Attacks, like other Internet-borne traffic, are somewhat predictable. Monday morning rushes to log in after the weekend. After school bursts as kids log on to online games. Holiday-driven increases as shoppers frantically try to find "the perfect gift" online. Seasonal and industry-related patterns have been recognized by researchers and anticipated by security pros for years.
But 2020 bucked those trends and instead of the traditional seasonal decrease in DDoS attacks, reports showed an increase. To wit, the average number of attacks per day increased during the second calendar quarter of 2020, reaching almost 300 attacks per day (April 9). In the first quarter, the daily record was 242 attacks. This anomaly has been attributed to the abrupt shift to a remote workforce.
While it's true that there have been new DDoS attack patterns emerging, what is also true is that DDoS attacks at the infrastructure layer are still DDoS attacks. They are what we might call "traditional" attacks. What is changing are targets and opportunities that come with a distributed workforce.
Fears that a new generation of hyper-scale DDoS threats emerging along with 5G networks are extant. These concerns are compounded as Edge increasingly appears to be a strategic solution to the growing challenge of maintaining availability and performance of applications for what appears to be a more permanently remote and distributed workforce.
This is an existential challenge. Over 15% of remote workers experience issues with connectivity daily, with over half (52%) experiencing problems monthly. (Waveform, April 2020 report) The biggest challenge faced by CIOs in 2020 has been maintaining application performance (66%) and network reliability (63%). (Catchpoint, CIO New Normal Survey, 2020) Consumers face similar challenges with connectivity, performance, and availability of applications from the utilities, banking, retail, and culinary industries that have rapidly transitioned to a digital-first (or digital-only) model. The ability of a significant attack to exacerbate these frustrations is not trivial.
The scale of such attacks—the average size of a DDoS attack in 2019 was 12Gbps—is already overwhelming, there is a need for new technologies to address this growing threat. But space and resources are still limited. The Edge might be a utility room at the base of a remote cell tower, after all. This is not prime data center real estate. The constraints of space and remote nature of Edge compute makes the traditional "throw more hardware at the problem" approach a non-starter.
A modern approach is to throw smarter hardware at the problem.
There is already a growing market for solutions that are accelerated using specialized hardware. In the emerging AI and ML space, we see GPUs taking on the role of accelerating the complex mathematical computations necessary to fuel faster, smarter analytics. In the network space, we are seeing similar approaches that take the form of an FPGA. The Intel PAC N3000 is one such device that has enabled F5 to apply its more than ten years of FPGA programming expertise to more efficiently block incoming DDoS attacks.
Testing of our solution versus software-only options showed the FPGA-enabled option able to withstand a DDoS attack up to 300 times greater in magnitude.
Moreover, because the solution leverages what is commonly referred to as a SmartNIC, there's no need for additional rack space or hardware. There's no need for dedicated hardware to reap the benefits of a hardware-assisted solution. This makes it a better fit for service providers who are facing exponential growth in traffic from the shift in workforce and the ongoing 5G rollout.
A software option that pairs with a NIC also makes it an infinitely better choice for deployment at Edge locations, where space and resource constraints make large-scale hardware deployments untenable.
The issue of performance and reliability at the edge of the Internet—our homes and now, it seems, our workspaces—will continue to be a challenge. Addressing it will require new approaches to these traditional problems. Taking advantage of smarter hardware to scale solutions in resource-constrained Edge locations is one of those approaches.
You can learn more about how F5 is scaling security at the Edge in this blog.
About the Author
Related Blog Posts
Multicloud chaos ends at the Equinix Edge with F5 Distributed Cloud CE
Simplify multicloud security with Equinix and F5 Distributed Cloud CE. Centralize your perimeter, reduce costs, and enhance performance with edge-driven WAAP.
At the Intersection of Operational Data and Generative AI
Help your organization understand the impact of generative AI (GenAI) on its operational data practices, and learn how to better align GenAI technology adoption timelines with existing budgets, practices, and cultures.
Using AI for IT Automation Security
Learn how artificial intelligence and machine learning aid in mitigating cybersecurity threats to your IT automation processes.
Most Exciting Tech Trend in 2022: IT/OT Convergence
The line between operation and digital systems continues to blur as homes and businesses increase their reliance on connected devices, accelerating the convergence of IT and OT. While this trend of integration brings excitement, it also presents its own challenges and concerns to be considered.
Adaptive Applications are Data-Driven
There's a big difference between knowing something's wrong and knowing what to do about it. Only after monitoring the right elements can we discern the health of a user experience, deriving from the analysis of those measurements the relationships and patterns that can be inferred. Ultimately, the automation that will give rise to truly adaptive applications is based on measurements and our understanding of them.
Inserting App Services into Shifting App Architectures
Application architectures have evolved several times since the early days of computing, and it is no longer optimal to rely solely on a single, known data path to insert application services. Furthermore, because many of the emerging data paths are not as suitable for a proxy-based platform, we must look to the other potential points of insertion possible to scale and secure modern applications.