inner_solutionsweprovide

Hosting Provider

As a hosting provider, your Internet data center (IDC) is your business. You need to ensure availability of the network infrastructure that supports access to your IDC and availability of the core IDC services themselves such as web services, ecommerce, voice, email and DNS.

click to enlarge

Distributed Denial of Service (DDoS) is a major cause of downtime and an ever growing threat to the availability of hosted services. Many of the world’s leading hosting providers rely on Arbor products to protect their networks and data centers from outages due to DDoS. These providers have found that the DDoS protection provided by Arbor products not only maintains the availability of hosted services, it also helps hosting providers grow their business. This level of availability assurance attracts and retains customers that place a high value on availability and it enables profitable managed security services. Arbor offers two product families providing availability assurance for hosting providers:

For Large Hosting Providers

The Arbor Peakflow SP solution provides the visibility, protection and scalability  needed by large hosting providers with multiple data centers and extensive network connectivity. The Peakflow SP solution  leverages IP flow, SNMP and BGP data to deliver:

  • Pervasive, cost-effective visibility into network, application and routing traffic.
  • Comprehensive distributed denial of service (DDoS) detection, mitigation and reporting.
  • A platform for managed DDoS protection services that can be provided as an additional revenue-generating offering.

Combined with Peakflow SP Threat Management System (Peakflow SP TMS) the solution provides surgical mitigation of network and service layer attacks, including:

  • For HTTP/Web 2.0 applications, Peakflow SP TMS protects a server’s Web services by stopping malformed HTTP packets and rate-limiting HTTP requests caused by illegitimate zombies performing malicious activity such as click fraud.
  • For Voice over Internet Protocol (VoIP) traffic, Peakflow SP TMS can help maintain VoIP services by stopping malformed Session Initiation Protocol (SIP) packets and conducting SIP request limiting.
  • For Domain Name System (DNS) traffic, Peakflow SP TMS can verify proper DNS protocol usage, scrub malformed DNS requests and stop spoofed sources through DNS authentication.
  • For generic IP-based services, Peakflow SP TMS can conduct packet scrubbing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP) services—looking for attacks using vectors such as: TCP SYN floods, TCP connection resets, TCP idle sessions, and UDP or ICMP floods.

For Smaller Hosting Providers

The Pravail Availability Protection System (APS) focuses exclusively on stopping availability threats such as DDoS. Hosting providers can deploy Pravail APS in front of services to stop application-layer attacks and disrupt botnet communications. They can also integrate Pravail APS upstream with their internet service provider DDoS protection services to stop volumetric DDoS attacks.

With Pravail APS, your data center gains the power to:

  • Detect and block emerging application-layer DDoS attacks.
  • Accelerate responses to DDoS attacks to prevent legitimate services from going down.
  • Deploy a turnkey solution to stop threats immediately.
  • Prevent illegitimate botnet communications by leveraging real-time security intelligence from Arbor’s Active Threat Level Analysis System (ATLAS).
  • Mitigate volumetric attacks by coordinating with Cloud-Signaling enabled providers.

Peakflow and Pravail products are supported by Arbor’s Security Engineering and Response Team (ASERT). ASERT conducts global threat analysis, maintains a real-time security portal known as the Active Threat Level Analysis System (ATLAS), and provides consultation and security-related services such as the Active Threat Feed (ATF) to provide effective and timely protection from new threats.

Peakflow SP TMS and Pravail APS also provide an essential complement to perimeter security products.  The DDoS protection of Peakflow and Pravail prevent firewalls and intrusion protection systems (IPS) from being overwhelmed by DDoS traffic. Our white paper “The Growing Need for Intelligent DDoS Mitigation Systems” explains. For additional technical and business level information, please review the white papers and tools posted on this page.