Arbor Networks, Inc., a leading provider of security and network management solutions for next-generation data centers and carrier networks, launched the Arbor Pravail™ Availability Protection System (APS) appliances
This is a new product family focused on securing the Internet data center (IDC) edge from threats against availability — specifically, protection against application-layer distributed denial of service (DDoS) attacks.
“We are very pleased to announce the availability of the Pravail APS for our Indian customers. For more than a decade, Arbor Networks has developed innovative, market-leading DDoS detection and mitigation solutions that are deployed in the vast majority of the world’s largest and most valuable service provider networks. Arbor has leveraged this experience to create the Arbor Pravail APS, bringing carrier-class DDoS detection and mitigation capabilities to the data center.” – Colin Doherty Arbor Networks president
“In recent months, high profile attacks and outages have gotten the attention of C-level executives.” – Rob Ayoub, Global Program Director Network Security Frost & Sullivan
“If your data center is not available, all the compliance or data integrity in the world is not going to help your customers, business or your brand,” said Ayoub. “Arbor is addressing the number one threat to the availability of data center resources and that is the increasing prevalence and effectiveness of application-layer denial of service attacks that target infrastructure and potentially, existing security devices themselves.”
Firewall and IPS Not Effective Against Today’s Sophisticated DDoS Threats
While key elements of an overall security strategy, firewalls and Intrusion Prevention Systems are not effective solutions against DDoS attacks. Because these devices maintain state information for every session established between a client on the Internet and the corresponding server in the data center, these products themselves are commonly the targets of DDoS attacks. According to Arbor’s 2010 Worldwide Infrastructure Security Report, half of all who have deployed these devices within their data centers experienced stateful firewall and/or IPS failure as a direct result of DDoS attacks during the survey period.
Arbor Pravail APS Highlights:
Purpose-built for IDC deployment scenarios
- Out of the box, carrier-class DDoS attack identification and mitigation capabilities
- Can be rapidly deployed with little configuration, even during an attack
- Focused on detecting and stopping application-layer DDoS attacks
- A single, easy-to-manage platform with extensive reporting capabilities
- A protocol to facilitate both customer-edge mitigation of application-layer attacks and upstream mitigation of volumetric attacks in an automated and real-time manner
- Only mechanism available today to provide complete protection against both application and volumetric DDoS attacks
ATLAS® Intelligence Feed
- Leverages Arbor’s extensive data collection and world-renowned team of security researchers
- Automates the identification of botnet-borne attacks against data center infrastructure
- Updates for new threats are delivered automatically and also include geo-location data
Arbor’s Pravail APS Cloud Signaling capability helps to ensure the availability of data center infrastructures and speed time-to-mitigation for DDoS attacks. Arbor believes that the only way for data center and cloud operators to have optimal protection against DDoS attacks is through a combination of on-premise and in-cloud protection. Working with its Internet service provider (ISP) and managed security services provider (MSSP) customers, Arbor has developed a protocol to facilitate both customer edge mitigation of application-layer attacks and upstream mitigation of volumetric attacks in an automated and real-time manner. Cloud Signaling is an efficient and integrated system bridging the customer premise to the service provider cloud.
Carrier-Class Detection and Mitigation For The IDC
Application-layer DDoS attacks have quickly become the most significant threat to availability of data center and cloud-based services. Application-layer attacks are low bandwidth, difficult to detect and target both end customers and network operators’ own ancillary supporting services, such as HTTP Web services, domain name system (DNS), etc. The Arbor Pravail APS provides visibility into critical IP services and applications running in the data center, such as HTTP, DNS, VoIP/SIP and SMTP traffic. The Arbor Pravail APS also protects IDC infrastructure against numerous types of attack, including TCP State Exhaustion, HTTP/Web Attacks, DNS Floods/Authentication Attacks, TCP SYN Floods, Spoofed / Non-Spoofed Attacks, UDP Floods and dozens more.