Comments
Michelle
12/28/2016 10:19:20 AM
User Rank Platinum
Opportunity for growth
It sounds like there are a lot of parts available to develop useful DDoS protection, but there's still a long way to go. Real-time monitoring, analytics, and big data alone are great for different things. I hope to see a comprehensive and cost-effective solution in the near future. The looming threat of DDoS seems enough to spur rapid development in this area.
JohnBarnes
12/28/2016 3:00:19 PM
User Rank Platinum
Re: Opportunity for growth
The first order problem is just to have the capability to shut off traffic that doesn't look enough like expected traffic, and the big data algorithms for doing that do exist now. The harder but important step is to shut off the DDoS component of an unprecedented traffic surge -- and that is coming but not yet here.
Re: Opportunity for growth
You're right. It's fairly trivial to detect and automate the dropping of attack traffic headed to a particular destination IP address today, without needing any sort of appliance. However, to scrub attack traffic that is mixed in with legitimate traffic requires deep packet inspection and the economics of that are still favorable to ASIC-based devices.
Re: Opportunity for growth
You're right. It's fairly trivial to detect and automate the dropping of attack traffic headed to a particular destination IP address today, without needing any sort of appliance. However, to scrub attack traffic that is mixed in with legitimate traffic requires deep packet inspection and the economics of that are still favorable to ASIC-based devices.
dcawrey
12/28/2016 4:39:07 PM
User Rank Platinum
Re: Opportunity for growth
DDoS are really annoying for businesses. I'm happy to see that there are now better solutions on the market, but there's still a lot of room to grow and improve in this area. Most organizations could care less about DDoS attacks. Until it happens to them, then they care a lot!
Michelle
12/28/2016 4:46:57 PM
User Rank Platinum
Re: Opportunity for growth
@DC Yes - many businesses think little of the potential for DDoS or blended attacks that require ransom payment to end an attack until it happens to them. Attacks happen to businesses of all sizes so it's crazy to think some businesses care so little about the potential. I suppose some don't have resources to fight off attacks in the first place...
afwriter
12/28/2016 11:45:24 PM
User Rank Platinum
Re: Opportunity for growth
Let's not forget that it trickles down to the consumer too. The last big DDoS attack was annoying for businesses but it made a lot of us mad that we couldn't go about our daily routines.
Michelle
12/29/2016 10:16:46 AM
User Rank Platinum
Re: Opportunity for growth
@af This is true. There was no checking twitter for updates in many areas... It was really interesting to watch the news updates of the attack in progress (however frustrating).
dcawrey
12/29/2016 7:14:23 PM
User Rank Platinum
Re: Opportunity for growth
@afwriter The consumer is always the last to know in these situations, and the bottom line is if these attacks hit businesses, customers are always affected. The problem is, they often don't even know it.
freehe
12/29/2016 10:10:55 PM
User Rank Platinum
Re: Opportunity for growth
@dcawrey, that is true, customers are the last to know and companies don't want to notify customers to scare them and create a surge in customer service calls or complaints. In these instances, social media is your friend when reporting issues. You get a much faster response.
Luckily for me working in IT Security during my career, I can sense when an attack is happening because the app, product or service being used starts slowing down or performs is a weird or different manner.
freehe
12/29/2016 10:18:52 PM
User Rank Platinum
freehe
12/29/2016 10:21:06 PM
User Rank Platinum
DDOS protection updates
This is a good example of the need for collaborations, partnerships, forums, and standardization in the security industry. There are security standards but they are not enforced.
Companies should be heavily fined when a security breach occurs at their company especially those that affect customers.
Re: DDOS protection updates
@freehe:
It must be accepted that there are gaps in security. All we see and hear is companies are working long and hard in enhancing their model. But you made a good point about enforcing standards and penalizing companies that end up with breaches when that impacts customers. Something lik ethis must be enforced to see and bring change.
Good points as always !
Re: DDOS protection
Good article and thanks for sharing. But I don't underatnd the reason behind relaxation while on the other end there are so many things that are being fixed for a security failure.
