'digitalization' efforts.
Three UK has picked Huawei over existing radio access network suppliers Nokia and Samsung to build its 5G network.
Vendor says that it's its biggest 5G deal to date.
Verizon skates where the puck is going by waiting for standards-based 5G devices to launch its mobile service in 2019.
Orange has been one of the leading proponents of SDN and NFV. In this Telco Transformation radio show, Orange's John Isch provides some perspective on his company's NFV/SDN journey.
10/16/2017
Huawei Network Transformation Seminar
The adoption of virtualization technology and cloud architectures by telecom network operators is now well underway but there is still a long way to go before the transition to an era of Network Functions Cloudification (NFC) is complete.
The Small Cell Forum's CEO Sue Monahan says that small cells will be crucial for indoor 5G coverage, but challenges around business models, siting ...
People, strategy, a strong technology roadmap and new business processes are the key underpinnings of Telstra's digital transformation, COO Robyn ...
Eric Bozich, vice president of products and marketing at CenturyLink, talks about the challenges and opportunities of integrating Level 3 into ...
Epsilon's Mark Daley, director of digital strategy and business development, talks about digital transformation from a wholesale service provider ...
Bill Walker, CenturyLink's director of network architecture, shares his insights on why training isn't enough for IT employees and traditional ...
All Videos
|
On-the-Air Thursdays Digital Audio
Special Huawei Video
Tweet This