Heavy Reading
Length: 22 Pages
Price: $3,495
Patrick Donegan
Chief Analyst,
Heavy Reading
Patrick has more than 20 years' experience as a telecom analyst and strategist. He is Chief Analyst of Heavy Reading, but more specifically covers areas such as mobile backhaul networks and mobile network security...MORE
To view reports you will need Adobe's Acrobat Reader. If you do not have it, it can be obtained for free at the Adobe web site.

Length: 22 Pages
Price: $3,495
DDoS Attacks: Opportunities & Threats for CSPs

Distributed denial-of-service (DDoS) attacks pose a serious threat to the communications service provider (CSP) business model. DDoS attacks generate network outages that suspend the ability to bill for service; they are often launched in conjunction with data exfiltration attacks; they trigger penalties for breaches of service-level agreements (SLAs); and they put upward pressure on customer churn.

CSPs have tended not to feature among the highest-profile DDoS attack targets. There is nevertheless plenty of evidence of specific CSPs that have been impacted over the last 18 months and how they have been impacted. Among the most recent high-profile incidents was the attack on Talk Talk, a U.K. Internet service provider (ISP), in the latter half of 2015. This featured a multi-vector DDoS and data exfiltration attack, and resulted in the company losing one third of its market value over a few weeks.

This type of devastating impact is just the tip of the iceberg, however. Many network outages and service degradations go unexplained in the public domain: Either the CSP is not required to disclose the exact causes, or it genuinely doesn't know what caused a specific outage or service degradation. In a number of cases, those unexplained outages include DDoS attacks. Where many CSPs are routinely detecting and mitigating DDoS attacks very effectively in a way that ensures no impact is felt today, that carries a significant cost in terms of capex and often manually-incurred opex.

When it comes to dealing with DDoS attacks, a CSP's first responsibility is to protect its own network uptime. Its second priority is to consider a play in the DDoS-protection-as-a-service market, protecting enterprise customers against DDoS attacks penetrating and impacting their network infrastructure.

The rate of technology change in the realm of DDoS attack creation and CSP network transformation with software-defined networking (SDN) and network functions virtualization (NFV) is so rapid now that the requirements for DDoS protection have moved on quite a bit from where they were just three or four years ago. The market in specialized DDoS equipment is more competitive than it was. The market in cloud-based DDoS protection services, as well as more broadly the managed security services provider (MSSP) space serving enterprises, is also becoming more competitive.

DDoS protection equipment vendors themselves are now delivering cloud-based DDoS protection as a service in competition with some of the same DDoS protection service providers to which they sell their products. Some of the global Internet companies, such as Amazon, Google and Rackspace, are now investing in DDoS protection at their hyperscale data centers. In effect, they're eating into the market in network security services.

DDoS Attacks: Opportunities & Threats for CSPs analyzes recent patterns and trends in the nature of DDoS attacks and the impact they are having on CSPs. The report explores the growing threats to network availability and data security from ever more sophisticated types of attack, as well as from network transformation with SDN and NFV. It highlights some of the key requirements for protecting the network infrastructure against DDoS attacks, and detecting and mitigating those attacks that still get through. Finally, the report examines changes in the market landscape for CSPs that are looking to monetize DDoS protection as a service.



The DDoS-protection-as-a-service market is becoming increasingly competitive. As shown in the excerpt below, vendors of specialized DDoS protection equipment can now sell into four discrete customer groups in addition to CSPs: data center operators, MSPPs, enterprises and cloud-based DDoS protection providers.

DDoS Attacks: Opportunities & Threats for CSPs is published in PDF format.