Companies are under attack from an increasing variety of complex cyber threats. These include a new wave of DDoS attacks that are multi-vector (i.e., they combine flood attacks with Layer 7). Because tactics and vectors change during attacks, it becomes exceedingly difficult to mitigate using a single line of defense.
Current solutions cobble together disparate pieces of DDoS protection and burden the customer with maintaining overall responsibility for security. Unfortunately, the results are less than efficient and the operational overhead is less than desirable. Moreover, there’s a lack of open standards in DDoS mitigation, which encourages proprietary vendor lock-in by not offering a standard way for multi-vendor solutions to integrate tightly.
What’s needed, rather, is an agile response to a complex attack; a tightly coupled, coordinated mitigation across on-premise and the cloud; seamless redirection to the cloud based on local risk assessment; and fast mitigation response without operational involvement. To this end, Juniper has announced an alliance with Verisign to jointly deliver a hybrid DDoS solution that pushes past traditional solutions, and whereby the two companies plan to collaborate on defining and promoting an open standards platform for DDoS mitigation.
The combined Juniper/Verisign solution:
- Offers real-time adaptive mitigation against the broadest DDoS attack vectors – zero day, known and unknown – across Layer 3 to Layer 7.
- Delivers a security response at the speed of the threat thanks to its on-premise and cloud platform.
- Monitors application health at Layer 7, and blends a heuristics approach on premise at the data center with a signature and filtering approach in the cloud.
- Layers protective technologies for increased protection against the broadest attack vectors.
- Is designed to require minimum operational involvement.
- Will provide joint collaboration on standards-driven interoperability between on-premise DDoS mitigation devices and cloud DDoS services.
The hybrid solution will enable real-time adaptive mitigation against both known and unknown attacks. It will be able to detect and mitigate zero-day threats and large-scale attacks that exceed the capacity of the victim’s network to help businesses of all types and sizes stay secure, stable and available. Specifically, this hybrid solution has the ability to very quickly detect an attack, and then allow the attack to be moved to Verisign’s scrubbing/filtering resource outside of the data center due to the potential of the attack to overwhelm customer network capacity.
At a time when customers seek comprehensive security and safety from cyber threats, this solution delivers on the key requirements and comes none too soon for the vast majority.
Say hello to a better, safer hybrid.