Western European Organization Realizes DDoS Attack Complexity Dictates Hybrid Protection
- Customer Profile
- Customer Profile
- The Challenge
- The Solution
- Summary
Highlights
Increased regulation compliance drives need for organization to rethink DDoS protection strategy.
- Omnis® Threat Horizon
- Arbor Edge Defense® (AED)
- Arbor Cloud®
With the understanding of the complexity of current DDoS attacks provided by NETSCOUT, the organization chooses a hybrid approach and meets newly created protection goals.
Customer Profile
This Western European organization is in the business of consulting on network infrastructure with insurance, government, and financial institutions in the region. They also offer hosting services through two local service providers for some of their client’s networks. When we first encountered them, they were a small company but are currently on an accelerated growth path. Initially they had two Data Centers housing their customer networks but only one had DDoS protection and it was in the form of and always on cloud implementation. They shared with the NETSCOUT Team that they still had some identified DDoS activity that seemed to get by the cloud solution.
The Challenge
Due to the accelerated growth of the organization and increased regulations around banking customers, they realized they had to upgrade their DDoS protection immediately. Because of a trusted relationship with a common reseller and that reseller's recommendation around Arbor’s reputation in the DDoS Security field, the organization looked to us for guidance. Even with that reseller's high praise, when the NETSCOUT team arrived on site for an executive meeting it seemed that everyone in the room felt that they already had a solution and were still leaning toward an always-on cloud solution.
The Solution
What the customer did not realize was that the NETSCOUT Team had a very persuasive ally in Omnis Threat Horizon. Prior to arriving for the meeting, the team prepared a report from the Omnis Threat Horizon Kiosk which showed several attacks on their data centers in the form of attacks that regularly get by always-on cloud solutions including attacks at the application layer and attacks identified in encrypted traffic. The executive team agreed that the report synced up almost 100% with the attacks that the organization's security personnel had experienced over the past two years. The NETSCOUT Team now had everyone’s attention in the room.
After some simple demos, the NETSCOUT Team presented the executive team with a hybrid solution. The on-premise AEDs would take care of the attacks that they had already experienced which routinely get by always on cloud solutions while the cloud solution would take care of the attacks that overwhelm the internet circuit prior to getting to the network. To the organization this was the solution that technically met all their goals. They purchase two AEDs to cover their datacenters and will eventually purchase access to Arbor Cloud based on its tight integration with the AEDs. They are already looking to Cyber Investigator to augment their security posture.
Summary
Understanding the complexity of the attacks your networks are enduring will educate your security teams on the mitigation strategy required to stop business and reputational losses. NETSCOUT’s Omnis Threat Horizon can help with that understanding so you can see the value in a hybrid approach to DDoS protection.
Results
After a couple of weeks of configuration and tuning the customer has observed that the installed AED’s are knocking down the nuisance attacks that were routinely causing outages with their previous DDoS solution.
Overarching Benefit
Understanding actual attack types and complexity that your team experiences will show the value in the hybrid approach to your protection strategy.
