Automated DDoS Protection Hardware Fills a Gap in Network Security

Sean Newman
By | July 28, 2016

Posted in: Network Security Trends

Organizations can be overwhelmed with a constantly evolving cyber threat landscape. There is no shortage of threats, but there is a shortage of trained IT security personnel to guard against them. In particular, the UK, US and Canada are experiencing a shortage of network engineering professionals who have distributed denial of service (DDoS) mitigation skills, according to SC Magazine:

It is believed that the demand for network engineers with DDoS expertise is growing due to the rise of volumetric attacks on organisations. Whether they build or outsource their DDoS mitigation, organisations require a specialised resource in their IT departments to focus on internal solutions or actively manage vendors.

Indeed, DDoS is a growing threat, and it’s one that traditional/legacy DDoS mitigation solutions don’t handle as effectively anymore. Legacy solutions, such as centralized scrubbing services, rely too heavily on high thresholds and human intervention (that is, if you can even find network security engineers to fill those positions). Fortunately, a new generation of DDoS protection hardware is available which requires little to no intervention from onsite specialist security engineers.

Automation Reduces Errors

DDoS attacks are increasing in complexity and frequency. They are decreasingly the large, volumetric, attacks that catch the eye of IT security staff (Corero research shows that 93% of attacks are under 1 Gbps). Hackers have become more sophisticated in their techniques by launching specially crafted low-level, multi-vector, attacks that evade traditional scrubbing solutions. Unlike an automated DDoS protection solution, human security agents are seldom able to detect granular, lower-level DDoS attacks that; 1) drag down network performance and 2) create smokescreens for attackers to access critical information without being spotted.

Humans make errors, or can’t react fast enough, whereas Corero’s DDoS protection hardware (SmartWall® Threat Defense System) is highly automated, catching close to 100% of volumetric DDoS attacks, before they enter your network. For organizations that are short-staffed in their IT security departments, Corero technology offers the following significant benefits:

  • Does not require the complex deployment of traditional DDoS protection solutions;
  • Delivers largely automated protection; it’s an always-on solution with no manual intervention required to detect and mitigate the majority of DDoS attacks;
  • Can be fully managed by SecureWatch®, a Corero service which combines state-of-the-art monitoring and reporting technology, along with highly experienced engineers, to support customers before, during and after an attack.

Stephen Clark, Director of IP Networks at Block Communications Commercial Telecommunications, reported that Corero’s automation feature is something that no other vendor offered:

"We specifically value the automated attack mitigation functionality. Corero’s Security Operations Center monitors conditions for us and responds accordingly. Our team monitors traffic but we don’t have to worry about it. We set it and forget it.”

In general, IT security staff welcome the SmartWall approach because it gives them more time to detect and mitigate other cyber threats.

To learn more, contact us.

You May Also Be Interested In: