• Toll Free 866-535-9898

  • Support 419-724-9898

Telesystem Network Core + Managed Appliance = A Unique Approach to DDoS Defense

What's happening at Telesystem

Unique DDoS Approach

Telesystem Network Core + Managed Appliance = A Unique Approach to DDoS Defense

Responding to distributed denial-of-service (DDoS) attacks can feel like trying to bail out water from a major ongoing leak. The amount of traffic headed your way during one of these campaigns is overwhelming, and – like someone confronting a flooding basement equipped only with a tiny bucket – it often feels like the available solutions aren't up to the task.

DDoS attacks have traditionally been challenging to address for several reasons:

  • First, there's a fundamental asymmetry between how easy it is to launch one and how tough it is to defend. Someone can rent a botnet for only a few dollars an hour and use it for a DDoS attack that requires a highly coordinated response leveraging sophisticated and often expensive infrastructure like load balancers.
  • Second, there are many different types of DDoS attacks. The classic approach is to saturate network bandwidth with packet floods, but many alternative vectors have emerged throughout the 2010s, including attacks against specific protocols like NTP and SYN as well as at the application layer.
  • Finally, flagging a DDoS attack as such can be surprisingly difficult. The seemingly tell-tale spike in traffic might actually be from a legitimate surge in activity, e.g. from shoppers on an e-commerce site. DDoS attacks don't have to be huge, long-lasting events, either – many last only a few minutes, but do significant damage in that time by making certain services unavailable or unreliable.

Indeed, the recent trend in DDoS attacks has been toward more frequent, lower-volume attacks. A 2018 report from Corero Network Security found that 77 percent of them were under 10 minutes, while overall frequency had increased 40 percent since 2017. There are still some high-volume attacks, but for now, the main risk is from a barrage of low-intensity incidents.

Mitigating DDoS attacks: What's the best option?

Effective DDoS defense must be multi-front and holistic. In other words, you need protections in place both at the network edge and further up the chain.

Toward this goal, Telesystem takes a unique approach combining an anti-DDoS network core with a mitigation appliance at the edge. It's the best of both worlds when it comes to DDoS mitigation, providing reliable recourses that can be seamlessly integrated into your broader security infrastructure. Let's break down how each of its main parts works:

Network core

At no additional cost, all Telesystem hosted services passing through our network core receive automatic DDoS protection. We leverage analytics and up-to-date threat intelligence to inspect traffic and detect potential issues in real time.

This advanced filtering keeps botnets and other cyberthreats in check, ensuring that your critical hosted applications – such as hosted VoIP, video conferencing, and more – do not see major attack-related degradations in their performance; it screens out problems while still passing along legitimate traffic. Although web applications are famous targets of DDoS attacks, VoIP is also highly vulnerable because of its reliance on protocols including SIP and UDP, both of which can be flooded with conventional DDoS techniques.

The built-in, hosted protection of a DDoS-hardened network core means you don't have to invest so much of your own time and resources into hedging against all of the possible attack vectors. Using a Telesystem hosted service means having more peace of mind about network DDoS security.

Appliance

DDoS mitigation appliances fulfill several roles. They monitor multiple layers within the Open Systems Interconnect model for DDoS issues, provide low-latency response and give you maximum control over DDoS mitigation since they're located on-premises. They were the original form of DDoS defense, and they remain worthwhile investments.

Relying exclusively on DDoS protections in the cloud can be risky since it introduces latency and also entails some loss of control over your IT operations. An appliance addresses these issues directly with its relatively fast performance and high configurability.

Telesystem offers multiple solutions, so you can choose the setup that best fits your risk profile and operational requirements. Our solutions can be the basis of a wholly new protective infrastructure against DDoS and other threats, or integrated into your existing defenses, whichever is more convenient for you.

An adaptive defense for an evolving threat

DDoS attacks are relatively new in the cybersecurity realm and they have already evolved rapidly from their humble roots in 1988's Morris Worm, an internet worm that attacked the nodes of a small network. As they integrate more sophisticated techniques and target a widening range of organizations, adaptive protection will be essential.

That's what you get with the Telesystem approach to DDoS – a flexible combination of solutions that address DDoS at multiple junctures. Learn more by contacting our team today.

 

Request a quote.

Fill out this form or call 866-535-9898.

Click Next below to submit more details about your request.