How is SDN disrupting the way businesses develop technology?
You must have read so much about software-defined networking (SDN) by now that you probably think you know it inside and out. However, such a nascent industry is constantly evolving and there are always new aspects to discover and learn about. While much of the focus on SDN has focused on the technological benefits it brings, potential challenges are beginning to trouble some SDN watchers. While many businesses acknowledge that the benefits of SDN are too big to ignore, there are challenges to overcome, particularly with the cultural changes that it brings. In fact, according to attendees at the Open Networking Summit (ONS) recently the cultural changes required to embrace SDN outweigh the technological challenges. One example, outlined in this TechTarget piece, is that the (metaphorical) wall separating network operators and software developers needs to be torn down; network operators need coding skills and software developers will need to be able to program networking services into their applications. That’s because SDN represents a huge disruption to how organisations develop technology. With SDN, the speed of service provisioning is dramatically increased; provisioning networks becomes like setting up a VM... a few clicks of the button and you’re done. This centralised network provision means the networking element of development is no longer a bottleneck; it’s ready and available right when it’s needed. There’s another element to consider when it comes to SDN, tech development and its culture. Much of what drives software-defined networking is open source, and dealing with that is something many businesses may not have a lot of experience with. Using open source SDN technologies means a company will have to contribute something back to the community - that’s how open source works. But for some that may prove to be a bit of an issue: some SDN users such as banks or telecoms companies may feel protective of their technology and not want is source code to be released to the world. But that is the reality of the open source SDN market, so it is something companies will have to think carefully about. Are the benefits of SDN for tech development worth going down the open source route? That’s a question only the companies themselves can answer. Software-defined networking represents a huge disruption to the way businesses develop technology. It makes things faster, easier and more convenient during the process and from a management and scalability point of view going forward. There will be challenges - there always are when disruption is on the agenda - but if they can be overcome SDN could well usher in a new era of technological development.
Getting Around the Logon/Legal Banner Issues when using APM PCoIP Proxy and Horizon
If you're using APM's PCoIP Proxy and require a logon banner, you've probably figured out that the PCoIP Proxy integration stops working when you turn on the integrated logon banner from within the Horizon Administrator. Adding to the pain, internal users can't get any logon banner since you had to turn it off in order for your external access to work! Well, the wait is over! With the use of a nifty iRule that you can attach to your internal Horizon Connection Servers virtual server, you can now present a banner BOTH internal users as well as external users who access Horizon resources using APM PCoIP Proxy. Here's how it works: Disable the logon banner through Horizon Administrator - the BIG-IP will handle presenting the banners for internal users (through the iRule) and external users (through the View iApp) instead of Horizon. Modify the text in the iRule with the text you want to show in the logon banner. Apply the iRule to your LTM Virtual Server that services internal Horizon users (either manually to the LTM virtual server or through the View iApp). You're done! A couple of things to think about when you implement this: If you need to present a legal disclaimer your external users using the PCoIP Proxy, you can still do that through the Horizon View iApp. Do not apply this to any virtual server running the APM PCoIP Proxy - it's only for providing the logon banner to internal Horizon users. The banner for PCoIP Proxy can be easily enabled through the iApp It's important to ensure the PCoIP Proxy's Connection Server settings are pointing to the individual connection server(s) and NOT the LTM virtual server that has the Logon Banner iRule applied. The iRule source is below. # Attach iRule to iApp created virtual server named "<iapp_name>_internal_https" # Replace the section “This is a XXX computer system that is FOR OFFICIAL USE ONLY. This # system is subject to monitoring. Therefore, no expectation of privacy is to be assumed. # Individuals found performing unauthorized activities are subject to disciplinary action # including criminal prosecution.” with your desired text. when RULE_INIT { # Debug Level 0=off, 1=on, 2=verbose set static::internal_disclaimer_debug 0 } when CLIENT_ACCEPTED { set log_prefix_cs "[IP::remote_addr]:[TCP::remote_port clientside] <-> [IP::local_addr]:[TCP::local_port clientside]" if { $static::internal_disclaimer_debug > 1 } { log local0. "<$log_prefix_cs>: CLIENT_ACCEPTED" } } when HTTP_REQUEST { set bypass 0 if {[HTTP::uri] starts_with "/portal/info.jsp"} { if { $static::internal_disclaimer_debug > 0 } { log local0. "<$log_prefix_cs>: Portal Info request, bypassing further processing"} set bypass 1 } else { if {[HTTP::header exists "Content-Length"]} { set content_length [HTTP::header "Content-Length"] } else { # If the header is missing, use a sufficiently large number set content_length 5000 } if { $static::internal_disclaimer_debug > 1 } { log local0. "<$log_prefix_cs>: Set content-length to $content_length"} HTTP::collect $content_length if { [HTTP::path] == "/broker/xml" && [HTTP::header Expect] == "100-continue" } { SSL::respond "HTTP/1.0 100 Continue\r\n\r\n" if { $static::internal_disclaimer_debug > 1 } { log local0. "<$log_prefix_cs>: Application requested: client requires 100 continue response, sending 100-continue"} } } } when HTTP_REQUEST_DATA { if { [HTTP::payload] contains "set-locale" and ( not ($bypass)) } { HTTP::respond 200 content {<?xml version="1.0"?