VIDEO: Akamai’s Chief Security Officer Andy Ellis explains how distributed denial-of-service (DDoS) protection is improving, even as the basic attack methods remain the same.
Akamai is well-known in the Web world for its capabilities as a content delivery network (CDN) provider.
Akamai is also a leading vendor in the IT security space with distributed denial-of-service (DDoS) capabilities that have recently been expanded, thanks to the $370 million acquisition of data center DDoS vendor Prolexic.
In a video interview with eWEEK, Akamai Chief Security Officer Andy Ellis, explains how the Prolexic technology is now enhancing the DDoS mitigation capabilities at Akamai. Ellis also provides insight into the current generation of DDoS attacks, which surprisingly are not all that different from the DDoS attacks of 20 years ago.
Ellis explained that what Akamai was able to do before the Prolexic acquisition was focused around Website defense. Prolexic’s technology, in contrast, is about being able to protect data centers across multiple protocols.
Akamai’s customers will now be able to benefit from the Prolexic operations model as well as Akamai’s network scale in defending against DDoS attacks.
While the volume of DDoS attacks is now growing, Ellis noted that, from a tactics perspective, some of the same techniques used 20 years ago by attackers are still in play in 2014.
“20 years ago, we saw this myriad of reflection attacks,” Ellis said. “Where people would send UDP packets against one set of systems that would reflect back at a target to create a DDoS condition.”
In 2014, reflection attacks are once again in the news. In February 2014, one of the largest DDoS attacks ever reported hit the Internet and leveraged a Network Timing Protocol (NTP) reflection attack.
Ellis added,”Everything that is old is new again.”
While the total bandwidth used in DDoS attacks has grown as high as 400G bps according to cloud security vendor CloudFlare, Ellis doesn’t put much stock in the actual bandwidth figures.
“We don’t tend to look very carefully at networking-level traffic for precise measurement, partly because of the way our network is operated,” Ellis said. “It’s like trying to count the water that is lapping up against your seawall; you don’t worry about it until the water is high enough to come over the top of your seawall.”
Watch the full video interview with Andy Ellis, CSO at Akamai, below:
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.