The recent State of the Internet/Security Report from Akamai shows that the number of Distributed Denial of Service (DDoS) attacks continues to increase—rising 14% over last year. This might not seem like a huge change, but it is on top of the remarkable year-over-year increase of 71% that was reported the previous year, so clearly the threat is not going away. In fact, increasing frequency only tells part of the story—these assaults are also becoming more and more sophisticated.
DDoS attacks can be enormously disruptive, knocking websites offline, bringing business to a halt, and diverting resources from other areas to counteract the assault and deal with the aftermath. Unfortunately, DDoS attacks are also incredibly easy—and relatively inexpensive—to launch. Some nefarious players have even gone so far as to set up DDoS-as-a-Service operations.
To help our Service Provider and large enterprise customers counteract these all-too-prevalent threats, F5 is partnering with Flowmon Networks, a highly regarded vendor of advanced monitoring and security solutions for network infrastructures.
A joint solution integrates Flowmon DDoS Defender™ and F5 DDoS Hybrid Defender™ (DHD) to deliver a powerful set of capabilities to customers. DDoS Defender learns and observes network traffic to detect violations and anomalies; then, when a DDoS attack is detected, it notifies and triggers DDoS Hybrid Defender. At that point, DHD automatically scales to shut down the high-capacity attack before it can overwhelm load balancers, firewalls, or even the entire network.
Throughout the attack, DHD incorporates a high degree of automation to immediately invoke mitigation capabilities, alert security admins, and configure or adjust DDoS thresholds as traffic patterns change—all without affecting legitimate traffic. And while automation is critical to implementing a speedy and comprehensive response, it is also an important piece of the cost-savings that our joint solution delivers: When DDoS Defender and DHD are doing their thing, an organization’s other resources (people, but also infrastructure and compute resources) can remain focused on driving value for the business.
The tight interaction between our two solutions creates a complex detection and mitigation ecosystem that requires seamless cooperation between Flowmon and F5. In delivering that seamless integration, we give our customers the fastest automated DDoS mitigation available, and we do it for significantly less cost than outdated competitive alternatives. The solution also supports F5’s BIG-IP Advanced Firewall Manager (AFM) as well.
While the joint solution was initially designed for Service Providers, which are typically responsible for protecting high-speed networks and mitigating DDoS attacks across multiple peering/transit links, it is quickly becoming popular with some large enterprise customers as well. It is the enterprise, after all, that is typically the primary DDoS target—and this joint solution enables a concerned organization to cost-effectively take control of its own security.