Distributed Denial of Service (DDoS) attacks are designed to knock websites, applications, services and businesses offline. They are the modern day equivalent of besieging premises with a mob intent on allowing nobody in or out. While some may think that they are just an inconvenience, they have become a major tool in the cyber criminals arsenal. It is not just the criminal fraternity using them, Hacktivists and even competitors are using them to cause significant damage to companies.
At CeBIT, Edwin Diender, CTO, Switch and Enterprise Communications Solutions announced that Huawei was releasing its own Next Generation Anti-DDoS solution. The hardware appliance is capable of handling 1.44Tbps of traffic which means that even the biggest DDoS attack recorded which was under 1Tbps would be easily handled by this appliance.
Diender claims that the device can identify over 100 different variants of DDoS attacks in under two seconds and that it is the fastest device on the market today. The appliance uses a series of plug-in cards, each of which has four CPUs and is capable of dealing with 160Gbps of traffic. There is room for a total of nine cards which makes up the claim of 1.44Tbps of capability but beyond this, Diender gave no detailed technical details.
The business and financial penalties associated with DDoS go far beyond the impact of a successful attack. ISPs admit that they can suffer a massive level of churn from customers, as much as 33 per cent for some ISPs. There is also the need to increase management tools and employ skilled and scarce network staff with 81 per cent of ISPs interviewed in a recent study claiming it increased their overall OPEX.
Perhaps the most interesting part of this announcement is that Huawei is not planning to create a separate security division to rival HP, IBM, Symantec, Kaspersky and others. It is building its own security research team and its own Security Intelligence Centre. While this will eventually put it into contention with IBM and others for the time being it is partnering with companies with key security skills.
As part of this announcement, Diender brought Frank IP, VP, Black Lotus on stage as the first company to buy and deploy the anti-DDoS appliance. IP told the audience that the largest DDoS attack that Black Lotus faced last year was 421Gbps. To put that in context he likened it to 60,000 4k movies streaming simultaneously across a corporate network.
One of the reasons that Black Lotus announced in December last year it was planning to partner with Huawei is that it needed new solutions to counter the level of threat it encounters in the market. Last year alone, IP claimed that Black Lotus was dealing with the equivalent of one attack every 30 seconds and mitigated a staggering 1.13 billion attacks in 2014. IP does not expect 2015 to be any easier.
The main cause of the attacks is automated botnets, and as the number of infected machines rise and the cost of botnets continues to fall, DDoS attacks will continue to increase. To continue to counter this rise in attacks, Black Lotus has deployed and tested the new Huawei anti-DDoS appliance. IP now believes that Black Lotus and Huawei are capable of not just detecting the increased number and size of attacks but also able to clean up the network traffic with customers not realising that they are under attack.
Black Lotus currently has two data centres in the US and one in Amsterdam. According to IP, with this solution Black Lotus can now block any US-based attack on a European company as well as defend in region. What IP didn't do was talk about how it would expand its capability into Asia. With Huawei keen to look at its own cloud capability, it seems a possibility that Huawei and Black Lotus may well extend their December announcement and look at joint ventures in Asia.