><broker version="9.0"><configuration><result>ok</result><broker-guid>aaaaaaaa-bbbb-cccc-ddddddddddddddddd</broker-guid><authentication><screen><name>disclaimer</name><params><param><name>text</name><values><value>This is a XXX computer system that is FOR OFFICIAL USE ONLY. This system is subject to monitoring. Therefore, no expectation of privacy is to be assumed. Individuals found performing unauthorized activities are subject to disciplinary action including criminal prosecution.</value></values></param></params></screen></authentication></configuration><set-locale><result>ok</result></set-locale></broker>} noserver "Connection" "close" "Content-Type" "text/xml;charset=UTF-8" if { $static::internal_disclaimer_debug > 1 } { log local0. "<$log_prefix_cs>: Sending Disclaimer Message"} } if { [HTTP::payload] contains "disclaimer" } { if { $static::internal_disclaimer_debug > 1 } { log local0. "<$log_prefix_cs>: Disclaimer Message Accepted - waiting for credentials."} } } This solution has been tested using Horizon 6.0 (and later) as well as the Horizon 3.0 (and later) Client. Earlier versions of the client and/or Horizon Connection Server could produce unexpected results. Big shout-out to Greg Crosby for his work on the iRule!
F5 Anti-Fraud Solutions: Frictionless Protection for the Masses
Anti-Fraud Solutions: Why F5? In 2013, F5 Networks grew its security portfolio to include advanced Anti-Fraud services with the acquisition of the Israeli-based security company Versafe. At the RSA Conference in San Francisco this week, we have a section of our F5 booth dedicated to the Anti-Fraud solution where we are talking about the technology, answering questions and demonstrating the capabilities all week. If you cannot make it to the conference or even if you attended but missed us at our booth, that’s not a problem. I’ll fill you in on some of the details. First, just walking around the RSA Conference, it’s clear that there is no shortage of anti-fraud solutions on the market. The number is mind blowing and continuously growing. As new threats emerge, new technologies are introduced to combat them. But if you look at the approaches each company takes, they are often quite different. So that begs the question: why F5? Well, from a feature and function standpoint, we cover a wide range of web-based fraud detection and protection capabilities. The WebSafe solution, which protects web-based applications, safeguards against various forms of malicious activity including phishing attacks, Man-In-The-Middle, Man-In-The-Browser and Trojan activity such as web injections, form hijacking, page modifications and transaction modification. But what makes the solution unique is that it enables 100% coverage of the user base in a completely clientless manner, without impacting the user experience. We inject our obfuscated code via an iRule, into the web application code as part of the response data. In other words, the solution is completely frictionless, which is key differentiator number one. And because the solution leverages common browser-based technologies, we protect users who are navigating from all types of devices: laptops, PCs, tablets, smart TVs, mobile devices, etc. As long as the user is navigating with a standard web browser, they will be protected. This is key differentiator number two. From a deployment standpoint, today the WebSafe solution is implemented via an iRule on an F5 device (either physical or virtual), so there is no need to introduce changes to the web applications our customers are looking to protect from online fraud. This saves time when deploying the solution because there is no need to engage web development resources which are often outsourced or already engaged in critical projects. Our ability to deploy without these web application changes equates to savings and is key value proposition number three. As a matter of fact, many F5 customers can leverage their current F5 investment and deploy the Anti-Fraud services on their existing infrastructure, requiring no additional hardware investment: differentiator number four. Lastly, WebSafe provides protection against online fraud without a client install and with no change in the online users’ experience. Introducing CAPTCHAs, popups, etc is often too intrusive to the end user, so we are looking to protect the users without introducing friction in the process. Summary If you are at the RSA Conference, stop by booth 1801. We would be happy to demonstrate our Anti-Fraud solution and help to enhance your fraud protection capabilities. If you are not at RSA, look for further details here. We will be posting more details about F5’s Anti-Fraud solutions throughout the coming weeks.
