NETSCOUT SYSTEMS, INC. launched Adaptive DDoS Protection for its Arbor® Threat Mitigation System (TMS)
September 2023 by Marc Jacob
NETSCOUT SYSTEMS, INC. launched Adaptive DDoS Protection for its Arbor® Threat Mitigation System (TMS) to dramatically improve detection of distributed attacks that dynamically change vectors and target numerous destination IP addresses at once.
NETSCOUT ASERT, the company’s expert security research and DDoS attack mitigation team, has documented a significant increase in dynamic Distributed Denial-of-Service (DDoS) attacks using multiple vectors and techniques to launch botnet-based, direct-path, state exhaustion, and application-layer attacks designed to evade conventional static network and cloud-only-based DDoS defenses. Carpet-bombing attacks have risen by more than 110%. They are particularly challenging for SOC teams to mitigate using conventional means as these attacks target large swaths of IP addresses versus a single host and generate hundreds or thousands of alerts per attack.
Adaptive DDoS Protection analyses traffic in real time and automatically implements threat intelligence-driven mitigations and countermeasures to block dynamic DDoS attacks as they evolve. Adaptive DDoS Protection gives SOC teams a scalable, always-on, stateless packet processing solution that uses unmatched visibility into more than 50% of all internet traffic, real-time global DDoS attack threat intelligence, and decades of DDoS mitigation experience to automatically detect, adapt to, and mitigate dynamic DDoS attacks.
Defending against carpet bombing
Carpet bombing attacks are one of the most devastating distributed attacks bad actors can initiate since they target large ranges of IP addresses simultaneously, generating thousands of attack alerts that are impossible for SOC teams to manage. Through Adaptive DDoS Protection, NETSCOUT has introduced a new way to understand DDoS traffic at the network level across all subnets to detect and report on carpet bombing attacks in one, easy-to-understand alert.
NETSCOUT’s ML-based Precise Protection Prefix technology automatically determines the specific IP ranges targeted by the attack. It then automatically redirects those to Arbor TMS for mitigation, even as the attack moves around the network to different targets. This Adaptive DDoS Protection capability dramatically improves the detection and mitigation of carpet-bombing attacks.