IT For CEOs & CFOs
News & Views
Adaptive DDoS defence from NETSCOUT
​
Firms are to get greater protection from Adaptive DDoS attacks after NETSCOUT SYSTEMS Inc (www.netscout.com) launches Adaptive DDoS Protection for its Arbor® Threat Mitigation System (TMS) to dramatically improve detection of distributed attacks that dynamically change vectors and target numerous destination IP addresses at once.
NETSCOUT ASERT, the company’s expert security research and DDoS attack mitigation team, has documented a significant increase in dynamic Distributed Denial-of-Service (DDoS) attacks using multiple vectors and techniques to launch botnet-based, direct-path, state exhaustion, and application-layer attacks designed to evade conventional static network and cloud-only-based DDoS defences. Carpet-bombing attacks have risen by more than 110% and are particularly challenging for SOC teams to mitigate using conventional means as these attacks target large swaths of IP addresses versus a single host and generate hundreds or thousands of alerts per attack.
“Direct path attacks are overtaking reflection/amplification as the most popular DDoS attack vector, and they are increasingly botnet-driven, multi-vector, and dynamically adjusted in real-time,” explains Patrick Donegan, Founder and Principal Analyst, HardenStance. “NETSCOUT knows more about DDoS attacks than any other company. ASERT analyses highly curated data from its ATLAS Intelligence Feed (AIF) and uses ML-based algorithms to recommend changes to attack countermeasures to stop DDoS attacks. Automating this functionality to bring intelligence into its Adaptive DDoS Protection functionality makes Arbor TMS even more compelling in mitigating DDoS attacks.”
“Carpet bombing attacks are one of the most devastating distributed attacks bad actors can initiate since they target large ranges of IP addresses simultaneously, generating thousands of attack alerts that are impossible for SOC teams to manage,” says Scott Iekel-Johnson, AVP, DDoS and Threat Intelligence, NETSCOUT.
“Defending a network requires as much knowledge about your adversary as possible. We have embedded our global threat intelligence and decades of attack mitigation experience into this product. It’s like having an ASERT analyst at your side 24/7. Our Adaptive DDoS Protection finds attacks that other solutions miss through dynamic detection and intelligent redirection to enable Arbor TMS to mitigate DDoS attacks better than any other solution on the market.”
Through Adaptive DDoS Protection, NETSCOUT has introduced a new way to understand DDoS traffic at the network level across all subnets to detect and report on carpet bombing attacks in one, easy-to-understand alert.