Am i missing something here?
dcawrey
12/30/2016 6:21:26 PM
User Rank Platinum
Re: Opportunity for growth
@freehe In this day and age it seems companies would rather keep these attacks under wraps if they can. We've seen this play out with larger companies where we don't hear about the issue months or even years later.
Re: Opportunity for growth
@dcawrey, Agreed. the lack of awareness from a consumer point of view is major impediment to broader internet hygiene. If folks knew that by leaving their default passwords enabled on their internet gateways, home security systems, etc, they are enabling massive DDoS attacks that actually hurt them (however indirectlly), then they might change their habits. Sadly, the awareness isn't there, but the pain is.
Re: Opportunity for growth
VPMarket82343,
Given how many people are lax about basic health and safety behavior (and that neglect could and does make them sick, get them hurt, and now and then kills them), is there any hope we'll ever improve much with things like maintaining password security?
JohnBarnes
12/28/2016 11:01:21 PM
User Rank Platinum
Re: Opportunity for growth
Well, it's coming. A DDoS on a site that is just sitting there minding its own business only requires training so that the algorithm can recognize "unusual" traffic and quickly develop a list of traits that occur in the unusual traffic in high volumes. That's beginner stuff in machine learning and NLP. But a DDoS against a site that is retaliation or an attempt to silence it for saying something that is popular -- that's a really tough problem, because you can't just say "anything that we weren't seeing last week is suspicious"-- that would cut off exactly the traffic you wanted to gain (essentially it's a baby AND bathwater detector/discarder). So software that can quickly learn the baby-bathwater distinction and apply it -- without needing too much human coaching and intervention because there won't be time -- is going to require some very, very shrewd designs in machine learning. It can be done, but it won't be easy and it won't be next week.
Re: Opportunity for growth
For volumetric attacks, it's possible to get fairly accurate detection today, by using big data to perform the baselining. When you're using a limited amount of computing/memory/storage to do detection, you run into to major problems with intelligent baselining:
1. Network-wide data can be too much to scan quickly. A system that is running on a quad core CPU for example, with N GB of memory, can't do intelligent baselining on a network that is running a good volume of traffic. A single router can easily generate thousands of traffic flow telemetry records per second, which on a daily basis can add up to billions of records. If you have multiple routers, it becomes an overwhelming amount of data. As a result, single server detection approaches have to segment the network data into different tables and perform baselining on a router by router basis. Obviously, that creates alot of data gaps.
2. Static configurations. Network traffic patterns changes organically over time. One of the major problems with most baselining schemes is that they don't actually adapt, so you set a list of servers for example to monitor, but what if patterns change or a new server is added, and you don't adjust your monitoring list? Ideally, network operators/engineers adjust everything in real time to changing conditions but we know that's now how life works. As result, alot fo traffic that should be baselined doesn't get baselined, so you're missing the basis to judge whether new traffic is an attack or not.
Big data doesn't have those constraints. Scale-out storage and tons of memory across tons of computing nodes mean that the system can baseline network-wide data and also has enough compute capacity to automatically adapt baselining to include nodes that exhibit higher levels of traffic for any reason. Just these changes increase accuracy a ton.
Re: Opportunity for growth
VPMarket82343,
Interesting point. So although the difference between an attack and a traffic gain is detectable in big data, we still need humans to see the difference? Or do we just need them to train the ML algorithms? Or both?
Re: Opportunity for growth
Happy 2017 @JohnBarnes et. al.
If it was up to the "Google"/"Amazon" et. al, it seems to me that they would not see a need for humans--Will humans stay relevant? That's the ultimate question here--and I for me have profound concerns about the answer as all know by now.
freehe
12/29/2016 10:07:19 PM
User Rank Platinum
Re: Opportunity for growth
@dcawrey, I totally agree. I worked on an IT security team and they were not concerned about a DDOS attack until it happened then they spent the next six months implemented just basic security measures, as if those would prevent it from happening again. Sigh!
Michelle
12/31/2016 4:13:16 PM
User Rank Platinum
Re: Opportunity for growth
@freehe That's really unfortunate (and might be really common). I can imagine smaller companies reacting this way.
