Arbor networks' fifth annual infrastructure security report.
Arbor's fifth annual Worldwide Infrastructure Security Report includes responses from 132 self-classified Tier 1, Tier 2 and other IP network operators from North America, South America, Europe, Africa and Asia. This year's participation doubles the 66 respondents to last year's survey and represents a notable increase in geographic and organizational diversity.
This annual survey is designed to provide data useful to network operators to make more informed decisions about the use of network security technology mechanisms to protect mission-critical Internet and other IP-based infrastructures.
Attacks Shift to the Cloud
Nearly 35% of respondents believe that more sophisticated service and application attacks represent the largest operational threat over the next 12 months, displacing large scale botnet-enabled attacks, which came in second this year at 21%. Again this year, more than half of the surveyed providers reported growth in service-level attacks at one gigabit or less bandwidth levels. Such attacks, while also driven by botnets, are specifically designed to exploit service weaknesses, like vulnerable and expensive back-end queries and computational resource limitations.
Several respondents reported prolonged (multi-hour) outages of prominent Internet services during the last year due to application-level attacks. These service-level attack targets included distributed domain name system (DNS) infrastructure, load balancers and large-scale SQL server back-end infrastructure.
"Our customers face an array of threats in the areas of cloud and data center security as well as emerging operational challenges with DNS security and IPv6," said Ken Silva, chief technology officer, VeriSign.
"The annual Arbor infrastructure security report provides the Internet security and operations community a valuable perspective on issues that we as an industry must address."
Attack Size Still on the Rise, But at a Slower Pace
In previous versions of the Worldwide Infrastructure Security Report, service providers reported near doubling in peak distributed denial of service (DDoS) attack rates year-over-year, with peak attack rates growing from 400 Mbps to more than 40 Gbps since 2001. This year, providers reported a peak sustained attack rate of 49 Gbps, a 22% growth over last year's peak of a 40 Gbps attack, which shows the attack scale growth has slowed in the past 12 months. As comparison, last year's 40 Gbps attack represented a 67% increase over the largest attack reported in the 2007 survey.
Additionally, only 19% of survey respondents reported the largest attacks they observed as being within the one-to-four Gbps range this year, as opposed to some 30% in 2008.
Internet Architecture and Operations Facing Perfect Storm
A convergence of issues is facing the Internet Architecture and Operations community, including looming IPv4 address exhaustion and the preparedness for migration to IPv6, DNS Security Extensions (DNS SEC) and to 4-byte ASNs (used for inter-domain routing on the Internet). Any one of these changes alone would constitute a significant architectural and operational challenge for network operators; considered together, they represent the greatest and potentially most disruptive set of circumstances in the history of the Internet, given its growth in importance to worldwide communications and commerce.
The Internet is Not IPv6 Ready
A majority of surveyed providers reported concerns over the security implications of IPv6 adoption, and the slow rate of IPv4 to IPv6 migration, or at least the parallel deployment of IPv6. As in previous years, providers complained of missing IPv6 security features in routers, firewalls and other critical network infrastructure. Other providers worried the lack of IPv6 testing and deployment experience may lead to significant Internet-wide security vulnerabilities.
A recent Arbor study found IPv6 traffic accounts for 0.03% of all Internet traffic, up from just .002% a year earlier, and while representing a significant increase, IPv6 still only accounts for a tiny fraction of aggregate Internet traffic today.
|Printer friendly Cite/link Email Feedback|
|Date:||Jan 1, 2010|
|Previous Article:||MDM implementation--analysis for selecting the right approach.|
|Next Article:||Troubleshooting 10 Gbps networks.|