Security Experts:

Juniper Networks and Verisign Partner on Hybrid DDoS Protection Solution

Juniper Networks and Verisign have joined forces to provide a hybrid DDoS mitigation service that combines Juniper’s on premise DDoS Secure technology with Verisign’s Cloud-Based DDoS mitigation service.

Through the partnership, the companies are offering what they call a “next-generation hybrid DDoS offering,” intended to enable more comprehensive, automated DDoS protection in increasingly heterogeneous environments that span public, private and hybrid clouds.

According to Juniper, the hybrid solution adjusts the parameters used for identifying and filtering potentially malicious traffic based on the response and performance of the protected applications.

“While many organizations have started to adopt DDoS protection, they often find themselves needing to make a series of trade-offs in architectural deployment, capabilities and traffic thresholds that ultimately could lead to increased cost and reduced efficacy,” Juniper explained.

How it Works

• Juniper DDoS Secure monitors the health of protected services and applications that reside in the data center, stopping low and slow attacks locally with a sub-second time of detection to mitigation response.

• When an attack is determined to exceed the network capacity at the data center edge, mitigation moves to Verisign’s globally connected, fully redundant cloud-based platform to provide comprehensive protection against network and application layer attacks.

• The solution proactively adjusts the security posture continuously based on coordinated local and global risk assessment. Verisign iDefense analysts actively monitor indicators of attacks, in order to assist Verisign’s DDoS protection engineers in creating new signatures for new attacks, while Juniper DDoS Secure heuristics engine inspects both inbound and outbound traffic to calculate local risk.

• The solution provides customers flexible deployment choices to suit their individual business risk profiles, scaling to support the largest enterprise network with geographically diverse footprints.

Additionally, the companies have plans to define and promote open source standards for communication between dedicated, on-premise DDoS mitigation devices and cloud-based solutions.

“Standards-driven interoperability should promote wider adoption of effective, intelligence-driven DDoS mitigation systems that meet business needs and should free customers from proprietary vendor lock-in,” Juniper explained.

“The joint Juniper Networks and Verisign solution will help customers improve time to mitigation by quickly handling low-volume attacks with on-premise hardware, while still offering the added security of back-up in the cloud for large-scale and extremely complex attacks,” said Christina Richmond, program director, Security Services, IDC, in a statement. “Access to both approaches is important to ensure a comprehensive DDoS solution that is adaptable and can handle all types of attacks faster and more efficiently.”

The hybrid solution is available immediately.