Dedicated DDoS Detection & Mitigation for Hosting Providers from Arbor Networks
http://arbornetworks.tv/ArborGary1 Welcome to HostingCon 2013. Gary Sockrider, Arbor Networks' Solutions Architect for the Americas, was invited to speak at a panel discussion this year and discuss the identification and mitigation of DDoS attacks. We were able to catch up with Gary during HostingCon and ask him a few questions. Gary says that there are many misconceptions about DDoS attacks but that the biggest misconception is that standard security setups and infrastructures can mitigate these attacks. Traditional network security like hardware firewalls, IPS, access control lists, and other devices, simply can't prevent a DDoS attack from compromising a system. This means that a discrete mitigation solution is essential. Cloud-based protection is best suited for large volumetric attacks. Some methods are stealthy and are difficult to detect and mitigate. This is why on-premise mitigation is needed in conjunction with cloud-based security solutions. Gary recommends a layered approach to DDoS defense. Have one solution upstream, in the cloud, as well as redundant mitigation in the network. On-premise mitigation is the next layer, followed by a layer of interoperability so the two can interact and warn each other of incoming malevolent data. Gary Sockrider will be joined by fellow network security experts Jeffrey Lyon, Curtis R. Curtis, and Neustar's Rodney Joffe focusing on best practices for defending against the increasingly complex and ever-evolving threats facing network operators today.