Arbor’s 8th annual Worldwide Infrastructure Security Report offers unique insight from network operators on the front lines in the global battle against DDoS and advanced threats. A closer look at the findings reveals that the more things change, the more they stay the same. THE […]Read more
Topics Trending in Cyber Security, DDoS, and Advanced Threat Detection
Kris Lamb talks about what makes his job so satisfying, what it takes to maintain a world-class engineering team, and what he prefers instead of Dilbert.
What’s the most enjoyable part of your job?
There’s an amazing amount of talent, domain expertise and diversity on Arbor’s engineering team. Our people’s enthusiasm and commitment to helping customers secure their infrastructures in a cutting-edge way is, by far, the most satisfying part of the job.
And the most challenging part?
Arbor is valued because of our expertise and our innovative approaches in solving what, at the end of the day, are large-scale network availability issues. But because we’re such a trusted partner, our customers hold us to a high standard. They rely on us to solve progressively harder problems around infrastructure security and network visibility. That’s a good challenge to have, but it’s a daunting one.
What are your responsibilities?
My job is to ensure that Arbor is researching, developing and engineering all our solutions so they serve our customers’ requirements for network security and visibility. I’m responsible for the day-to-day operations of product development, and coordinating with product management and the office of the CTO to ensure we’re taking our products in the right direction, executing on our promise to customers, and solving problems when they turn to us for help.
How does the engineering organization engage with customers?
There are basically three different types of conversations. The first is tactical and reactive, where the customer reaches out to us as their trusted advisor because they need assistance with a very specific issue. Examples include helping them customize a mitigation so they can stop a new type of availability attack or denial of service attack they haven’t encountered before, or doing some sustaining development to get out new, quick-hitting feature sets or patch rollups that allow them to address a near-term problem with their existing solution.
The second type of conversation is engaging with customers at the business level to understand where they’re taking their business, what their strategic focus is, what the drivers are for them, how they’re scaling, how they’re growing, and what issues they see themselves confronting down the road. The goal here is to align our roadmaps and feature development to their emerging problems and market areas.
The third type of conversation is to understand our customers’ technology landscape—separate from the business landscape—in terms of where they’re taking their network architectures and what are the technical and operational things they’re deploying. We also help them understand how the data center and provider networks are evolving, and how we can advise them as they build out their infrastructure for the future.
Can you talk about key areas of Arbor’s strategy? How are you strengthening the global business?
We serve diverse vertical markets: from large service providers to hosting and data center providers to enterprise customers. But we also serve multiple geographies, each with different drivers and a different mix of customers. From an engineering perspective, we focus on understanding those horizontal segments: how different infrastructures and architectures are being deployed as a function of how different geographies service their customers, and what implications that has for our solutions. We’re developing a comprehensive feedback loop so that we have a better grasp of the customer context in various geographies.
What is engineering’s role in helping Arbor become a major player in the mobile market?
From a research perspective, we’re very much focused on understanding the mobile landscape, where emerging security issues and infrastructure deployments are going, and what new challenges mobile brings with it that are fundamentally different from fixed-line network problems. We’re thinking about which features we can expose in our existing solutions that allow customers to protect the mobile infrastructure—and what new solutions are needed to solve infrastructure and subscriber security problems that are unique to mobile.
What are you doing to make engineering more partner-centric?
We are looking at how we can make our products easier to use and faster to deploy so they’re more channel-friendly. Additionally, we’re identifying ways to deliver existing solutions in slightly different packaging and form factors to allow partners and customers more flexibility in how they consume Arbor’s technology.
How do you attract and retain a world-class engineering community?
Arbor has an amazing density of topnotch, one-of-a-kind domain experts and engineers. These types of individuals are few and far between, so we take it very seriously when we bring someone onboard. They not only need the right capabilities; they need to be a good fit for Arbor’s culture, which is highly collaborative.
One thing that all world-class engineers have in common is that they want to work on important and extremely challenging problems. Because of the customer set Arbor has, and the security and availability problems we’re helping to solve, there’s no shortage of really interesting work for our engineers. That helps keep everyone sharp and highly engaged.
Dilbert: love him or hate him?
I know this is hard to believe, but I’ve never read a Dilbert comic. For my management and office satire, I prefer the original British version of The Office.
Check out another great webinar from Tom Bienkowski, Director of Product Marketing for Arbor Networks. Harald Krimmel from circular Informationssyteme GmbH talks about how they are utilizing the entire Arbor solution to deliver a new in-cloud managed DDoS protection service from a new company they created called depulsio.
