Arbor Networks has branched out into services, offering Arbor Cloud DDoS protection service – a global DDoS cleaning service which works in conjunction with on-premise Arbor Pravail equipment to provide multi-layered defence.
Nick Race, Arbor Networks Auckland-based ANZ country manager, says the offering 'provides a one-stop shop for customers who want protection from the complete suite of DDoS attack vectors'.
“These days the bad guys are getting more sophisticated and they are doing multi-vectored attacks," Race says.
"We have found [in the Wall Street financial attacks over the last 12 months] that the attacks were first of all, volumetric in nature, meaning they were flooding them with 60 gigabits of attack traffic, but also wrapped up in that was some very sneaky application layer attacks that were taking out specific parts of the bank's infrastructure – whether it be security devices like firewalls or IPS', or even the actual web servers themselves.
“The way to defend against that is to have a multi-layered defence strategy so it works not only having on-premise equipment but also having stuff up in the cloud, either in the telcos themselves or in the case of Arbor Cloud, coming specifically to Arbor as well.”
Race says Pravail can provide application layer protection and defence against DDoS attacks up until the Internet pipe starts to get full.
“Then there's nothing you can do on-premise, so you need to get help," he says. "We have a cry for help feature, cloud signalling, that goes up into the cloud and asks either their telco or Arbor Cloud to take over.”
Race says the cloud offering can provide a third layer of defence, with on-premise; domestic cleaning using local telcos; and then excess capacity via Arbor Cloud.
“At the end of the day, New Zealand is an island with limited badwidth into the country, so with the best will in the world, if the internet pipes are full into the country there's not much the local telcos can do. So they can use [Arbor Cloud] as an excess capacity model as well.”
Race says any attacks will be steered into nearest cleaning centre – with centres based on the East and West coasts of America, Amsterdam and Singapore. The data is cleaned and then 'good traffic' is delivered back to the customer.
He notes that 99% of attacks in New Zealand are sourced from overseas, and the country is 'a little bit more prone to attacks than the rest of the world'.
Statistics gathered from Arbor's Active Threat Analysis System (Atlas), which gathers anonymous information from 300 telcos globally, shows the average attack size internationally is about two gigabits/sec. “But here in New Zealand the average is actually about 2.4 gigabits/sec.”
He attributes the increased size locally in part to political incidents where Anonymous has been active in the country.
Race says channel partners will play a critical role in bringing both the service provider and enterprise solutions to market, and the company is on the lookout for new partners.
“We would definitely look to partner with some of our existing partners, for sure, but there are opportunities for new channel partners to take both the products and the services to market.”
He anticipates Arbor Cloud having 'a handful to maybe a dozen' New Zealand resellers. “And it comes down to their relationships with end customers,” he adds.
Race says the key target markets for DDoS are people who have online revenue at risk, such as financial institutions; those who have online reputation at risk, like governments; and those in the online gaming industry.
“Any partners who specialise in those verticals would be appropriate.”
Arbor is distributed in New Zealand by Observatory Crest.