Financial Times - Diverting Dangerous Traffic
Financial Times - Diverting Dangerous TrafficWed, Jul 11th, 2007
By Jessica Twentyman
When it comes to dealing with denial of service (DoS) attacks, Adrian
Asher is an expert. As head of security at online gaming company
BetFair, he has successfully thwarted numerous attempts to bring down
the companys website with the vast floods of bogus traffic associated
with DoS attacks but the cost of that achievement, he says, has been
considerable.
We've invested huge amounts in security and availability, in everything
we need to ensure that uptime for our site is as close to 100 per cent
as possible, he says. We've got multiple levels of firewall, enormous
amounts of network bandwidth and numerous highly specialised devices
designed to alert us to, and protect us from, denial of service attacks.
Mr Asher also has a huge team of in-house security specialists at his
disposal, who spend their working lives analysing internet traffic,
identifying deviations from the norm and dealing with them immediately.
While he declines to say exactly how many people are in that team, he
claims that it is bigger than IT security teams at some of the big
banks he has worked at in the past.
Given that BetFairs site handles 5m bets each day and eager gamblers
deposit around L2,000 of funds on the site every minute, its enthusiasm
for DoS protection is hardly surprising. Any period of downtime would
cost the company dearly. But plenty of other organisations do not have
the resources in-house to protect themselves so comprehensively, as
evidenced in recent months by successful DoS attacks on the London
Stock Exchange, the Telegraph newspaper and a host of commercial and
government websites in Estonia.
One answer is to engage the services of a specialist DoS mitigation
service, such as that provided by Prolexic. Customers that use
Prolexics services have all their internet traffic diverted through one
of the company's four, heavily fortified data centres worldwide: two in
the US (Arizona and Florida), one in London, and one in the Philippines.
At these centres, we monitor and filter traffic flows and remove all
threats, including the largest and most destructive DoS attacks known
to the internet, before they ever reach the customers network
infrastructure, explains Prolexic CEO Darren Rennick.
The traffic that's delivered back to the customer is purified and
threat-free and the whole process is transparent to both the customer
and its website visitors.
In this way, says Mr Rennick, companies are able to tap into a wealth
of expertise and infrastructure dedicated to dealing with DoS attacks
that would otherwise be beyond their reach.
There are two ways customers can use services such as that offered by
Prolexic. Some opt for an always-on service, where internet traffic is
permanently diverted through a services data centre for a monthly
subscription charge. Prolexic fees for that start at $7,500 a month,
but can be as much as $50,000, depending on the amount of traffic that
the customer is asking to have cleansed and the complexity of its
computing environment.
Others, naturally, only turn to outside help once they find themselves
under attack. These customers would face an emergency response charge
to switch the service on, which ranges from $10,000 to $40,000 at
Prolexic. They are then tied in to paying the monthly subscription fee
for 12 months.
For some companies, however, that option may still be too costly. If
thats the case, the best line of defence is to have a really great
relationship with your companys ISP [internet service provider], says
Jose Nazario, senior security researcher at Arbor Networks.
A specialist in denial of service mitigation products (along with
companies including Cisco, Mazu Networks and Radware), Arbor Networks
sells to some of the worlds largest companies, but also counts 70 per
cent of the worlds ISPs among its customers, enabling them to offer DoS
protection and mitigation to their enterprise clients directly.
Have the right phone numbers at hand so you know who to call at the ISP
when an attack strikes, or even better, sit down now with its security
specialists to discuss how they can help you take preventative
measures, he advises.
The DoS services offered by ISPs vary dramatically in maturity, cost,
and according to some, effectiveness. But if a company is not able to
protect itself from denial of services attacks with its own resources,
then it simply has to work with an ISP it feels confident with, says Dr
Nazario.
Like a crowd of protesters that clog the entrance to your building, a
denial of service attack can descend quite suddenly and without
warning. Your priority is to push that crowd back a few blocks down the
street, so that legitimate customers can come and go freely.
Thats exactly what your ISP can do for you, it can hold back the bad
traffic so that normal business is not impacted. It just makes good
business sense to take advantage of that capability, he says.
Copyright The Financial Times Limited 2007
About Prolexic:
Prolexic Technologies provides cutting edge solutions that protect
Internet operations from the debilitating service disruptions caused by
DDoS attacks. Prolexic's patent-pending Clean Pipe Virtual Transport(R)
network offers solutions that keep its clients' Internet-facing
infrastructures free of DDoS traffic. Without making major adjustments
or multimillion-dollar investments in their existing hardware
infrastructures, Prolexic's customers rest assured that their network
borders are secure and can thus focus on what is really important:
their businesses. More information about Prolexic is available at
www.prolexic.com
|
|
 |
|
“The only suggestion from our carriers was to purchase more bandwidth, as well as DDoS mitigation hardware. From our research this would not only cost us a fortune, but would not defend us or our clients against certain types of attack. We chose Prolexic.”
Bujar Musa, President
Ipko
|
