Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution

An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators.
According to Zayo Group's annual DDoS Insights Report, attacks are accelerating rapidly, with a 314% increase in overall attacks from the first half of 2022 to the first half of 2023-surging by 1,300% in some industries.
To address the growing problem of DDoS attacks, in 2022 we launched the industry's first true on-box DDoS solution, Cisco Secure DDoS Edge Protection, with IOS XR 7.7.1 on our Cisco Network Convergence System 540 Series routers.
The first phase of the solution addressed threats from mobile endpoints such as IoT devices and mobile phones, helping customers detect and mitigate DDoS attacks on cell-site routers without the need for a centralized DDoS detection agent or a scrubbing center.
We are now extending this DDoS solution beyond mobility to all IP traffic types, starting with IOS XR 7.11.1 on our Cisco Network Convergence System 5500 and 5700 Series routers.
A traditional DDoS solution includes a centralized DDoS detection agent deployed outside of the router.
It also has a DDoS mitigation engine that typically pushes a Border Gateway Protocol FlowSpec rule to divert the traffic to a scrubbing center, or to push a Remotely Triggered Black Hole rule.
This type of architecture involves edge routers that face the attack traffic to export the NetFlow data or mirrored flows outside of the routers to a centralized location to detect the attacks.
As a result, customers can incur substantial operational costs that grow as the scale and frequency of DDoS attacks increase.
With Cisco Secure DDoS Edge Protection, the external detection agent is no longer needed.
Since IOS XR supports an application hosting infrastructure to run docker containers on the routers, the centralized detection agent is now moved to the router.
Because the agent runs as a docker container, the integration eliminates the need to export data outside of the router for attack detection.
The mitigation does not involve pushing a BGP FlowSpec rule; instead, a simple API callback to the edge router efficiently blocks the attack traffic.
Provide a dashboard to operators on traffic stats, active attacks, history of attacks, etc.
Customer satisfaction-With faster attack detection integrated on the routers, the overall latency with combined detection and mitigation is drastically reduced.
Improved response time helps network operators meet tighter SLAs with their customers, even under active attack situations.
Defense in depth-With the edge routers acting as the first line of defense, the overall architecture aligns perfectly with the defense-in-depth philosophy on security architectures.
The solution results in additional ROI from the existing routers already deployed in the network.
Investment protection-The solution can coexist with existing DDoS deployments, which provides investment protection for existing deployments.
Fewer dependencies-With the API-based mitigation to block the attacks, there is no longer a dependency on BGP FlowSpec for mitigation.


This Cyber News was published on feedpress.me. Publication date: Mon, 11 Dec 2023 16:43:04 +0000


Cyber News related to Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
11 months ago Feedpress.me
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
5 months ago Helpnetsecurity.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
11 months ago Cybersecuritynews.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
11 months ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
11 months ago Darkreading.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
9 months ago Cybersecuritynews.com
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
11 months ago Cyberdefensemagazine.com
Edge Computing: Data and Connectivity - Edge computing is a distributed computing model that brings processing capabilities closer to the data source, be it IoT devices, sensors, or end-user devices, rather than relying on centralized data centers. By decentralizing data processing, edge ...
11 months ago Feeds.dzone.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
11 months ago Esecurityplanet.com
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
11 months ago Itsecurityguru.org
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
11 months ago Darkreading.com
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
11 months ago Hackread.com
CVE-2022-22180 - An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this ...
2 years ago
CVE-2021-0207 - An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain ...
3 years ago
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
11 months ago Helpnetsecurity.com
87% of DDoS Attacks Targeted Windows OS Devices in 2023 - Computers and servers became the primary target of attacks, making up 92% of DDoS attempts, compared to only 68% in the previous year. Attacks are also becoming shorter and less frequent, but more powerful. While the overall count in attack frequency ...
6 months ago Darkreading.com
CVE-2022-0715 - A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT ...
1 year ago
Protecting branch office environments from ransomware The Register - Sponsored Feature Ransomware gangs that steal and encrypt vital business data before extorting payment for its decryption and restoration are ramping up global attacks at an ever-increasing rate. Cyber security experts agree that ransomware now ...
8 months ago Go.theregister.com
Pro-Russian DDoS Attacks Alarm Denmark and US - Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups have caused alarm in the US and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it ...
1 year ago Therecord.media
CVE-2021-0280 - Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected ...
3 years ago
The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
2 months ago Esecurityplanet.com
Hackers are Launching DDoS Attacks During Peak Business Hours - Many security practitioners have seen distributed denial-of-service attacks carried out during peak business hours, when firms are more likely to be understaffed and caught off guard. DDoS attacks are a year-round threat, but we've seen an increase ...
11 months ago Cysecurity.news
CVE-2019-0069 - On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to ...
3 years ago
Cybersecurity and Infrastructure Security Agency Reports Minimal Impact of Killnet Distributed Denial of Service Attacks on American Hospitals - The Cybersecurity and Infrastructure Security Agency (CISA) reported that it had assisted numerous hospitals in responding to a series of distributed denial-of-service (DDoS) attacks last week, which were launched by a pro-Kremlin hacking group known ...
1 year ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)