Posted by: Robert Westervelt
DDoS protection, VeriSign
VeriSign has entered into the DDoS protection market, hoping the latest spate of DDoS attacks have raised enough concern among companies that they are shopping for solutions.
The firm is using the word “cloud” to describe their DDoS service since it filters network traffic in one of VeriSign’s data centers before it reaches the company network. It entered the market for DDoS protection earlier this year but is announcing a monitoring-only service this week.
From the company announcement:
DDoS attacks have become a serious threat to enterprise online business continuity. What has traditionally been managed as an incremental part of bandwidth provisioning and cost has now evolved into a threat of growing scale and sophistication that warrants a dedicated review and mitigation approach.
After talking to experts about this during the last round of attacks aimed at South Korean and some U.S.-based websites DDoS attacks don’t appear to be increasing in sophistication and certainly don’t seem to be causing great concern among ISPs and network service providers that partner with Cisco, TippingPoint, Arbor Networks and others. Most enterprises either rely on ISPs or network service providers or if they’re big enough, they’ll partner with Cisco and others to install an appliances to detect and weed out bad traffic.
For example, the DDoS attacks against U.S. federal agencies and South Korea sites were aimed at top level domains, bringing down the agency home page. It did not disrupt business and processes in place to protect against DDoS mitigated the threat, filtering out or throttling down the suspected nefarious traffic before it could cause any major disruptions.
Jose Nazario, a noted botnet and DDoS expert with Arbor Networks went as far as to call the attacks a nuisance.
“This attack is requesting [Web] pages and content that is easily obtainable. The attacks are trivial to detect and trivial to thwart.”
Of course the attacks are a serious threat to online retailers and social networks which depend solely on website up-time for business. VeriSign quotes a Forrester Research survey which found that 74% of companies have experienced a DDoS attack of some kind. And 75% are overprovisioning their bandwidth to handle attacks. My guess is the overprovisioning is a standard method used in addition to DDoS protection for ecommerce sites not willing to risk downtime.
A great example of the type of customer VeriSign is targeting is online payment-processing company, Piryx. The fledgling company was taken down last weekend by a DDoS attack. It provides online payment-processing services for U.S. Rep. Joe Wilson’s (R-S.C) campaign fundraising arm. Wilson was the congressman who yelled out “liar” during President Barak Obama’s healthcare speech. Piryx said the attack knocked out services for about 150 other Piryx clients.
The company is only a year old and extremely small when compared to many of its industry peers. It received its first round of funding in 2008. Piryx is more of an example of a business that accepted the risk DDoS posed. It gambled and lost. It’s also the kind of customer that may not have had the client base or the funding to invest in DDoS protection.