Arbor Networks 10 Gig Threat Management System Delivers Threat Detection, Surgical Mitigation for Protection of Critical IP Services
Platform For World’s Leading Managed Security Deployments
June 17, 2008 – Arbor Networks, Inc., a leading provider of secure service control solutions for global business networks, announced today the industry's first 10 Gig distributed denial of service (DDoS) detection and mitigation system that enables application-layer attack protection. The Threat Management System 3100 (TMS) delivers deep packet inspection (DPI) of more than 80 critical IP services and applications running on the network, such as DNS, HTTP, VoIP, IM and P2P, while also delivering application-layer attack detection, surgical mitigation and reporting. This unique combination allows service providers to maintain availability, reduce support costs and optimise current or future business services.
“We spent a great deal of time in this release improving workflow, reporting and developing one-click mitigation capabilities,” said Rob Malan, Arbor’s co-founder and chief technology officer. “First to market with a 10 gig mitigation platform is certainly important, but providers are also looking for scalable, rapid deployment of managed services that are easy to operate and manage. This release addresses the 10 Gig market, while dramatically improving the operational benefits of the overall TMS platform.”
By tightly integrating TMS into the Peakflow SP platform (“Peakflow SP”), Arbor Networks delivers a solution that combines network-wide anomaly detection and traffic engineering with carrier-class threat management that automatically detects and surgically removes only attack traffic while maintaining legitimate business traffic. Additionally, TMS complements Peakflow SP’s other mitigation techniques, including fingerprint sharing, Border Gateway Protocol (BGP) black-hole routing, BGP flow-spec and support for other mitigation technologies.
The Peakflow SP platform offers an industry-unique combination of macro-level (IP flow) and micro-level (deep packet inspection) analysis to address all network security threats. Competitive solutions require operators to log-in to multiple devices to address a single security threat. This creates a cumbersome and inefficient process at a time when split-second decision making is paramount. TMS streamlines operations and speeds reaction time by providing users with a single console and common user interface for thwarting multiple attacks. In addition, TMS can reduce operating expenses through simplified provisioning and uncomplicated ongoing maintenance. As a result, it can provide a much lower total cost of ownership than competitive solutions.
A Platform for Managed Services
“Businesses are reaching out to service providers for help with the DDoS problem,” said Amy Larsen DeCarlo, principal analyst, Internet/Managed Services with Current Analysis. “The sheer size and scope of the DDoS problem puts providers in the best position to identify and mitigate these attacks. Providers are also looking at managed DDoS services as a significant new source of revenue. Arbor has years of experience working with service providers around the world and provides innovative solutions to help its customers quickly and easily roll out these new managed security services.”
Peakflow SP is a strategic investment that enables service providers to leverage the same solution used for infrastructure visibility and security to deliver new, differentiated, revenue-generating managed services, such as MPLS VPN visibility and DDoS protection. More than forty of the world’s leading service providers are utilising the Peakflow SP platform to deploy network-based offerings in an easy and scalable way to protect their enterprise customers’ networks from DDoS and other cyber attacks that disrupt corporate networks and business continuity.
In order to optimise the deployment of these services, a service provider can choose from several TMS models. There are also multiple ways that a TMS device can interface with the network, such as: in-line with fail-safe hardware bypass, BGP off/on ramping, or a SPAN port. In addition, features such as mitigation templates, auto-mitigation, TMS grouping and statistics all ease the provisioning and operation of these managed DDoS services—which ultimately cuts costs and increases profitability.
