IBM has announced a new cloud solution that combines software analytics and cloud security services to fend off web-based Distributed Denial of Services (DDoS) attacks for organizations doing business on the web and in the cloud. The new software and services are based on a partnership with Akamai Technologies, Inc.
DDoS attacks are focused on the disruption of web-based assets such as company home pages, e-commerce sites and web-based cloud services. These attacks work by overloading the bandwidth of a web site or cloud application, rendering its service inoperable and preventing legitimate clients from being able to connect to it. This can result in revenue loss for an organization, as customers and clients are unable to complete transactions online.
DDoS attacks can also be used as a distraction, allowing attackers to breach other systems in the enterprise while IT staffs are forced to make difficult risk-based decisions, possibly without visibility to the full scope of what is occurring.
Based on daily monitoring of security for more than 4,000 clients, IBM has determined that DDoS attacks are on the rise. The average large company must filter through 1,400 cyber attacks weekly according to the IBM Cyber Security Intelligence Index. But many organizations do not have the on-site expertise or the right IT skills and tools required to combat them. Also, many do not have an incident response program in place or rely on existing programs that are out of date, not regularly tested or recently updated to address the growing exponential threats.
As part of the cloud solution, IBM will integrate Akamai’s always-on cloud-based web security solution, "Kona Site Defender" with IBM’s Cloud Security Services portfolio.
“Our clients tell us there is a need to strengthen cloud security," said Kris Lovejoy, general manager, IBM Security Services. "The partnership with Akamai combines a world-class security team and an intelligent network platform to strengthen cloud security. Together with Akamai, IBM can provide both proactive and reactive DDoS protection from the increasing frequency, scale and sophistication of these attacks.”
The companies will also share security intelligence insights gained by applying business analytics to extensive security monitoring data to better detect threats, identify security risks and areas of noncompliance and set priorities for remediation. IBM’s X-FORCE® research and development will contribute global analytics capabilities and the world’s most comprehensive threats and vulnerabilities database. IBM will also use its Q1Radar security solution, which gathers information from multiple sources and using analytics identifies potential threats and breaches.
The result for clients is managed DDoS protection that covers a full spectrum of services including:
· Preparation – development of readiness plans and response protocols
· Mitigation – proactively stop attacks before they affect clients’ networks
· Monitoring – monitor network traffic, DDoS alerts, and the real-time health of IT resources
· Response – trained response experts on standby to assist with attacks; to contain, eradicate, recover and identify primary and secondary attacks
· Intelligence – deliver insights on internet threat conditions and provide real-time DDoS metrics
“DDoS mitigation and prevention can be incredibly complex and resource intensive, and organizations often find they simply don’t have the right resources in place to be as effective as they need to be to meet the web security challenges they face,” explained Ronni Zehavi, senior vice president and general manager, Security Division, Akamai. “Together, IBM and Akamai can offer the right mix of technology and expertise to give our customers the peace of mind that their DDoS mitigation efforts are in the right hands.”