uncover the burgeoning market for ddos mitigation
TRANSCRIPT
The Burgeoning Market for DDoS Mitigation
Growth of DDoS Attacks Drive Need to Mitigate Risk
Chris Rodriguez, Senior Industry Analyst
Network Security
August 27, 2014
© 2014 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of
Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.
2
Today’s Presenter
Chris Rodriguez, Senior Industry Analyst
Frost & Sullivan
Follow me on:
@CRodriguezS20
http://www.frost.com/chrisrodriguez
www.linkedin.com/pub/chris-rodriguez/20/46b/309/
•Seven years of industry analyst experience in the information and communication
technologies (ICT) sector, specializing in the areas of:
Next generation firewall (NGFW), unified threat management (UTM), intrusion
prevention systems (IPS), Distributed Denial of Service (DDoS) mitigation,
and Web application firewall (WAF)
3
Focus Points
For today’s discussion:
• DDoS Market Drivers
• DDoS Mitigation Options
• Customer Considerations
• Strategic Recommendations
• Q&A
4
Poll Question
How would you rate the importance of DDoS mitigation solutions?
• Unnecessary
• Optional
• Necessary
• Critical
5
DDoS Then…
• Fewer attackers
• Motivated by ideological
differences
• Used against large
organizations
• In 2005 the largest observed
DDoS attacks were 9 Gbps
• Purely an availability and user
experience concern
6
DDoS Now
• Well organized attackers
• Wide range of motivations
• DDoS attacks used to harass,
embarrass, and sabotage
organizations of all sizes
• Attacks grew to 100 Gbps by
2010.
• The 2013 Spamhaus attacks
reached rates of 300 Gbps
• By 2014, DDoS attacks
reached up to 400 Gbps
• Includes risk of data theft and
network intrusion
7
Need to Mitigate Business Risk is Driving Growth in the Market
• Business risk concerns of lost customers, sales, and reputation is
primarily driving growth in the market
Source: Analysis of the Global Distributed Denial of Service (DDoS) Market, Frost & Sullivan, July 2014
8
Driver: DDoS Attacks are More Frequent
• Businesses reported 50% more attacks in 2013 compared to
2012*
• Businesses reported a 23% increase between the third and
fourth quarters of 2013
• DDoS attacks have become daily occurrences - some research
labs identify thousands of attacks per day
*Source: Akamai State of the Internet Q4 2013 Report, Akamai, 2013.
9
Driver: Increased Scale of DDoS Attacks
• DDoS attacks are reaching 300 and 400 Gbps of peak attack traffic rates*
• Massive volumetric attacks utilize amplification and reflection methods
*Source: Arbor Networks Worldwide Infrastructure Security Report
10
Driver: Increased Scale of DDoS Attacks (continued)
• Researchers have identified growth in the average attack size as well*
*Source: Verizon 2014 Data Breach Investigations Report.
11
Driver: DDoS Attacks are More Sophisticated
• Attackers have started to target application layer protocols and
services
• Operation Ababil sent HTTP “GET” method requests for large
PDF files to exhaust server resources with few requests
• Additionally, blended attacks combine massive volumetric attacks
to fill the “pipes” with application-layer attacks to exhaust the
server resources
12
Options for DDoS Mitigation
Source: Analysis of the Global Distributed Denial of Service (DDoS) Market, Frost & Sullivan, July 2014
13
Considerations of DDoS Mitigation Appliances
• A DDoS mitigation appliance offers some benefits
• Provide a means to detect application layer attacks more accurately
• Allow customer to own the solution
• However, DDoS mitigation appliances can be expensive capital
investments
• DDoS mitigation appliances can be overwhelmed by very large
scale volumetric attacks
14
Advantages of DDoS Mitigation Services
• A DDoS mitigation service offers some benefits
• Offer significant scalability for defense against very large volumetric attacks
• Provide a manageable operational expense instead of a large capital investment
• Can be easy to deploy
• However, DDoS mitigation services are less effective at detecting
stealthy application layer attacks
• Mitigation services may require customers to route all network
traffic to the cloud which many businesses may not want to do
15
Importance of Hybrid DDoS Mitigation
• A hybrid solution is the only effective way to address volumetric
and application layer attacks
Source: Juniper Networks
16
Strategic Recommendations
In conclusion, DDoS customers:
• Require more options to find the right balance of security and
availability and cost
• Should seriously consider a hybrid solution to mitigate DDoS risk
• Should consider vendors that can also offer and integrate with
Web application firewalls (WAF) and other network and security
systems
• Should measure DDoS risk in terms of dollars
• Should begin to consider DDoS risk as a threat to data integrity
and confidentiality
17
Strategic Recommendations (continued)
DDoS vendors should:
• Develop deep technology partnerships that provide value for
customers
• Focus on improving cost of ownership for DDoS mitigation
solutions
• Develop close relationships with companies that can offer DDoS
as a service
• Integrate with related technologies such as switches, WAF
solutions, and firewalls to improve scalability and effectiveness
19
Next Steps
Develop Your Visionary and Innovative SkillsGrowth Partnership Service Share your growth thought leadership and ideas or
join our GIL Global Community
Join our GIL Community NewsletterKeep abreast of innovative growth opportunities
Phone: 1-877-GOFROST (463-7678) Email: [email protected]
20
Your Feedback is Important to Us
Growth Forecasts?
Competitive Structure?
Emerging Trends?
Strategic Recommendations?
Other?
Please inform us by “Rating” this presentation.
What would you like to see from Frost & Sullivan?
21
https://twitter.com/FS_ITVision
Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter
http://www.facebook.com/FrostandSullivan
https://www.linkedin.com/groups/Future-Growth-Opportunities-in-ICT-4876870
http://www.slideshare.net/FrostandSullivan
22
For Additional Information
Clarissa CastanedaCorporate Communications
Information & Communication Technologies
(210) 477-8481
Michael SubyVice President of Research
Stratecast
720-344-4860
Craig HaysSales Manager
Information & Communication Technologies
(210) 247-2460
Chris RodriguezSenior Industry Analyst
Information & Communication Technologies
(210) 348-1000