SiteProtect Next Generation DDoS Mitigation Service

 

Distributed Denial of Service (DDoS) attacks represent a constant and persistent threat to the operations and security of every organization that has a digital presence. According to our 2017 research, an organization’s chance of suffering a DDoS attack is 80 percent, and when attacked, that same percentage can expect repeated assaults. But the damage doesn’t end there: Nearly half of reported attacks are conducted in concert with a breach, often leaving behind virus infections, data theft, malware activation, and now – ransomware attacks.

Mitigating the DDoS attacks of today and tomorrow requires more than just technology. SiteProtect Next Generation (NG) provides you with powerful analytics, top-tier DDoS mitigation, and layer 7 protection that allows you to suppress threats before they become attacks. Neustar NG is relied upon by companies of all sizes to keep their infrastructure and proprietary information safe and available.

 

More Than Bits and Bytes, It’s Business

In addition to business disruption and brand embarrassment, attackers can have many motives for launching assaults. DDoS assaults are commonly used to obscure and obstruct attempts to figure out who’s attacking, and what they’re going after. Such activity is referred to as a “smokescreen,” and in today’s world with so much at stake, you can’t take chances – it’s imperative to detect and defeat DDoS attackers as quickly as possible.

Neustar SiteProtect NG is the DDoS protection that your organization needs. Built on a massive global mitigation platform using best-of-breed technologies, time-proven best practices, and unparalleled expertise, Neustar delivers a top-tier solution leveraging three proven principles of DDoS protection.

 
 

Global Picture of DDoS Lethality in the Connected World

connected siteprotect world map
 

North America

  • 76% of organizations were attacked
  • 29% were attacked six or more times
  • 21% reported malware activation after a DDoS attack

EMEA

  • 76% of organizations were attacked
  • 39% were attacked six or more times
  • 24% encountered malware after a DDoS attack

APAC

  • 75% of organizations were attacked
  • 45% were attacked six or more times
  • 30% reported ransomware after a DDoS attack
 
 

Neustar SiteProtect NG Trusted By Global Brands – Because It Works

Neustar SiteProtect NG is the largest purpose-built, dedicated DDoS mitigation solution in the world, with 61 data scrubbing centers located strategically across the world with a capacity of 10Tbps. There are deployment options to fit the needs of any organization. So whether your requirements demand on-premise hardware, cloud-based or hybrid mitigation capabilities, Neustar offers the broadest and most flexible array of DDoS protection services to fit you.

Compared to previous investment responses, it's clear that organizations are recognizing the value in preparing before the strike. With options that include appliance, cloud, WAF, direct connect or hybrid combinations, Neustar SiteProtect NG provides effective DDoS mitigation.

SiteProtect NG Detection and Alerting

Avoiding the costly impact from DDoS attacks requires constant vigilance. To help alleviate the burden off of you and your team, Neustar offers quick Detection and Alerting capabilities. Detection and Alerting will monitor and inform you of potential DDoS attacks and can automate mitigation based on alerts. Or, depending on your preference, you can automate the mitigation process to deliver high-velocity protection when you need it most.

SiteProtect On-Demand

A high-capacity, cloud-based DDoS protection service, Neustar SiteProtect NG scrubs malicious traffic away from your infrastructure, defusing the large, complex attacks that make headlines every day and threaten your operational stability. Powerful automation allows you to activate on-demand cloud protection through means that include DNS Redirection, BGP Redirection, and API-triggering. The result is incredibly fast response against DDoS trouble when you need it most.

SiteProtect Always

Neustar offers several options to keep your traffic in an always-ready state — Always-Proxied, Always-Routed, and Always-Hybrid. Neustar SiteProtect NG Always-Hybrid features the best-in-class Arbor APS DDoS mitigation appliance that combats attacks locally, without a moment's delay. When attacks exceed local capacity, Neustar fails over your traffic to the SiteProtect NG cloud and manages the response until the danger passes. Best of all, it is a fully managed service, including remote management of your Arbor box. Neustar monitors, detects and responds to DDoS attacks for you, so you can commit resources to higher priorities.

