A recent briefing with Black Lotus executives Arman Khalili and Xenophon Giannis gave us a look behind the operation, some trends in the industry, and also announced a free tier to their DDoS protection services.  Black Lotus is in the business of maintaining site availability and protection from the dreaded Distributed Denial of Service attack for business of all sizes around the world.  It’s a problem that is increasing, despite the fact that they have existed in one form or another for a number of years now.  The reason for that rise is a blend of factors that bring us to where we are today.  The internet is expanding, proliferating into areas of the world where solid security practices can be quite costly, haven’t matured yet, or there are a massive amount of legacy systems being introduced that are deficient in security from the get-go.  In addition to those factors, there is a rise in DDoS attacks that have come about because there has been a proliferation of easy to use point and click tools that strip away any previous requirements of technical skills.  This realm of attacks is rooted in gaming communities, where attacks first launched against systems just for fun.  Astute programmers are also still working as hard as ever to overcome protections that are deployed out in the field against these kinds of attacks.  So the challenges are big and Black Lotus has reached out to the enterprise with a starting level free tier with their free PFN service (Protection for Networks).  This no-cost entry-level service lets users like data centers and service providers utilize Black Lotus’ powerful services at levels up to one gigabits per second (Gbps).

DDoS attacks lasting hours or even minutes can lead to loss of revenue and customers. Black Lotus’ free PFN service enables data center companies and service providers to get started with border gateway protocol (BGP)-based DDoS protection, which includes an introductory level of protection and clean traffic. Service providers can try the entry-level DDoS protection and then quickly ramp up to full-scale mitigation in the future. The full PFN package lets any BGP network establish a session with the Black Lotus scrubbing center for immediate filtering during a DDoS attack. Once the session is active, only confirmed DDoS attacks are sent to the scrubbing center, where IPs under attack are inspected and filtered, and only clean traffic is routed back to the target’s network.

Life on the edge – of your network

Khalili states that the program is one that has a lot of value because of these rising threats.  Actors are becoming more organized and fertile grounds for botnets and other malicious activity are popping up daily under constant zero-day vulnerabilities, widespread cybercrime on the rise, and increasingly mobile devices that have little security instituted into them.  In some ways, large scale attacks are easier to handle, because telltale attacks are easier to detect.  Still, averting downtime in these instances under attack require massive scale, information, and capabilities to maintain connectivity – quite often the lifeblood of an organization.  That’s where DDoS mitigation techniques alone fall short.  They are often most concerned with creating a ‘black hole’ for the flood of traffic that protect only the carrier, and do not protect the customer.  Black Lotus is different in that focus of continuity, as a component of their Protection for Networks product.  From a technical point of view, it’s a constant battle, Black Lotus is constantly changing algorithms based on many factors in the attack of the day – and there are plenty of variants from UDP flood, RP flood, NTP-redirected reflection attacks – the list goes on and on.  Giannis states that a big component of their services is communication with the customer.  The customer is always looking for information and education.  Black Lotus stages support through direct session with the customer, which they set up for free, so that they can help mitigate and really help the customer scale their operations up with their protection in place.  The service is constantly checking the network constantly for the customer so they value this as sort of an insurance policy, even if they have other mitigation techniques in place within their environment.  Further, many operations don’t have the capacity to run a 24/7 security operation to monitor and respond to incidents on the network.  Black Lotus works with the companies across the spectrum in exactly the same way.  Giannis likens DDoS to a mob of angry people at the gates, and they are the first responders, a sort of SWAT team for network protection.  They divert any attacks, clean the traffic and get it to you and your visitors.  The service boasts the ability to eliminate network-impacting interruptions by 99 percent without the customer having to invest in additional infrastructure to absorb these DDoS attacks.

For worldwide service providers that offer Web hosting, cloud hosting, collocation, Internet services, and virtualized and dedicated servers, any interruption to client services can result in customers migrating to competitors. Organizations such as Servers Australia, Steadfast, Zone Networks, Rack Nation and Continuum trust Black Lotus’ PFN technology to meet constant availability requirements. The PFN offering allows whole-infrastructure DDoS protection for data center companies and service providers and can also be offered as a value-added service to hosting customers. The end result is a new revenue stream that can defend its own infrastructure and fund the effort through reseller sales to end users.

When you consider that it’s just a matter of time really that the average organization faces a significant impact from one of these types of attacks, it makes for a compelling service to introduce this free tier for business and service leadership through this solution.  When the impact from an attack lasting just minutes can have such a deep and significant financial element to it, clearly DDoS attacks are a continuing leading concern in the industry and the road ahead in 2014 and beyond.

photo credit: andriux-uk & Tom Raftery via photopin cc