503 “Service Unavailable” …Ever receive this error code from one of your web servers?
How about this in your log files?
TCP 192.168.3.102:34678 184.108.40.206:443 ESTABLISHED
TCP 192.168.3.102:34680 220.127.116.11:80 ESTABLISHED
TCP 192.168.3.102:34685 18.104.22.168:443 TIME_WAIT
TCP 192.168.3.102:34696 22.214.171.124:443 TIME_WAIT
TCP 192.168.3.102:34705 126.96.36.199:443 TIME_WAIT
TCP 192.168.3.102:34715 188.8.131.52:443 TIME_WAIT
Busy server? Maybe not. It could be the result of an application-layer DDoS attack.
What is at risk in a DDoS attack on an enterprise website or network? Certainly, there is a financial risk, as revenue will likely be lost as a direct result of the attack. There is the cost of remediation, and affected customers may have to be compensated. There is a legal risk if confidential user data is compromised. Service providers may face financial and legal consequences if they have failed to live up to their SLAs. Then there are intangibles, such as damage to a company’s brand or reputation, that will show up down the road in the form of a lost business and falling stock prices.
In January 2018 NETSCOUT Arbor published our 13th Annual Worldwide Infrastructure Report (WISR 2018).
This year’s report noted that the largest DDoS attack was 650 Gbps; which was down from the prior year of 800 Gbps. The report also noted that though the largest DDoS attack was 650Gbps, the overall mix of attack sizes is still shifting up. For example, this year the percentage of attacks over 1 Gbps has increased to 22%, growing three years in a row.
No sooner had the ink dried on WISR 2018, did we encounter a 1.7Tbps DDoS attack!
The case for a managed DDoS protection and mitigation service is well established. Partnering with a provider that can oversee the system’s operation takes a big IT issue off your plate, augments your staff resources, and gives you access to specialized DDoS expertise. But not all managed DDoS services are alike. How can you tell a great one from a merely good one? Here are the hallmarks to look for.
By Kirill Kasavchenko
As with any new technology, Network Function Virtualization (NFV) has its own adoption cycle driven by business realities. Once a subject of hype, NFV is a reality for service providers in 2018. NETSCOUT Arbor sees a lot of customers either deploying or evaluating NFV in earnest; quite a few are already using it to deliver revenue-generating services to their customers. The motivation for deploying NFV in service provider environment is clear: to deliver managed services more quickly and more cost-effectively, enabling their consumption by small- to medium-sized enterprise customers (SME) and broadening the market in the process. To achieve these goals, service providers are looking to automate many aspects of service delivery and turning to management and orchestration systems (MANO) for help, sometimes shortened to “orchestrators.”