DDoS Protection in the Age of 5G Networks, Edge Computing and Explosive Bandwidth Growth


Network transformation is having a direct impact on cybersecurity. New and improved scalability, agility and bandwidth are benefiting not just legitimate users – but also bad actors. And service providers need to be prepared.

Service providers embrace edge-centric computing in their fixed and mobile networks to deliver better user experiences, better performance and emerging real-time services. However, more scalable infrastructures, high traffic bandwidth, advance connectivity, and different network architecture also impact the cybersecurity threat landscape. The same capabilities that allow service providers to raise the bar on performance and introduce new services also allow bad actors to execute larger, more sophisticated cyberattacks. 

Network Transformation Impact

The findings of Radware’s 2021–2022 Global Threat Analysis Report show the real impact of network transformations on cyberattacks. Between 2020-2021, average DDoS attack volumes grew by 26%, and the number of malicious DDoS events increased by 37%. To safeguard their infrastructures from the rise in attacks, DDoS mitigation is a protective measure that service providers must implement. Two of the main types of DDoS threats are volumetric attacks and phantom floods attacks. While phantom flood attacks often fly below the radar of service providers, both types of attacks can be disruptive and must be addressed. 

[You may also like: With Great 5G Power Comes Great Responsibility]

Volumetric Attacks

While less common, terabit attacks are still a threat. During the fourth quarter of 2021, Microsoft Azure reported three terabit attacks, one with a size of 3.47Tbps and two more above 2.5Tbps. Terabit attacks can overwhelm any internet uplinks. Once the uplinks are saturated, customers and partners are left without available service.

Multi-terabit attacks are not necessarily more effective or dangerous than gigabit attacks. In the first few weeks of 2022, during the Twitch Rivals SquidCraft Games event hosted in Andorra, a DDoS attack no larger than 100Gbps interrupted the connectivity of the entire country for hours on end. 

Volumetric attacks are a by-product of the growth in traffic bandwidth. High bandwidth attacks can range from 10Gbps up to terabits. Service providers without the right DDoS protection can suffer from access and services outages, which can have a real impact on revenue. 

Figure 1* Radware 2021–2022 Global Threat Analysis Report

Phantom Flood Attacks

Another growing DDoS trend is phantom floods attacks. Micro floods and other slower attacks, such as application-layer attacks, can go undetected and consume resources. Service providers and their end consumers are unaware of the constant increase of infrastructure resources, such as bandwidth, network, and server processing, until the service becomes cost-prohibitive.  

* Radware 2021–2022 Global Threat Analysis Report

DDoS Protection and Network Transformation

Networks and market requirements are constantly changing, As a result, new eco-systems, architectures and advanced solutions emerge, which all affect the DDoS threat landscape.

Service providers should seek DDoS security solutions that support new infrastructure innovations and requirements while overcoming the increasing intensity of large DDoS attacks and growing sophistication of phantom flood attacks. 

[You may also like: Key Considerations to Secure Enterprises Through the 5G Revolution]

Radware is Up to the Terabit Challenge

Radware’s new DefensePro 800 is the industry’s first terabit DDoS mitigation platform. It combines leading performance, technology and state-of-the-art protection to handle the ultra-high bandwidth threat landscape and deliver next-generation connectivity for emerging environments. Some of the benefits include:

  • Industry leading performance– Armed with Radware’s new Hardware Mitigation Engine, DefensePro 800 is built to uniquely protect carriers’ most demanding environments, delivering a mitigation capacity up to 800Gbps and an attack prevention rate up to a 1.2B PPS. 
  • Industry leading technology– DefensePro800 is built to handle the growing capacity and connectivity requirements of future infrastructures with market-first 400G interfaces and high-port density.
  • State-of-the-art DDoS protection – With patented, behavioral-based, and automated algorithms with granular and dynamic protection, DefensePro 800 can overcome multi-vector sophisticated attacks at any scale. 

Radware’s new DefensePro 800 is designed to give service providers a secure foothold in the new terabit era.

Like this post? Subscribe now to get the latest Radware content in your inbox
weekly plus exclusive access to Radware’s Premium Content 

Shai Haim

Shai is a Product Marketing Manager in Radware’s network security group. his domain of expertise is service provider/carrier solutions, where he leads positioning, messaging, and product launches. Prior to joining Radware, Shai had a tech marketing role at Orange IL, Sony Mobile and startup companies. Shai holds a B.Sc. degree in Electronic Engineering from Ariel University.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center