MWC24: How Netscout Helps Telcos Deal With DDoS Threats
In the realm of telecommunications, where the flow of data never ceases, security stands as a paramount concern. Speaking to us at MWC 2024 in Barcelona, Darren Anstee, Chief Technology Officer for Security at Netscout, offers insights into the telco security landscape and how Netscout’s innovative solutions help telcos deal with DDoS threats.
Anstee’s journey with Netscout traces back to 2015, through the acquisition of Danaher Corporation’s Communications Business Unit, where he had been instrumental since 2003. Arbor Networks, a company under Danaher, was renowned for its prowess in DDoS detection and mitigation, catering to ISPs and enterprises worldwide.
“My background has very much been in looking at network traffic, understanding threats and helping our customers to defend themselves against those threats,” Anstee remarks, highlighting his two-decade-long immersion in network security.
“At Netscout now I'm working with our CEO, Anil Singhal, on the strategy for our security pillar and the products, the capabilities, the value propositions and the use cases that we're delivering.”
Post-acquisition, Netscout integrated Arbor's portfolio into its security pillar, focusing on DDoS detection, mitigation and traffic visibility across service providers and enterprises. The evolution of Netscout’s security offerings has been marked by combining Arbor’s expertise with technologies from Netscout's broader engineering environment.
“Since the acquisition, we've been evolving the Arbor portfolio with new products and new capabilities, but also bringing in technology from the broader Netscout engineering environment,” he says. “We have integrated our engineering, our product management and our tool sets, and what we've been doing is looking at how we can take one plus one and deliver three.”
A significant tool in Netscout’s arsenal is the extension of its Sightline product into the mobile network domain. Anstee highlights the challenges posed by escalating attack activities from wireline and mobile subscribers, necessitating robust defence mechanisms across all network layers.
“One of our key launches last year was our Sightline mobile and MobileStream products. Sightline is used by approximately 90% of the world's ISPs to gain visibility into their network traffic and safeguard themselves, their customers, infrastructure and services from DDoS attacks.”
While primarily deployed in wireline environments, Sightline’s usage has expanded. Initially employed to thwart external attacks, it's now increasingly employed to counter threats originating from subscribers.
With the rise in edge connectivity speeds, including fibre to the home and DOCSIS 4.0 cable networks, upstream capacities have surged, removing constraints on the influx of malicious traffic, from compromised IoT devices, and individuals with nefarious intentions infiltrating service provider networks.
“As fixed wireless access has been rolling out faster and faster in many parts of the world, ISPs are seeing many of the same challenges that they see on their wireline network. So what we did is we extended the capabilities of Sightline into the mobile network domain, so that our customers could get visibility, understand and manage threats there.”
Surge in DDoS activity is set to continue
Looking ahead, Anstee foresees a relentless surge in DDoS activity, propelled by factors ranging from geopolitical tensions to the persistent compromise of IoT devices. Amidst these challenges, he underscores Netscout's dedication to leveraging data insights and technological advancements to stay ahead of emerging threats and empower their customers.
“We have over 500 service provider customers who feed data to us every hour about what's happening across their networks in terms of traffic, in terms of DDoS activity and other threats, and we have about 1,200 enterprises who do something similar. We are constantly looking at how we can evolve the way that we look at that data set.
“We use AI today to derive threat intelligence more quickly and more accurately, to help our customers deal more efficiently with the threats that are out there.
“I don't think there's any doubt that, especially in the DDoS space, we will continue to see more activity, particularly with IoT devices and customer premises equipment (CPE) remaining vulnerable. Geopolitical tensions, particularly in the Middle East, North Africa, and Europe, as well as the ongoing conflict in Russia and Ukraine, are significant drivers of DDoS incidents, and that’s before you get to traditional catalysts such as major sporting events, elections and ideological disputes.
“There’s a lot going on out there at the moment, which makes it crucial to understand how things are changing both locally and globally. Our customers need to protect themselves and their customers from the threats they face, in the most effective way possible. We are all reliant on the Internet. Netscout prides itself on protecting the performance and availability of the Internet services we rely upon.”
******
Make sure you check out the latest edition of Data Centre Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Data Centre Magazine is a BizClik brand