The Challenge: Build a carrier-independent DDoS protection solution for all data center operators.
The Solution: The Arbor Peakflow SP and Peakflow SP TMS solutions in the cloud for volumetric DDoSattacks; the Arbor Pravail APS solution in the data center for application-layer attacks; and Cloud Signaling for intelligent communication.
The Result: A carrier- and data center-independent solution that offers comprehensive
DDoS protection for all data center operators.
In September, Arbor Networks participated in BrightTALK’s “Next Generation Threat Protection” virtual summit. The webinar we delivered was so successful, it became one of BrightTALK’s best attended, most popular webinars of the year! If you missed out on this significant event, a special “year-end update” is planned for Wednesday, Dec. 12, 11:00am Eastern Time/8:00am Pacific Time. Register today to attend this important session which examines the evolving DDoS threat and the mitigation strategies you should be implementing to protect your organization.
There are stories every single day lately about organizations all over the world being targeted and taken offline by cybersecurity attacks. Businesses today rely inordinately on Internet connectivity, now more than ever before. This is particularly true as more data and applications move to cloud-based infrastructure, losing Internet availability means losing the connection to the tools that run the business, things like the CRM or ERP systems, payroll and others. This makes Internet availability itself as critical to an organization today as electricity. Availability is everything. If a business is taken offline, they lose the ability to generate revenue from their customers. They can damage their reputation and brand. Not only that, they could lose their ability to operate their business effectively from the inside.Read more
Over the last few years the explosive growth of the smartphone and tablet market has forever altered the landscape of end user devices on the enterprise network. Like it or not, enterprises are now forced to deal with “bring your own device” (BYOD). Personally, I think it is a positive trend that can bring not only increased productivity and freedom to end users but also significant cost savings to the enterprise. However, it does come with a number of challenges as well.Read more
Since I joined Arbor Networks two and a half years ago, I’ve been constantly amazed, inspired and encouraged by the innovative spirit this company embodies. We’ve grown significantly but we’ve been able to maintain an innovative, research-driven culture without losing that start-up atmosphere and enthusiasm. For engineers and developers who populate our Ann Arbor offices, that makes for one terrific work environment.
So it comes as no surprise to me that we’ve been honored by the Detroit Free Press as a top company to work for this year. This is a particularly rewarding honor since the award is based solely on employee survey data and nothing else. We employ some pretty incredible talent at Arbor – from the wealth of security expertise within our ASERT team, to the engineers who develop products that do nothing less the secure the Internet. Arbor is filled with incredibly smart and motivated employees and in my rather biased opinion, Arbor is absolutely worthy of this nod as a top company to work for.
I’m thrilled with this award and excited about our future as a company. We’re full of great employees who work incredibly hard to keep Arbor front and center as a leader in an uber-competitive industry.
If you’re interested in a little bit more about what makes our company culture tick, I’d urge you to take a peek at this slideshare presentation that captures the essence of our office environment, and our people, pretty well.Read more
The days of banks simply taking deposits and making loans against those deposits are over. In their present form, banks have become global financial supermarkets selling and servicing every imaginable financial need. It wasn’t until the 2008 financial crisis that we realized just how complex and co-dependent these institutions had become.
A great example is AIG, from Time Magazine, 9/16/08:
The best case for the bailout seems to be that nobody has the faintest idea what the consequences of AIG’s failure for financial markets would be, but the fear was that it could lead to total chaos. The biggest fears had to do with the credit-default swaps, which AIG appears to have sold in large quantities to practically every financial institution of significance on the planet. RBC Capital Markets analyst Hank Calenti estimated Tuesday that AIG’s failure would cost its swap counterparties $180 billion.
In just over a decade, DDoS attacks have evolved tremendously. Back in the mid-90s, DDoS was mainly used to focus traffic towards a single site, debilitating it. Over time, DDoS attacks have matured into the tools of choice for Hacktivists. Today, DDoS attacks are far more complex than there were in the 1990s and they continue plague major online properties all over the world, most recently government sites and major financial institutions. The timeline below (and this video) lays out the past decade+ of DDoS attacks – and how they have evolved from simple attacks that were considered a nuisance to highly complex problem that has become a menace for network operators around the world.Read more
DDoS attack size continues to rise with average attacks hitting the 1.67 Gbps range, a rise of 72% year-over-year. This data comes from ATLAS, is an innovative partnership with our customers who share traffic data with us on an anonymous basis. It’s through ATLAS that we’re able to deliver unparalleled visibility into the backbone networks that form the Internet’s core. This data gives Arbor a globally scoped view of the Internet threat landscape.Read more