Service Providers Increasingly Turn to DDoS Protection as a Service


More than ever, organizations must ensure their web services are always available, to serve their employees, business partners and customers. Even 99% service availability is no longer good enough; after all, 1% of one year is three whole days. Who can afford to have three days of downtime or disrupted network performance, even if it is spread out over time? Business continuity increasingly depends upon Internet service availability, especially in industries where transactions are time-sensitive, such as retail, financial services, or gaming.

Distributed Denial of Service (DDoS) attacks are some of the most common threats to service availability and performance. And, a DDoS attack need not be massive to cause application or service performance issues; indeed, malicious actors often launch stealthy attacks that are intended to degrade performance, yet escape the attention of security analysts. With the increasing global deployment of IoT, 5G and Edge technologies, malicious botnets capable of launching damaging DDoS attacks, for the cost of just a few tens of dollars, are proliferating. And, these botnets are now increasingly armed with sophisticated, multi-vector, attack tools capable of evading all but the latest generation of always-on, real-time, protection solutions.

How can organizations protect their networks?

Historically, the burden of blocking DDoS traffic has fallen on individual organizations connecting to the Internet and depended on their requirements around availability.  This is not so bad if you’re a larger organization looking for the highest levels of business continuity and have a dedicated security team able to deploy and operate a DDoS protection solution.  However, in this era of everything-as-a-service, many organizations don’t have the desire, or the resources available, to operate such protection themselves. So, they look outside their organization to cloud services and Managed Security Service Providers, but they should also look upstream to their Internet Service Providers or Hosting Providers. Increasingly, organizations are now able to outsource their DDoS protection to a Provider; either their existing one or, another they can readily switch to. Ultimately, this saves them time and money, and delivers a service able to defend against even the largest, saturating, attacks: no hardware, software, or staff time required.

The Challenge for Service Providers

Service providers are highly motivated to keep junk DDoS traffic out of their networks, and ensure that their downstream customers aren’t impacted. The better their protection service, the less they have to worry about penalties for not meeting their Service Level Agreements (SLA) for availability. Furthermore, the more effective and cost-efficient they make DDoS protection for their customers, the easier it is to retain current customers and acquire new ones.

DDoS Protection as a Service

In recent years, many Providers have begun delivering advanced DDoS protection as a Service to their customers, with an easily digestible economic model: as a free value-add service, or for an affordable monthly fee. This not only adds a layer of defense for the Service Provider’s infrastructure, which can help delay the need for expensive capacity upgrades, it gives them a competitive advantage in the marketplace, with a new service offering to generate incremental revenue. Furthermore, it’s an attractive business model for the Service Providers, with real-time always-on, automated DDoS protection available as a regular CAPEX purchase, with annual support, or as a fully subscription-based monthly OPEX model.

How DDoS Protection as a Service Works

Service Providers can deploy always-on DDoS protection at their own perimeter or, in some cases, obtain it as a service from their upstream provider. In this way, bad traffic is surgically filtered out closer to the source, avoiding the need to use service-disrupting blackholes to block attacks. In light of the variety of implementation choices, and the fact that many of their customers expect DDoS protection, it makes sense for Service Providers to defend their networks and their customers’ networks from the threat of DDoS.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here.  If you’d like to learn more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.