Arbor Networks updates security and traffic-monitoring platform

Arbor Networks announced the availability of version 5.8 of Peakflow SP, a network-wide infrastructure security and traffic-monitoring platform for service, hosting and cloud providers.

The vast majority of the world’s leading service providers rely on Arbor’s Peakflow SP platform to proactively fend off malicious threats such as botnets and volumetric and application-layer distributed denial of service (DDoS) attacks, while strengthening the availability and quality of their services.

The Peakflow SP platform includes two main components: Peakflow SP and the Peakflow SP Threat Management System (TMS). Peakflow SP combines network-wide anomaly detection and traffic engineering with TMS’s carrier-class threat management, which automatically detects and surgically removes only attack traffic, while maintaining business traffic. With the ability to mitigate only the attack traffic, customer-facing services remain available while providers actively mitigate attacks.

“Today, Peakflow SP addresses security issues like DDoS, operational issues such as service quality and network performance and even serves as a platform for revenue generation as a feature of managed security services, which are increasingly in demand by enterprises looking for an added layer of security protection,” said Arbor Networks President Colin Doherty.

New features:

New Application Processor Module (APM) Card for the TMS 4000: To boost mitigation capacity, counter growing attack volumes and help provide investment protection, the Peakflow SP solution now includes a new APM-E card. The APM-E is the packet processing blade on the TMS that examines and selectively blocks attack traffic. The APM-E replaces the APM-10, delivering large gains in packet processing throughput with no increase in price. A single TMS-4000 chassis can be populated with up to four APE-10 or APM-E modules, enabling a total of 40 Gbps of mitigation capacity.

CDN and proxy aware mitigation: Many businesses rely on CDNs (content delivery networks) to deliver web content and services to end users. When content or services are under attack, it can appear that the attack source is a CDN server and not the true attacker. Blocking attack traffic based on source address would cut off the flow of non-attack traffic from the CDN server to the enterprise. The new version of Peakflow SP addresses this advanced mitigation issue by including the sophistication needed to identify and stop attacks that come via a proxy such as a CDN server without interrupting legitimate business traffic from that source.

BGP Flowspec offramp to TMS: With this release, the BGP Flowspec offramp enables a broader set of diversion criteria based on source and/or destination IP, port and protocol. This feature enables traffic diversion into an MPLS backbone and allows reinjection without the need for GRE tunneling, making DDoS attack mitigation easier for service providers and data center operators.

Profiled interface alerts: Peakflow SP can monitor network interfaces and generate alerts when traffic through an interface goes above or below defined thresholds; this alerting capability was previously limited to networks and IP addresses. This new feature is especially useful for subscriber services such as broadband/DSL. For example, Peakflow can monitor interfaces on B-RAS devices and alert operators to service impacting events that can affect customer satisfaction and result in expensive help desk calls.

User account scale increase: Up to 1,000 customers can now be provisioned for monitoring, alerting, reporting and mitigation in a single Peakflow SP deployment. This more than doubles the previous limit and helps enable managed service providers to expand their business without additional capital investments.