Modern DDoS defenses for National Networks – combining network visibility in Design and Implementation

Distributed Denial-of-service (DDoS) attacks continue to accelerate and evolve into highly sophisticated vectors, threatening any digitally connected entities and services; specifically, the entry of connectivity to the global /local communications networks [which start with the Communications Service Providers (CSPs)] that are defined as underlay “gateways” with a clear demarcation edge of networks. Discussions with Security Operations Centers (SOCs) in various regions raise the same trend; all SOCs face a tsunami of alarms issued about an enormous increase in DDoS attack threats against a wide spectrum of organizations across industries and vertical markets globally. This trend continues to become more severe with the reality of the “record-breaking” 2.4 Tbps DDoS volumetric attack that targeted Microsoft Azure in the European region during the 2nd half of 2021, and the later DDoS attack that was detected and blocked by Cloudfare, which peaked at just under 2 Tbps.  As we are entering the 3rd year of the pandemic, we are witnessing the impact and unavoidable evolution of the “COVID-effect”, which is increasing the diversity of multi-vector attacks as massive digital transformation changes/removes the traditional boundaries of organizations. Attacks are becoming destructive and in higher cycles than ever. As a result, manual/static processes of DDoS mitigation are no longer valid, and many organizations are moving towards a DDoS auto-mitigation strategy that can cope better with the volume and the diversity of attacks.