This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Recent security breaches, amongst even security conscious companies worldwide, have put an uncomfortable spotlight on corporate security and compliance measures. Security professionals and network administrators have to walk a fine line between enforcing application security against increasingly sophisticated cyber attacks, while also providing sufficient access for their corporate customers.
Service providers such as cloud providers, web hosting services, ISPs as well as large enterprises require an environment that is highly available and secure. Any failure to resolve prevailing security threats such as cyber intrusions and distributed denial of service (DDoS) attacks can present costly and complicated scenarios for them.
DDoS attacks, for example, have become a significant and escalating threat for businesses. They have dramatically grown over the last several years in frequency, volume and sophistication. Attacks may originate from inside or outside of the corporate network. A recent survey report from Prolexic, a US-based distributed DDoS mitigation service provider, estimated that about 89 percent of DDoS attack traffic in the second quarter of 2014 was directed at infrastructure, many targeting telecom and service provider router infrastructures and involving Layer 3 and 4 protocols, with the remaining 11 percent being attacks targeting applications.
To defend against DDoS attacks-especially infrastructure attacks — service providers need solutions that can scale to handle large volumes of DDoS traffic. Security appliances that use specialized processors to detect and mitigate DDoS attacks can provide service providers the performance they need to block massive attacks.
At the same time, any deployment of mobile devices by an operator can present a significant amount of risk. The wireless networks on which mobile devices run outside of an operator's subscriber network can leave information at risk of interception. The theft or loss of a device can be detrimental for the business, resulting in loss of sensitive or proprietary corporate information.
What is your best security containment strategy?
How can large enterprises and service providers cope with growing security threats? While they are becoming more and more reliant on the uptime of Internet-connected services, many are finding that legacy security solutions such as firewalls and intrusion prevention systems (IPS) have insufficient capacity to mitigate today's multi-vector DDoS attacks at scale, that are growing in number and sophistication.
Recent DDoS attacks can overwhelm lesser performing network devices and render network infrastructure and applications vulnerable to downtime and further threats. To stay resilient, enterprises and service providers need robust security and processing hardware functionality that allow them to continue to provide full system functionality even while simultaneously under volumetric attacks, without impacting system performance.
Sign up for CIO Asia eNewsletters.