Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's distributed-denial-of-service attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Pandrangi, VP of Technology at Verisign, has studied DDoS attacks, and he's concerned about recent trends.
"Large volumetric DDoS attacks are becoming more common," Pandrangi says. "And as that happens, on-premise solutions will not be able to handle these types of attacks."
What's needed, then, is an entirely new approach to protecting against DDoS. Pandrangi advocates what he calls an open/hybrid approach that relies on on-premise solutions to mitigate attacks locally, while leveraging cloud-based services when attacks are likely to overwhelm the defenses. At the core of this new approach is an open platform that allows multiple vendors to act in concert on the customer's behalf.
"This [approach], we believe, will allow businesses to have a wide range of options without the limitations of having vendor lock-in," he says.
In an interview about the new approach to DDoS protection, Pandrangi discusses:
- Latest DDoS attack trends;
- What's wrong with the traditional approach to DDoS protection;
- Details of the Verisign Open-Hybrid Solution.
As vice president of technology, Pandrangi is responsible for the technology direction and product management for the company's Network Intelligence and Availability (NIA) business, which includes Verisign DDoS Protection Services, Verisign Managed DNS Services and Verisign iDefense Security Intelligence Services.
Pandrangi has been with Verisign for more than 13 years, and prior to his current position he was senior director of infrastructure engineering, where he led and managed the teams responsible for the development of Verisign's scalable resolution services. These systems include DNS resolution for all Top-Level Domains (TLDs) operated by Verisign, related WhoIs services, Verisign's Managed DNS Services and Athena, Verisign's network and DDoS mitigation platform.