Connect with us

Hi, what are you looking for?


Network Security

Why We Need Attack Mitigation Adaptive Networks

From Security Products to Security Systems, and Now: Security Networks

We all know that servers virtualization technologies have matured already and many networks adapt them in order to more efficiently meet today’s business needs.

From Security Products to Security Systems, and Now: Security Networks

We all know that servers virtualization technologies have matured already and many networks adapt them in order to more efficiently meet today’s business needs.

With the Software Defined Networking trends and NFV (Network Function Virtualization) initiative that proposes a design approach for building complex IT applications, we see a similar process of adapting network technologies to be more business efficient well. These technological movements in the IT infrastructure created potential for rapid innovation in network and application security.

On the other hand, security challenges have significantly increased as well. Focusing more on availability-based attacks, as seen in the figure below, the security friction surfaces are now wider than ever, and much more dynamic for enterprises, cloud service providers and carrier organizations:

Diagram of Attack Mitigation Adaptive Networks

• The service providers peering points (SP perimeter) are under volumetric DDoS attack threats which have the potential to disrupt their overall operations and customer services.

• The enterprises’ businesses networks service edges are under the threat of multi-vector attacks, which aim to saturate the business internet pipe, misuse the resources of the internal network’s stateful elements (e.g., firewalls, load balancers, intrusion prevention devices) through network state attacks and misuse the business application resources through various state-based applications.

• The cloud hosting perimeter become much more complex as the security friction surface is now multiplied by the number of internally hosted “business tenants”, while each tenant is actually exposed to the same multi-vector attack described above.

Advertisement. Scroll to continue reading.

The following illustrates an even bigger problem at the cloud:

Multi-Tenant Cyber Attacks Diagram

• An attack on one tenant can impact the entire cloud infrastructure and any other tenant (especially if it is a network volumetric one).

• The new security friction surface now becomes much more complex to control as the number of tenants can reach an enormous number, their resources are usually virtualized (dynamic and elastic) and each tenant can be transformed into a “malicious tenant” or a network of malicious tenants, and start attacking the tenants at the same cloud, on other business networks and at the carrier network itself.

Looking at the above, I don’t think there is any doubt that there is a need, now more than ever, to present a holistic solution approach to this problem. Holistic in the sense that the network itself needs to be part of the security service allowing:

• Security monitoring capabilities at various network points that can adapt and change their characteristics per potential risk

• A security control system that will provide a situation awareness in a very wide sense based on these monitoring inputs

• Network mitigation capabilities that will allow the network itself to be “programmed” to act against and according to the risk .e.g., quarantine infected tenants, deploy distributed ACLs, isolate network tenant’s routes, redirect suspicious traffic into security scrubbing centers and more.

So, although the security threats and the complexity in controlling them has become much more challenging than before, the same technologies (cloud virtual environments, network virtualization and software defined networks) that really contribute to this complexity, are also the technologies that potentially need to be used for solving it.

Security applications that will know how to use the new programmable nature of the servers and network virtual environments are key for these solutions. The old approach of just deploying more and more security devices and systems as part of the network data-plane will probably be much more expensive and will not do the job. The time has come for Attack Mitigation Adaptive Networks.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...