Juniper Networks boosts DDoS protection for service providers

DDoS-style attacks have been on the rise in the last year, although recent studies have suggested enterprise IT departments have been shoring up security infrastructures finally.

Juniper Networks is upgrading its DDoS Secure protective layer with a special focus on routing and service provider infrastructure.

DDoS Secure is designed to defend websites against flood and application layer distributed denial of service (DDoS) attacks.

DDoS-style attacks have been on the rise in the last year, according to a report by Arbor Networks in January , as many attackers have been learning from other attempts.

Read this

DDoS attacks rise as companies fail to address DNS security

High-profile DNS amplification attacks have taught attackers how to become better at denial-of-service attacks, but organisations largely haven't learned their lesson.

Read More

Enterprise DDoS attacks eased a bit in the first quarter of 2014, but were still up 11 percent year-over-year, according to Akamai's State of the Internet report in June .

Still, a BT survey a few weeks ago countered that four out of ten organizations (41 percent) worldwide have suffered a DDoS attack over the last year, with more than three quarters of those (78 percent) targeted twice or more.

One recent high-profile example was popular note-taking service Evernote, which was unavailable for many of its 100 million users on June 11 after being struck down by DDoS attack for several hours.

Needless to say, the threat is palpable for businesses of all industries and sizes.

Juniper's latest upgrade is set up to deliver threat intelligence and enforcement management capabilities to routers, which in theory would transform the entire network into a mitigation system. Specifically, it involves more integration into routing and service provider infrastructures with BGP Flowspec and GPRS Tunneling Protocol (GTP) protocols.

The intended and desired results would consist of halting large-scale attacks in their tracks closer to the edge of the network while also reducing the potential for lengthy (and costly) downtimes.

For example, the new inclusion of a GTP packet unwrap capability means the DDoS Secure platform should be able to pinpoint inside-out Command and Control (C&C) attacks originating in a mobile service provider’s access network.

This kind of malware eats up mobile data bandwidth, incurring hefty charges on both the end user and the service provider — both of which would ideally be avoided with this extra layer of protection in place.

Juniper Networks is scheduled to report second-quarter earnings after the closing bell on Tuesday, July 22.