The Burgeoning Market for DDoS Mitigation

Growth of DDoS Attacks Drive Need to Mitigate Risk

Chris Rodriguez, Senior Industry Analyst

Network Security

August 27, 2014

© 2014 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of

Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.

2

Today’s Presenter

Chris Rodriguez, Senior Industry Analyst

Frost & Sullivan

Follow me on:

@CRodriguezS20

http://www.frost.com/chrisrodriguez

www.linkedin.com/pub/chris-rodriguez/20/46b/309/

•Seven years of industry analyst experience in the information and communication

technologies (ICT) sector, specializing in the areas of:

Next generation firewall (NGFW), unified threat management (UTM), intrusion

prevention systems (IPS), Distributed Denial of Service (DDoS) mitigation,

and Web application firewall (WAF)

3

Focus Points

For today’s discussion:

• DDoS Market Drivers

• DDoS Mitigation Options

• Customer Considerations

• Strategic Recommendations

• Q&A

4

Poll Question

How would you rate the importance of DDoS mitigation solutions?

• Unnecessary

• Optional

• Necessary

• Critical

5

DDoS Then…

• Fewer attackers

• Motivated by ideological

differences

• Used against large

organizations

• In 2005 the largest observed

DDoS attacks were 9 Gbps

• Purely an availability and user

experience concern

6

DDoS Now

• Well organized attackers

• Wide range of motivations

• DDoS attacks used to harass,

embarrass, and sabotage

organizations of all sizes

• Attacks grew to 100 Gbps by

2010.

• The 2013 Spamhaus attacks

reached rates of 300 Gbps

• By 2014, DDoS attacks

reached up to 400 Gbps

• Includes risk of data theft and

network intrusion

7

Need to Mitigate Business Risk is Driving Growth in the Market

• Business risk concerns of lost customers, sales, and reputation is

primarily driving growth in the market

Source: Analysis of the Global Distributed Denial of Service (DDoS) Market, Frost & Sullivan, July 2014

8

Driver: DDoS Attacks are More Frequent

• Businesses reported 50% more attacks in 2013 compared to

2012*

• Businesses reported a 23% increase between the third and

fourth quarters of 2013

• DDoS attacks have become daily occurrences - some research

labs identify thousands of attacks per day

*Source: Akamai State of the Internet Q4 2013 Report, Akamai, 2013.

9

Driver: Increased Scale of DDoS Attacks

• DDoS attacks are reaching 300 and 400 Gbps of peak attack traffic rates*

• Massive volumetric attacks utilize amplification and reflection methods

*Source: Arbor Networks Worldwide Infrastructure Security Report

10

Driver: Increased Scale of DDoS Attacks (continued)

• Researchers have identified growth in the average attack size as well*

*Source: Verizon 2014 Data Breach Investigations Report.

11

Driver: DDoS Attacks are More Sophisticated

• Attackers have started to target application layer protocols and

services

• Operation Ababil sent HTTP “GET” method requests for large

PDF files to exhaust server resources with few requests

• Additionally, blended attacks combine massive volumetric attacks

to fill the “pipes” with application-layer attacks to exhaust the

server resources

12

Options for DDoS Mitigation

Source: Analysis of the Global Distributed Denial of Service (DDoS) Market, Frost & Sullivan, July 2014

13

Considerations of DDoS Mitigation Appliances

• A DDoS mitigation appliance offers some benefits

• Provide a means to detect application layer attacks more accurately

• Allow customer to own the solution

• However, DDoS mitigation appliances can be expensive capital

investments

• DDoS mitigation appliances can be overwhelmed by very large

scale volumetric attacks

14

Advantages of DDoS Mitigation Services

• A DDoS mitigation service offers some benefits

• Offer significant scalability for defense against very large volumetric attacks

• Provide a manageable operational expense instead of a large capital investment

• Can be easy to deploy

• However, DDoS mitigation services are less effective at detecting

stealthy application layer attacks

• Mitigation services may require customers to route all network

traffic to the cloud which many businesses may not want to do

15

Importance of Hybrid DDoS Mitigation

• A hybrid solution is the only effective way to address volumetric

and application layer attacks

Source: Juniper Networks

16

Strategic Recommendations

In conclusion, DDoS customers:

• Require more options to find the right balance of security and

availability and cost

• Should seriously consider a hybrid solution to mitigate DDoS risk

• Should consider vendors that can also offer and integrate with

Web application firewalls (WAF) and other network and security

systems

• Should measure DDoS risk in terms of dollars

• Should begin to consider DDoS risk as a threat to data integrity

and confidentiality

17

Strategic Recommendations (continued)

DDoS vendors should:

• Develop deep technology partnerships that provide value for

customers

• Focus on improving cost of ownership for DDoS mitigation

solutions

• Develop close relationships with companies that can offer DDoS

as a service

• Integrate with related technologies such as switches, WAF

solutions, and firewalls to improve scalability and effectiveness

Questions & Answers

19

Next Steps

Develop Your Visionary and Innovative SkillsGrowth Partnership Service Share your growth thought leadership and ideas or

join our GIL Global Community

Join our GIL Community NewsletterKeep abreast of innovative growth opportunities

Phone: 1-877-GOFROST (463-7678) Email: myfrost@frost.com

20

Your Feedback is Important to Us

Growth Forecasts?

Competitive Structure?

Emerging Trends?

Strategic Recommendations?

Other?

Please inform us by “Rating” this presentation.

What would you like to see from Frost & Sullivan?

21

https://twitter.com/FS_ITVision

Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter

http://www.facebook.com/FrostandSullivan

https://www.linkedin.com/groups/Future-Growth-Opportunities-in-ICT-4876870

http://www.slideshare.net/FrostandSullivan

22

For Additional Information

Clarissa CastanedaCorporate Communications

Information & Communication Technologies

(210) 477-8481

Clarissa.Castaneda@frost.com

Michael SubyVice President of Research

Stratecast

720-344-4860

Mike.Suby@frost.com

Craig HaysSales Manager

Information & Communication Technologies

(210) 247-2460

Craig.Hays@frost.com

Chris RodriguezSenior Industry Analyst

Information & Communication Technologies

(210) 348-1000

Chris.Rodriguez@frost.com