Juniper Networks boosts DDoS protection for service providers

Summary:DDoS-style attacks have been on the rise in the last year, although recent studies have suggested enterprise IT departments have been shoring up security infrastructures finally.

Juniper Networks is upgrading its DDoS Secure protective layer with a special focus on routing and service provider infrastructure.

DDoS Secure is designed to defend websites against flood and application layer distributed denial of service (DDoS) attacks.

DDoS-style attacks have been on the rise in the last year, according to a report by Arbor Networks in January , as many attackers have been learning from other attempts.

Read this

DDoS attacks rise as companies fail to address DNS security

High-profile DNS amplification attacks have taught attackers how to become better at denial-of-service attacks, but organisations largely haven't learned their lesson.

Enterprise DDoS attacks eased a bit in the first quarter of 2014, but were still up 11 percent year-over-year, according to Akamai's State of the Internet report in June .

Still, a BT survey a few weeks ago countered that four out of ten organizations (41 percent) worldwide have suffered a DDoS attack over the last year, with more than three quarters of those (78 percent) targeted twice or more.

One recent high-profile example was popular note-taking service Evernote, which was unavailable for many of its 100 million users on June 11 after being struck down by DDoS attack for several hours.

Needless to say, the threat is palpable for businesses of all industries and sizes.

Juniper's latest upgrade is set up to deliver threat intelligence and enforcement management capabilities to routers, which in theory would transform the entire network into a mitigation system. Specifically, it involves more integration into routing and service provider infrastructures with BGP Flowspec and GPRS Tunneling Protocol (GTP) protocols.

The intended and desired results would consist of halting large-scale attacks in their tracks closer to the edge of the network while also reducing the potential for lengthy (and costly) downtimes.

For example, the new inclusion of a GTP packet unwrap capability means the DDoS Secure platform should be able to pinpoint inside-out Command and Control (C&C) attacks originating in a mobile service provider’s access network.

This kind of malware eats up mobile data bandwidth, incurring hefty charges on both the end user and the service provider — both of which would ideally be avoided with this extra layer of protection in place.

Juniper Networks is scheduled to report second-quarter earnings after the closing bell on Tuesday, July 22.

Topics: Security, Data Management, Enterprise Software, IT Priorities


Rachel King is a staff writer for CBS Interactive based in San Francisco, covering business and enterprise technology for ZDNet, CNET and SmartPlanet. She has previously worked for The Business Insider,, CNN's San Francisco bureau and the U.S. Department of State. Rachel has also written for, Irish Americ... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.