Re: Opportunity for growth
Wow, that is hard to belive that basic security is being used for IOT. That surely is a compromise and risk.
Re: Opportunity for growth
Most organizations could care less about DDoS attacks. Until it happens to them, then they care a lot!
If so I have to say that companies are not doing the right thing. It is risky if they don't care about DDoS attack till it happens to them. That's only to find out that it is little too late to react.
Re: Opportunity for growth
Agreed. DDoS should be considered a major part of a continuity plan if a business relies haveily on the Internet for commerce or productivity for sure--too many businesses don't approach DDoS in a proactive, planned way.
freehe
12/29/2016 10:05:35 PM
User Rank Platinum
Re: Opportunity for growth
@Michelle, I agree, that is still much work to be done regarding DDOS protection.
Michelle
12/30/2016 12:18:00 PM
User Rank Platinum
Re: Opportunity for growth
@freehe Do you think we'll see a solution in the next 2-3 years or sooner? I think companies will need worthwhile solutions sooner rather than later.
Re: Opportunity for growth
Agree that companies need a solution soon. But not very positive about getting one in 2-3 years.
Re: Opportunity for growth
@Michelle:
You have explained very well about DDOS protection components. Agree with you that there is more to be done.
Re: Opportunity for growth
There is a major shift happenning as more DDoS protection options are available in the cloud, which means that deploying is much easier and can be done on an Opex versus solely a Capex basis.
For example, it's certainly possible now to get cloud-based detection that will, upon detecting an attack on a destiation IP address, automate a remote triggered black hole (BGP routing traffic to a "null" interface). For residential broadband providers, that's a very feasible solution to many of the attacks they see coming through their networks, because perhaps 40% of all DDoS attacks are gamer on gamer so they're relatively easy to isolate.
Obviously, there are more sophisticated mitigation appliances and more cloud-based mitigation services that are giving businesses more options.
clrmoney
12/28/2016 10:42:53 AM
User Rank Platinum
DDos Data
DDoS is offering security and the data information for homes etc. so I think that customers and companies should have because have the necessary technologies for everyone.
srufolo1
12/31/2016 10:37:35 PM
User Rank Platinum
Big Data DDoS Protection
Enterprises should be vigilant about DDoS threats. It's important that threats should be detected before they wreak havoc and if an attack does occur, there should be a plan in place on how to effectively deal with it. Not enough companies are taking necessary precautions.
|
|
Italy's 5G auction could exceed a government target of raising €2.5 billion ($2.9 billion) after attracting interest from companies outside the mobile market.
The emerging-markets operator is focusing on the humdrum business of connectivity and keeping quiet about some of its ill-fated 'digitalization' efforts.
Three UK has picked Huawei over existing radio access network suppliers Nokia and Samsung to build its 5G network.
Vendor says that it's its biggest 5G deal to date.
Verizon skates where the puck is going by waiting for standards-based 5G devices to launch its mobile service in 2019.
Orange has been one of the leading proponents of SDN and NFV. In this Telco Transformation radio show, Orange's John Isch provides some perspective on his company's NFV/SDN journey.
10/16/2017
Huawei Network Transformation Seminar
The adoption of virtualization technology and cloud architectures by telecom network operators is now well underway but there is still a long way to go before the transition to an era of Network Functions Cloudification (NFC) is complete.
The Small Cell Forum's CEO Sue Monahan says that small cells will be crucial for indoor 5G coverage, but challenges around business models, siting ...
People, strategy, a strong technology roadmap and new business processes are the key underpinnings of Telstra's digital transformation, COO Robyn ...
Eric Bozich, vice president of products and marketing at CenturyLink, talks about the challenges and opportunities of integrating Level 3 into ...
Epsilon's Mark Daley, director of digital strategy and business development, talks about digital transformation from a wholesale service provider ...
Bill Walker, CenturyLink's director of network architecture, shares his insights on why training isn't enough for IT employees and traditional ...
All Videos
|
On-the-Air Thursdays Digital Audio
Special Huawei Video
Tweet This