SDN: An architecture for operationalizing networks
As we heard at last week’s Open Networking Summit 2014, managing change and complexity in data centers is becoming increasingly difficult as IT and operations are constantly being pressured to deliver more features, more services, and more applications at ever increasing rates. The solution is to design the network for rapid evolution in a controlled and repeatable manner similar to how modern web applications are deployed. This is happening because it is no longer sufficient for businesses to deliver a consistent set of services to their customers. Instead, the world has become hyper-competitive and it has become necessary to constantly deliver new features to not only capture new customers but to retain existing customers. This new world order poses a significant conflict for the operations side of the business as their charter is to ensure continuity of service and have traditionally used careful (often expensive) planning efforts to ensure continuity of service when changes are needed. The underling problem is that the network is not operationalized and instead changes are accomplished through manual and scripted management. The solution for operations is to move towards architectures that are designed for rapid evolution and away from manual and scripted processes. Software Defined Networking address these challenges by defining a family of architectures for solving these types operational challenges and operations teams are latching on with a rarely seen appetite. The key to the success of SDN architectures is the focus on abstraction of both the control and data planes for the entire network via open APIs (not just the stateless Layer 0-4 portions). The first layer of abstraction allows for a centralized control plane system called an SDN Controller, or just Controller, that understands the entire configuration of the network and programmatically configures the network increasing the velocity and fidelity of configurations by removing humans from configuration loop – humans are still needed to teach the Controller what to do. These Controllers allow for introspection on the configuration and allow for automated deployments. As Controllers mature, I expect them to gain the capabilities of a configuration management system (CMS) allowing for network architects to rapidly revert changes virtually instantaneously. The second layer of abstraction allows for network architects or third parties to programmatically extend the capabilities of a data path element. This can be as seemingly simple as adding a match-and-forward rule to a switch (e.g., OpenFlow) or as seemingly complex as intercepting a fully parsed HTTP request, parsing an XML application object contained within, and then interrogating a database for a forwarding decision (e.g., LineRate and F5) based on the parsed application data. However, realizing the fully operational benefits of SDN architectures requires that the entire network be designed with SDN architectural principles including both the stateless components (e.g., switching, routing, and virtual networking) and the stateful components (e.g., L4 firewalls, L7 application firewalls, and advanced traffic mangement). Early on SDN proponents, as SDN evolved from a university research project, proposed pure stateless Layer 2-3 networking ignoring the complexities of managing modern networks that call for stateful L4-7 services. The trouble with this approach is that every additional operational domain disproportionately increases operational complexities, as the domains need to be “manually” kept in sync. Recognizing this need, major Layer 2-4 vendors, including Cisco, have formed partnerships with F5 and other stateful Layer 4-7 vendors to complement their portfolios. With the goal of helping customers operationalize their networks, I offer the following unifying definition of SDN for discussion: “SDN is a family of architectures (not technologies) for operationalizing networks with reduced operating expenses, reduced risks, and improved time to market by centralizing control into a control plane that programmatically configures and extends all network data path elements and services via open APIs.” Over the next few months I’ll dig deeper into different aspects of SDN – stay tuned!
