Austin, Texas welcomed the Big Communications Event last week, a gathering of over one thousand experts in the telecoms and communications industry, and the technology vendors that serve them.
The core agenda items for the 12th year of the event (formally known as the Big Telco Event) were virtualization, open source, New IP, Internet of Things (IoT), 5G and telco cloud; one recurring theme heard in various breakout and panel sessions was cyber security; i.e., securing the provider network and protecting downstream customers from cyber threats.
Network Security a Hot Topic
This subject of cyber security was especially prevalent across the trio of panel sessions moderated by Patrick Donegan, Chief Analyst at Heavy Reading. The track titled “Network Security: Service Provider Network Security Strategies” kicked off the series of security-focused sessions with a discussion around defining the network perimeter and what that means, both from the service provider perspective of Level3 and the panel of technology and solution innovators. There was much discussion about the definition of the network perimeter, and the best approach to securing it.
Corero’s Chief Operating Officer, Dave Larson, addressed the need for stronger controls and mandates around a more difficult perimeter to control: the IOT. The billions of IoT devices out in the world—along with the lack of controls and patch management—create a breeding for cyber threat activity; especially Distributed Denial of Service (DDoS) attacks. Also heavily debated during this panel session was the reality that sub-saturating, short duration DDoS attacks are becoming more common, more damaging, and more difficult than ever to defeat with legacy DDoS mitigation solutions.
Because hackers have more and more opportunities, techniques and tools to execute DDoS attacks, the panel unanimously agreed that providers must evolve with the threat landscape and further protect their network edge, and that of their customers. This line of thinking and discussion spilled over into the next security panel, “Delivering Security Services to Enterprises & Consumers in the Cloud Era.”
DDoS Protection at the Network Edge
The days where providers were worried only about protecting their own network are a distant memory. As enterprises demand more from their upstream providers in the form of security services, everyone was on board with the concept of DDoS protection at the source. Providers are enabled more than ever before to offer the managed security services that their customers demand.
Many believe there are various ways to accomplish this, but the Corero recommendation is clear. In our experience, sub-saturating attacks are best handled by deploying a DDoS protection appliance at the network edge. Such protection detects and mitigates attacks in real-time, without disrupting the flow of good traffic. Attacks are removed instantaneously without seeping deeper into the network and requiring backhaul operations or on- and off-ramping of traffic. The inline nature of this protection also provides unmatched real-time detection and reporting of attacks, to deliver valuable insights into the nature of the attack. With this approach, providers can offer premium services based on a variety of protection models to best suit the needs of each customer.
All in all, it was a great few days at the Big Communications Event, and we look forward to continuing the conversation with telecoms interested in implementing next-generation DDoS protection.
If you’d like to learn more, contact us today!