announced the launch of its network-agnostic Distributed Denial of Service
(DDoS) protection, globally. Eric
Hemmendinger, director, Managed Security Solutions (MSS), Tata Communications,
shares insights into expansion of DDoS detection and mitigation services.
What is the uniqueness of the extended
Distributed Denial of Service (DDoS) solution from Tata Communications?
has announced an expansion of the existing DDoS detection and mitigation
service. Previously, we offered DDoS Detection and Mitigation services to
customers that purchased Internet services from Tata Communications. However,
we did not restrict the detection and mitigation services to the internet
connections that we provided. With this announcement we are removing the
condition of customers taking Internet services from Tata Communications. Now,
regardless of what service provider the customer turns to for Internet
connectivity, we will offer DDoS detection and mitigation services. Obviously,
this means there is a much larger pool of companies to whom we can now offer
What is the current state of the company’s
existing DDoS solutions? Is this still relevant and performing well?
has a strong and growing customer base for the existing DDoS solutions. We have
never failed to defend a customer against a DDoS attack. Every DDoS attack that
has been targeted at customers of Tata Communications (customers that subscribe
to the DDoS services) has been successfully mitigated, so that customers have
been able to continue their Internet operations with no impact.
What are the other similar and rival services
like this in the market? What differentiates Tata Communications’
DDoS-related offering from them?
There are other
companies that offer DDoS detection and mitigation services. But there are
several factors that collectively distinguish Tata Communications from
substantially all of its competitors. 1) Tata Communications is a Tier 1 ISP –
and one of the largest. This means that we have peering relationships with ever
service provider of consequence. This means that we run one of the largest
network backbones in the world – which speaks to the size of attacks that we
can absorb and mitigate. Finally, it means that when we communicate on the
Internet a new route for one of our customers because they are under attack and
we need to direct the traffic through our network infrastructure, the new route
is immediately accepted and propagated across the Internet infrastructure.
Smaller ISPs simply don’t have these capabilities, thereby limiting their
ability to quickly, effectively, and comprehensively mitigate attacks on the
same scale. 2) The new capabilities that we have just announced – OffNet – are
not unique in this industry – other service providers claim to do this.
However, they do not have the scale that we have (as per the earlier points),
and they rely on a less comprehensive approach to re-routing traffic that is
unfortunately less reliable.
Are there any competitors to this service
offering? What is the market opportunity here?
As we indicated there
are competitors, but we do not focus on them. The market opportunity is huge.
that operate business where their Internet presence is either a major asset, or
a critical part of their operation cannot afford the downtime that results from
successful DDoS attacks. Vertical markets that meet this criteria include
e-commerce, online gaming, online banking, media, and Internet communications.
like Anonymous have become highly visible because of their willingness to
target companies for attacks because members of Anonymous disagree with their
business practices. However, there is also the very real truth that DDoS
attacks can now be initiated by relatively low-skilled people as a result of
BotNets for hire, and attack tools that are now much easier to find on the
internet. So, DDoS attacks can now be levied as a form of protest – we (and
many other organizations) refer to this trend as Hacktivism.
Do you think cloud-based infrastructure will
be sustainable enough? Are there any challenges to the offering?
We’ve seen this
debate for years now – it’s the question of whether a cloud-based approach or a
customer premise equipment-based approach is the best answer to a problem. The
reality is that which approach is best depends on the organization making the
decision and the specifics of the problem. For DDoS specifically, we believe –
as does the market – that success requires a cloud-based infrastructure -one
that we have been operating – and expanding in advance of customer need – since
the inception of our service. It is simply not practical to wait until an attack
as at the customer’s network entry point to begin mitigation.
At that point, the
attack is a huge volume of traffic that is concentrated. But using equipment
deployed at the customer premise to mitigate a DDoS attack assumes that you
will wait until the traffic is aggregated before attempting to respond.
Conversely, it makes tremendous sense to identify the attack and its components
as far away from the customer’s network infrastructure as possible. That means
that we identify a few attacks, but mitigate as if it were a considerably
larger number of attacks – each of which is much smaller. The challenges to the
offering are primarily in the area of assessing the likely mitigation capacity
requirements far enough in advance so that you an provision sufficient
mitigation capacity well in advance of the potential attacks. We can do this
because we have the assets to implement the capacity. Small firms are much more
challenged to attempt the same approach.
What processes and tools are you using to
support your DDoS detection and mitigation services?
We have partnered
with Arbor Networks, a provider of detection and mitigation solutions for DDoS
attacks, so we have the unquestionably the best technology in the world for
detecting and responding to attacks. From a process perspective, we are
ISO27001 certified – the gold standard for security services operations.
What pricing structures are you
We provide a series
of different pricing structures to meet our customers’ needs. These can include
recurring mitigation services, standby services with event-based charges, as
well as other models. The specific pricing structure is entirely dependent on
what makes the most sense for a given customer.
By Rashi Varshney