iBanking Malware Analysis
Co-Authored with Itzik Chimino. --- iBanking is malware that runs on Android mobile devices. It is delivered via a new variant of the computer banking Trojan Qadars, which deceives users into downloading iBanking malware on to their android device. It can be used with any malware used to inject code into a web app. The malware enables cybercriminals to intercept SMS and bypass the two-factor authentication methods used by several banks throughout the world to authorize mobile banking operations. iBanking malware acts as a spy that can also of grab contact lists, steal bank account details, forward incoming voice calls, and record the victim’s voice, which enables it to overcome voice recognition security features that financial institutions are beginning to implement. Cyber criminals ultimately utilize iBanking malware to transparently complete money transfers on behalf of the infected targeted users. How the attack works Focusing specifically on the new variant of iBanking malware that targets Facebook users, the attack begins by infecting users’ devices with the Qadars banking Trojan via a drive-by download from an unsuspecting website. Qadars then intercepts the webpage and uses JavaScript to inject code into the webpage—in this case, a Facebook page—that presents users with a fake verification pop-up page upon initial login. This page requests the victim’s phone number and Android device confirmation. The victim then receives an SMS message on the verified device, which directs him to a page with instructions to download added security. Once the victim installs the iBanking malware, it cannot be removed if it was given admin rights during the install process. Remote control of the infected device Once the malware is activated by the user on his smartphone, the attacker gains administrator permissions on his device. The attacker can now control a vast amount of functions such as: 1. Allows applications to change network connectivity state. 2. Allows an application to send/read SMS messages. 3. Allows an application to automatically start when the system boots. 4. Allows an application read-only access to phone state. 5. Allows an application to access approximate location derived from network location sources such as WiFi and cell antennas. 6. Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call being placed. 7. Allows an application to open network sockets. 8. Allows an application to write to external storage such as modify/delete SD card contents. 9. Allows an application to read the user's contacts data. 10. Allows an application to record audio such as phone calls and voice messages. Click here to read the full technical iBanking Malware Analysis Report by F5 SOC. To read more about F5 Global Security Operation Centers click here.HOT OFF THE PRESSES – VMware and F5 Hands-On-Lab Now Available!
VMware and F5 are proud to announce the availability of one of the first partner-centric labs utilizing VMware’s global Hands-On-Lab infrastructure. In close collaboration with the VMware End User Computing Technical Enablement team, the VMware Alliance team at F5 created this lab to create easy-to-use yet rich technical exercises. This lab will show you the ease of configuration and benefits of using the F5 BIG-IP platform in support of your VMware EUC enterprise solutions. This includes Horizon 6, both for virtual desktop infrastructure and application publishing. The lab provides a walkthrough from initial setup of F5 BIG-IP withHorizon 6 to configuring and providing additional security and fault tolerance to your VMware EUC solutions. This 1 st release of the lab includes: Brief overview of intelligent, VMware Horizon-aware system availability, security, and network traffic management capabilities using F5 BIG-IP’s Local Traffic Manager (LTM), Global Traffic Manager (GTM), and Access Policy Manager (APM). Deploying the F5 BIG-IP Virtual Edition on vSphere Running through the basic setup and configuration of the F5 BIG-IP Virtual Edition How to upload certificates and iApps (F5’s interactive, simple-to-use configuration templates) to the F5 BIG-IP Step-by-step instructions on how to load balance multiple Horizon Connection Servers and Security Servers Implementing and configuring F5 Access Policy Manager’s (APM) PCoIP Proxy as a Security Server alternative This lab is designed to provide a comprehensive introduction into the key products, technologies, and solutions VMware and F5 have developed to bring enhanced availability, scalability, and security to your Horizon environment. After completion, you will have gained a solid understanding of how to deploy and configure F5’s BIG-IP Application Delivery Services together with VMware Horizon. Here’s the link that will take you directly to the VMware and F5 Hands-On-Lab: http://vmware.com/go/f5lab Before you start this lab – you’ll first need to register (it’s FREE). After clicking on the link, choose the “Login/Register” tab in the upper right corner of the browser window. Continue following the directions on the subsequent screens to complete the enrollment and then login to the lab. We’re open to any feedback or suggestions - just send you comments or feedback to vmwarepartnership@f5.com! Enjoy the lab!Oh, Is That The Internet You're Wearing?
