News
Juniper Networks Teams with Verisign to Link On-Premise and Cloud-Based Distributed Denial of Service (DDoS) Protection
March 2014 by Marc Jacob
Juniper Networks has teamed with Verisign to provide a hybrid solution for DDoS protection that effectively combats the growing diversity of DDoS attacks. The solution consists of network and application-layer protection provided by Juniper’s on-premise DDoS Secure and Verisign’s cloud-based DDoS Protection Service. The hybrid solution adjusts the parameters used for identifying and filtering potentially malicious traffic based on the response and performance of the protected applications.
DDoS attacks continue to grow both in size and sophistication, making them one of the major cyber security risks for businesses of all sizes across all verticals. The unprecedented scale of high-volume attacks, which leverage massive amounts of traffic to overwhelm network resources–combined with targeted low-bandwidth attacks on applications–makes the DDoS threat diverse and difficult to protect against. While many organizations have started to adopt DDoS protection, they often find themselves needing to make a series of trade-offs in architectural deployment, capabilities and traffic thresholds that ultimately could lead to increased cost and reduced efficacy.
News Highlights:
The Juniper and Verisign hybrid solution provides technologies from both companies to enable both on-premise and cloud-based DDoS protection for customers.
· Real-Time Adaptive Mitigation:
o Juniper DDoS Secure intelligently monitors the health of protected services and applications that reside in the data center, stopping low and slow attacks locally with a sub-second time of detection to mitigation response.
o When an attack is determined to exceed the network capacity at the data center edge, mitigation moves to Verisign’s globally connected, fully redundant cloud-based platform to provide comprehensive protection against network and application layer attacks.
o The solution proactively adjusts the security posture continuously based on coordinated local and global risk assessment. Verisign iDefense analysts actively monitor indicators of attacks, in order to assist Verisign’s DDoS protection engineers in creating new signatures for new attacks, while Juniper DDoS Secure heuristics engine inspects both inbound and outbound traffic to calculate local risk.
o The solution provides customers flexible deployment choices to suit their individual business risk profiles, scaling to support the largest enterprise network with geographically diverse footprints.
· Joint Collaboration for Enhanced Integration:
The companies have entered into an agreement to create a next-generation hybrid DDoS offering, intended to enable more comprehensive, automated DDoS protection in increasingly heterogeneous environments that span public, private and hybrid clouds.
· Open Standards for DDoS Protection in Heterogeneous Environments:
o The companies further plan to define and promote open source standards for communication between dedicated, on-premise DDoS mitigation devices and cloud-based solutions.
o Standards-driven interoperability should promote wider adoption of effective, intelligence-driven DDoS mitigation systems that meet business needs and should free customers from proprietary vendor lock-in.
