A10 Thunder TPS Identify Smaller Attacks
Using the solution, have you seen a lot more small attacks, attacks that you had been missing previously? If yes, please describe.
Finally, using this solution we have also, to some extent, detected more small attacks, attacks that we had been missing previously. Before we deployed A10, we did not have any technology in place to detect an attack. Only if a customer opened a ticket did we know there was an attack. But when we started deploying the detection technology and the A10 scrubbing technology, we suddenly saw that we actually have a lot of smaller attacks as well, which were invisible to us previously. That means, most likely, that there were a lot of unhappy customers - or unhappy end-users of our customers' systems - that we were never aware of. That was suddenly fixed by deploying these systems. In all of 2018, we identified about 400 attacks each day, anywhere in our 20 data centers around the world. Many of these attacks were invisible to us before 2016 when we did not have this solution in place... One of the biggest lessons for me, in using this solution, was that there are so many smaller attacks going on that we were not aware of and which must have had an impact on the satisfaction of our customers, as well as the satisfaction of their customers. Everybody always talks about the huge attacks, the one- or two-terabit attacks that get into the news. But the fact there is such a huge volume of smaller attacks going, script kiddies, etc., to make other people's lives miserable was, to me, a bit of an eye-opener. That was resolved by deploying the A10 solution.View full review »
Using TPS we have detected a lot more small attacks and attacks that you had been missing previously, but that's not only because of TPS. We do gather flow information from the TPS devices as well as from our border routers that we recently upgraded. With that combination, we are seeing a large increase in the number of DDoS attacks that we're detecting compared to what we were using previously, which was a third-party cloud provider. On average, we're detecting anywhere from 25 to 50 more attacks per week than we were previously.View full review »
Any time you filter, you set up thresholds, you can identify your traffic patterns a lot better. It has helped in that aspect as well. We did miss attacks previously.View full review »
In terms of small attacks we were getting but missing prior to having Thunder TPS, we're over 200 Gig in the backbone now, but we never saw a lot of those little, what I call "squirt-in-the-eye" attacks before. We had a 50-Meg customer out there that was getting DDoS'ed at a 100 Meg. We would've never seen that before. We would have never mitigated it. The customer would have called and said, "Hey, my circuit's down," and we would have looked at it and spent time trying to figure out what's up with the circuit. Then somebody would have looked at their bandwidth charge and said, "Oh, you're maxed," and the customer wouldn't understand why they were maxed. Now, the DDoS solution we put in place sees those small attacks, mitigates them, and the customer never calls.View full review »