I can see it now... [Enter Dream Sequence] 'ALOHA! We're here at the Red Carpet Event at the 2021 Web Movie Awards! All the stars are here wearing the latest in fashion trends. Oh, here comes DigiTom wearing his underarm sweat blocker shirt that also calculates how much moisture he is losing and how many ounces of water he needs to replace that sweat. Cool stuff. Ah, and here comes Hank Hologram and what is amazing is how his shoes continue to change colors depending on his mood. Ooop...With all those screams, it must be super director Steve Streamer who has 500 little HHDD cameras sown into his clothes and he is making a live action movie of this event!' Can't wait to see who plays me!' Wearables are one of the hottest trends pushing the Internet of Things. Many of us are familiar with the sensor bracelet things that keeps track of steps, distance, calories burned and all the things a pedometer used to do. But now there are sensors stitched in to our actual clothing! Nike recently patented a shirt that provides 'enhanced body position feedback.' Basically you are wearing your coach as an outfit. It is a wearable instruction shirt that helps improve an athlete’s form or body positioning. A Korean artist has released a kinetic wearable, Metamorphosis, which features a woman’s dress and man’s blazer that detect when you’re drunk. When consuming alcohol, the shoulders on the dress expand and transition between different colors, while the collar on the blazer rise to hide the wearer’s face. The dress is designed to show how a female’s confidence increases when consuming alcohol but the blazer hides the male when it senses too much alcohol on his breath. I'm not incoxitated ossifer! A Brazilian designer has won an award for her lingerie that illuminates when touched. While not yet in production, there are micro sensors built into the bras and underwear and brings the red light district into your own home. And of you think these are one-offs, this October in Portland there will be FashioNXT’s first annual Wearable Technology Fashion Competition. They are looking at ways to bring wearables into mainstream adoption with the focus on ensuring the technology blends into the essence of the clothing. To top it all off, there is an interesting article about the 5 psychological challenges facing wearables. It is about behavior change technology and if these apps can actually change what a person does. The 5 challenges include: Apathy - if you're not motivated to change, it doesn't matter. Simplicity vs. Complexity - You can’t just shove complex psychology into an app and expect an incredible user experience. Personalization vs. Scale - Psychology is generally applied in a clinical setting, with the best results from 1:1 interactions & does not scale. Relapse - The process of anticipating/preventing relapse is integral to lasting behavior change. This important step is almost always overlooked in technologies Integration with Real Life - There exists a natural barrier between doing something on your phone and taking action in real life. With 82% of American wearable tech users believing that it has enhanced their lives, I'm sure this is just the beginning of the Wearable Internet. ps Related Nike Patents Golf Shirt Design That Could Double as Coach A Dress that Detects When You're Drunk Lingerie that lights up? Brazilian designer wins award 10 Hottest ‘Top-To-Toe’ Wearable Gadgets 5 psychological challenges facing wearables, quantified self and behavior change apps Wearable Technology – UK and US Facts & Figures Making bearable wearables Fashioning Health & Wellness: An Interview with Misfit Wearables Technorati Tags: iot,wearables,sensors,things,clothes,silva,f5 Connect with Peter: Connect with F5:So, you want to use RSA SecurID with APM’s PCoIP Proxy Module…
Customers who leverage Access Policy Manager (APM) for remote access to VMware Horizon 6 (formerly known as VMware View) typically have some level of two-factor authentication (2FA) as an added layer of authentication. It’s especially important when users may be accessing Horizon resources from untrusted devices or networks. One challenge I have found, especially when using F5’s VMware Horizon iApp, is that the iApp requires some settings to be pre-configured to support SecurID for 2FA. This blog post will walk you through the pre-configuration and subsequent iApp setup of RSA SecurID with APM’s PCoIP Proxy using the native RSA integration capabilities of APM. Shout-out to the peeps from VMware’s OneCloud team – big thanks to Simon Long and Aresh Sarkari for helping put this together! The Authentication Flow Let’s start with a quick recap of the authentication flow. Joe User will connect to the F5 virtual server’s public IP using the Horizon client or with F5’s WebTop. Next, he’ll be prompted to enter their RSA SecurID username and the passcode. BIG-IP APM will authenticate the username and passcode against the RSA Server. Once Joe has been validated through the RSA authentication server, he is then prompted for their Active Directory username and password. APM sends the Active Directory username and password to a domain controller. Once the final authentication step is completed, BIG-IP APM will enumerate the authorized desktops and applications through the Horizon Client or F5 WebTop. Joe then securely launches his apps and desktops, all proxied through the APM PCoIP Proxy. Here’s a picture of what the RSA integration looks like with APM in the mix: Setting Up APM and RSA for PCoIP Proxy Now, let’s get down to business. Here’s a quick list of things we’ll assume are already configured: BIG-IP installed and configured RSA Authentication servers installed and configured RSA tokens activated Firewall rules and routing between the BIG-IP and the RSA Authentication servers in place We’ll also focus on the key areas of the VMware Horizon iApp (version 1.2.0) that you will need to change in order to support RSA SecurID - I’ll actually cover the complete setup of the APM PCoIP Proxy with the VMware Horizon iApp in an upcoming blog post and instructional video. Click Here to download the documentation for setting up RSA SecurID with APM PCoIP Proxy. As always, feel free to send any feedback or ideas to our VMware Alliance team at vmwarepartnership@f5.com!Bricks (Thru the Window) and Mortar (Rounds)
