Software-Defined

mschiff

UPDATE: Efficient and Scalable DDoS Mitigation with SDN (SDN Idol Award WINNER!)

by mschiff ‎03-03-2014 08:57 AM - edited ‎03-06-2014 05:04 PM (3,489 Views)

DDoS attacks are on the rise. That statement by itself might not be that interesting because in this climate of "cyber insecurity", it is probably no surprise that the number of attacks is increasing.  However, what is more interesting, and even more troubling for networks, is that the size of these attacks is on the rise, with some attacks reported at over 400 Gbps. And yet the same solutions that were used for much smaller attacks are being used in attempt to detect and mitigate these security threats. Good luck. Go trying covering up a fire hydrant after it’s already been open, with saran wrap. Truth be told, traditional DDoS mitigation solutions were just not built to respond and handle the immense bandwidth these attack impose on today’s networks. And many current implementations based on sFlow, IPFIX etc. treat all flows as equal at the Layer 4 level, so there is no differentiation between the type of flows: short-lived, long-lived, large, or small. This results in delays in detection of these new mega-scale attacks. Who does this affect? Well in a single word, you. Whether you are a CEO of a major cloud service provider or you are just trying to stream the new season of House of Cards you are at risk of feeling the impact of an attack. That’s because these attacks consume so much bandwidth on the network that they are not just taking out the intended target, but also degrading the services of other customers on the network.

 

fire hydrant.jpg

 

A more scalable and efficient solution is needed to protect cloud data centers and networks from these attacks. SDN offers a way to do this by providing programmatic control of the entire networks so that an application can be used to monitor, detect, and mitigate an attack, all in real-time.  Brocade is very excited that we will be able to demonstrate such an application at the Open Networking Summit this week, as it has been named a finalist for the event’s SDN Idol Award. The application, leveraging our newly announced support for OpenFlow 1.3, inMon sFlow-RT and an OpenDaylight framework, treats long-lived, large flows caused by DDoS attacks separately from other Layer 2-4 flows. When an attack happens, the application, within seconds, instructs the network comprised of OpenFlow-enabled Brocade MLXe Routers to rate limit or drop the attack traffic flow in hardware without affecting the performance of the system or network. In addition, the industry’s only true Hybrid Port Mode for OpenFlow allows the rest of the network to behave as normal, so this solution can be seamlessly integrated with existing infrastructures today. With this application, service providers can offer tiered DDoS services to customers and enterprises can have stronger DDoS mitigation more efficiently.

 

 

SDN DDoS App.png

 

 

If you are at ONS this week, a live demonstration of the application will take place on Monday at 2:30pm during the Demo Track. Voting for the SDN Idol Award will be Tuesday night during the evening reception at 7pm. A version of the demo will also be in the Brocade Booth #505 during the exhibition. If you are not ONS, check out this video from Networking Field Day 7 of the demo and stay tuned as more material will be made available on this exciting SDN application. 

Comments
by mschiff on ‎03-06-2014 05:05 PM

Brocade Crowned Winner of SDN Idol 2014 at Open Networking Summit 2014 for this solution! See press release here: http://www.prweb.com/releases/opennetsummit/SDN-Idol-2014-Award/prweb11644834.htm