Following the sophisticated and highly distributed attack involving tens of millions of IP addresses this past week, the concept of DDoS protection is on the forefront of network administrators and operator’s minds alike. While the nature and source of the attack is under investigation, understanding what can be done to prevent and mitigate future attacks is of utmost importance. Fortuitously, several months ago, we scheduled a Cisco Knowledge Network for this very topic: DDoS Protection for the Network.
The distributed nature and complexity of these attacks is only increasing as the Internet of Things becomes a reality. Service and web providers with the Cisco ASR 9000 in their network have the opportunity to offer services for protecting against DDoS attacks, which is especially important given the scale and target of recent DDoS attacks shifting the focus to protection for core network infrastructure and services. With the Cisco ASR 9000 vDDoS protection powered by Arbor Networks, service providers can offer customers, including existing DDoS mitigation and protection firms greater scale and agility for handling much larger attacks concurrently.
There is not much network operators can do today to stem the deluge of internet connected devices and multi-vector attacks enslaved by hacks like botnets. Poorly secured Internet based devices like security cameras, digital video recorders (DVRs) and consumer routers are a fact of life for the era of IoT. Having a resilient network infrastructure capable of handling large scale DDoS attacks becomes a valuable service for end users and a potential new revenue generating service for customers.