...or I've been Breached. There was a time when people differentiated between stealing from a physical store and pilfering data from a network. Throughout the years there have been articles talking about the safety/risks of shopping online vs. shopping at a retail outlet. You could either get carjacked in the parking lot and have your wallet stolen on Black Friday or your browser hijacked and your digital identity stolen on Cyber Monday. There are probably many people who exclusively shop one way or another due to their own risk assessment of each...ignoring whatever convenience, interaction, price, constraints, gratification, availability or any other perceived beneficial metric on the Franklin T-scale tied to the specific activity. Now we've learned that the recent Target breach was due to malware being installed on the point of sale devices. Wait, what? A 'cyber' crime within a retail bricks environment? Isn't anything sacred? Well no, and this is really not anything new. ATMs and point of sale devices have been targets for a while due to the simple fact that they run on an operating system. A potentially vulnerable operating system. In 2012, thieves broke into Barnes and Noble's keypads and grabbed a bunch of credit cards. Subway also had it's PoS devices infiltrated. There will be more. Online shopping has risen 300% since 2004 and continues to grow. comScore reports that desktop sales on Black Friday grew 21% ($1.1 Billion) and Cyber Monday grew 18% ($1.7 billion). Yet, with all the mouse orders we accomplish on any given day, according to the Dept. of Commerce, it still only amounts to 6% of all U.S. retail sales. You'd think that it would be much higher but major purchases, like automobiles for instance, are still (mostly) purchased in person. The shift, however, will certainly grow as more people rely on mobile as a primary purchase sidekick and... as always, the bad guys are going to focus on where they can get their take. In this interesting TED talk, security expert Mikko Hypponen says that we are more likely to be a victim of an online crime than a real world stick up. That includes an increase of blended attacks. We've seen it a thousand times - plant something on the inside and siphon from the outside; launch a network based attack as a diversion to go after the app data; do a little social engineering surveillance to become one of them; and of course the classic, knock out the guards, put on their outfits and walk in while nobody notices. There is still much to uncover about this latest breach but I can't help feeling that more retailers, as has been reported, will be screaming, 'This PoS device is a PoS! Nice how I worked that in huh? ps Related: Target Security Breach A Reminder That Threat Lurks In Stores And Online Online retail still very small compared to brick and mortar The Ultimate Debate: Online Shopping vs. Brick and Mortar Shopping Cybercriminals targeting point-of-sale devices ATM and Point-of-Sale Terminals Malware: The Bad Guys Just Never Stop! Technorati Tags: breach,security,point of sale,pos,target,brick mortar,silva Connect with Peter: Connect with F5:How the cloud can improve your security solutions?
The advantage of being in this industry for a while is that you get to see first hand how things change. Mostly for the better, and usually quite quickly, too. Some of these changes have a knock-on effect on other parts of the industry. One recent example of this is security. In days gone by security was very much focused within a company’s network; all the necessary data and applications sat behind the firewall so that’s where defences were concentrated. These days, that’s simply not the case. Thanks to a raft of industry developments, primarily mobile devices and cloud computing, network perimeters are no longer contained within a company’s (metaphorical) four walls. That’s made security a slightly more difficult task - how can you be expected to use on-premises security solutions to protect apps, data, devices and so on, when they themselves are far beyond the traditional network perimeter? That’s why security solutions delivered via the cloud could help protect today’s businesses. It means workers - and all that important, sensitive data - are protected, no matter where they are, what device they’re using or what service/application they’re connecting to. It simply isn’t feasible for a company to protect each endpoint, inside and outside the perimeter. Using cloud-based security solutions can help with a variety of different threats. Take DDoS attacks, for example. DDoS attacks are getting bigger in scale, and when you’re talking about attacks around 300 Gbps in size (and up), the only way to stop these is with cloud-based technologies, as local network appliances won’t be able to cope with the bandwidth required. Delivering DDoS protection from the cloud also means (depending on the service provided) companies can call on a globally-distributed DDoS mitigation network operated by experts. On-premises DDoS protection is unlikely to be able to say the same. When you think about it, if you need to protect cloud-based devices, applications, data and so on, it makes sense to do that in the cloud, right? Cloud-based security can stop many attacks before they reach a corporate network and can use intelligence from its entire network to spot anomalies and new threats as they emerge. That real-time defence is something that on-premises software can struggle with, as databases have to be updated and new versions rolled out before the corporate network is secure. It’s worth noting that many of the benefits of cloud computing - cost reduction, better scaling, automation and so on - apply when it comes to using cloud-based security services. As we trust more and more of our critical applications, services and systems to the cloud there is no reason why security should not be on that list.