Neustar NetProtect™

The ideal cybersecurity solution for large enterprises, Neustar NetProtect augments the SiteProtect NG network with a direct connection to mitigate a DDoS attack. It's strategically situated directly inside our data scrubbing centers around the globe. NetProtect addresses and mitigates, or entirely avoids, the concerns of latency, complexity, and other anomalies commonly associated with legacy Generic Routing Encapsulation (GRE) and Virtual Private Network (VPN) tunnel systems. Created specifically for demanding and advanced network requirements that require support beyond basic proxy or VPN services, NetProtect is focused on transmitting sensitive data quickly and securely.

Neustar WAF

Neustar Web Application Firewall (WAF) and SiteProtect NG provide a true cloud-based Always-On approach to quickly stop the largest DDoS and most sophisticated web application threats, including Layer 7 attacks, without reducing network performance or adding additional levels of complexity to your existing security strategies.

 
 

The Neustar Advantage – Automation and Flexibility

Automation is the key to speed and it’s crucial to gaining an advantage against DDoS attackers – especially those with an appetite for breach. Flexibility is the ability to right size the DDoS protection investment. Since no two organizations have the same requirements, the Neustar combination of automation and flexibility helps tighten and exact defenses that mold to specific defense strategies – all while avoiding expensive customization and long deployment periods.

DNS/BGP Customer Triggered Mitigation

Standard configurations that allow a SiteProtect NG customer to automate mitigation in either DNS redirection or BGP connection service configurations. Attack traffic will spark mitigation for the targeted host reducing the time-to-mitigation and improving reaction times.

API-Triggered Mitigation

Available with Neustar’s standard on-demand BGP service and allows customers to call the SiteProtect NG API to begin their mitigation without intervention from Neustar. The ability for this API to be leveraged with other security services creates new potential stable state improvements and protective actions automatically.

Detection and Alerting Automated Mitigation

Customers direct their NetFlow data to Neustar for constant analysis and mitigation triggers automatically when an attack is detected. For those short on expertise and staff, this defense option provides a valuable extension to stretched security operations.

Cloud Signaling Triggered Automated Mitigation

Endpoint detection based upon bits per second and/or packets per second thresholds that, when exceeded, automatically initiates BGP redirection mitigation. The time to mitigation is instantaneous and throws back attackers the moment they strike.

 
 

Your Advantage – Insights and Control

Being in control means knowing what’s going on. Neustar SiteProtect NG puts the power of global mitigation in your hands. The SiteProtect NG portal provides a personalized experience, enables greater automation, and more easily provides real-time information that you can quickly act upon.

Neustar makes sure that you have the information and insight needed to protect your online presence and brand reputation.

Neustar SiteProtect NG Portal

  • Displays attack sources and attacked protocols in an easy, informative way
  • Puts near real-time and historical information at your fingertips
  • Empowers you to route and scrub traffic without cumbersome interaction
  • Enables automated mitigation as you see fit
  • Delivers insights into traffic statistics, including top talkers and top routes
  • Shows D&A Alerts information including attacked origin server IP, type of attack, and traffic type

Precise insights, configurable elements, automated mitigation, and power that you can trust. Capabilities and control are what Neustar gives you to keep DDoS attackers at bay and help keep your organization safe.

Holistic DDoS Protection

Neustar can provision SiteProtect NG to defend standard TCP-based applications, including websites, email servers, APIs, databases and more. Providing coverage against dozens of protocols and the widest array of attack vectors, Neustar SiteProtect NG helps you protect your entire Internet ecosystem. For even more assurance, consider Neustar UltraDNS® which provides superior DNS services and DDoS protection. Combined, these two services ensure uninterrupted traffic flow to your critical online properties without the need to manage multiple providers and solutions.

Powered by People, Proven by Practice

Neustar security operations are fully manned 24/7 by senior-level DDoS mitigation professionals. The countermeasures, processes, and practices built from more than a decade of thwarting DDoS attacks makes Neustar your best partner to monitor and responds to threats - even flexibly changing defenses as attackers assault using multiple tactics from multiple vectors with multiple motives.

Download PDF