A technology enthusiast with over two decades of experience in handling research, development, engineering and management of networking and security products in the telecommunications sector, Today Maya Canetti serves as Product Management Director at Allot Communications, leading the company’s DDoS Protection product line that helps operators worldwide to protect their network infrastructure and maintain their reputation.
Sachi Mulmi (SM), a researcher with Frost & Sullivan, had an opportunity to conduct a Movers & Shakers interview with Maya Canetti (MC), Director of Product Management.
SM: Can you start by providing our readers a brief overview of your company including the vision behind its formation and its current role in the market?
MC: Allot is a provider of leading innovative network intelligence and security solutions for service providers worldwide, enhancing value to their customers. Our solutions are deployed globally for network and application analytics, traffic control and shaping, network-based security services, and more. Allot’s multi-service platforms are deployed by over 500 mobile, fixed and cloud service providers and over 1000 enterprises. Our industry leading network-based security as a service solution has achieved over 50% penetration with some service providers and is already used by over 18 million subscribers in Europe.
SM: Continued innovation is the key to success in this growing industry. How is the process of innovation managed at your company?
MC: Innovation at Allot is an integrative process, driven by markets, use-cases and technology. Our technology and product management teams work closely with the customer facing units to identify needs and opportunities arising from new markets or a need for improved solutions in existing markets. With more than 500 CSP customer and 1000 enterprise customers Allot has a significant installed base from which we can derive new market requirements and use cases. This installed base also presents a wealth of raw (anonymous) data against which innovative ideas can be validated, through cooperative collaboration.
For example, we identified a potential new market for service providers to leverage DPI capabilities to deploy value-added security services to the mass market – by offering network based security to the end user. Market surveys and friendly proof-of-concept trials validated both the market demand and technological feasibility. In this case a combination of technological development and strategic acquisition was used to bring the solution to market where it has achieved unprecedented penetration levels in the range of 40-50% uptake.
In-house research teams constantly work on innovative technologies, independently or as part of multi-discipline industry or government research consortiums. For example, machine learning techniques to identify the anomalous behavior of unknown attack vectors started as pure research that was subsequently migrated to customer trial validation and productization.
SM: What are the key requirements for a DDoS mitigation solution?
MC:
- Real-time (always-on) mitigation – detects and mitigates Denial of Service (DoS/DDoS) attacks within seconds, before they can threaten or disrupt the network or service
- Accurate – surgically blocks attack traffic without over blocking legitimate users traffic
- Unlimited mitigation capacity – the ability to scale to the maximum capacity of attacks seen today and beyond
- Zero-day – detects and mitigates known as well as unknown attacks
- Two-way – detects and mitigates inbound and outbound attacks at similar capacity
- Comprehensive threat intelligence – alerts in real-time when a DDoS attack is detected and when it has been mitigated. Delivers detailed analytics on attack event, its source and targets in the network for security planning, threat management and operational decisions
- Automatic – dynamically detects attacks and their patterns and automatically triggers mitigation actions without the need for supervision or manual intervention
SM: What factors are driving the growth of the DDoS mitigation market?
MC: Among the major factors driving the DDoS Mitigation market right now we see:
- Significant increase in attack frequency – DDoS for hire services as well as open source bots make DDoS a more common phenomenon which could potentially hit any network at any time. When looking at service providers in particular, an attack on a single target within their network which could be an Enterprise customer, can congest the entire network and disable service to many innocent bystanders.
- Continued Increase in attack volumes – attack volume is on the rise driven by the spread of botnet infected IoT devices which make up an enormous infrastructure for launching record breaking volumetric attacks.
- Quality of Service and Expansion costs – DDoS attacks do not always shut down networks and often are undetected. However, even in these cases they consume 15-20% of network capacity on an ongoing basis, negatively impacting customer QoE and causing service providers to spend unnecessarily on network expansion. Operators increasingly understand that undetected DDoS traffic is very costly, affecting their reputation, customer satisfaction, revenue-generating traffic and infrastructure CAPEX.
- Rise in outbound attacks – DDoS attacks launched by outbound IoT botnets during the last 2 years has shown that service provider networks can be brought down even when properly protected against incoming threats. This should drive service providers to strengthen their defenses by either replacing existing solutions or complementing them with an outbound DDoS solution.
- Service providers preparing for 5G – While most service providers respond to growing bandwidth usage trends in an incremental manner, some operators already foresee the potential for increased DDoS attack volumes in 5G networks due to greater usage capacity. These operators are preparing for worst-case scenarios. Handling such big attacks with traditional scrubbing center solutions means putting in place an expensive infrastructure that will allow moving Tbps of traffic within the network. For many service providers, even the large ones, this is not a good option, and therefore when it comes to 5G they favor inline mitigation solutions that can handle 5G Tbps loads.
- New evasion techniques – many recent DDoS attacks utilize massive, short lived spikes to attack their targets. Often, they last less than 10 minutes, which perhaps is meant to challenge traditional scrubbing center solutions which may take up to 10-15 minutes to detect and mitigate attacks. The emergence of this new evasion technique is a compelling event for evaluating alternative inline mitigation solutions that can respond in seconds and are therefore more effective in addressing this new threat.
- Network virtualization – many service providers have already started their transformation into a virtualized NFV network. They are replacing their hardware infrastructure and require any new solutions (including DDoS mitigation) to run on virtualized infrastructure (hypervisors) and support orchestration via NFV management systems. At the very least they ask for software which they can run on COTS hardware. The availability of virtualized software solutions reduces the cost of DDoS mitigation projects significantly makes them affordable for operators who were previously restricted to simple, ineffective solutions such as rate limiting, proxy servers etc. or no solution at all.
- Monetization – Many CSPs see the global DDoS trends as an opportunity to increase their revenues by delivering DDoS clean ports to their downstream ISPs or value add anti-DDoS services to their corporate/enterprise customers. These solutions are usually priced in a revenue share model allowing for new service providers entrants by removing the cost barrier.
SM: What is the size of the market now and what market segments are growing?
MC: Allot specializes in delivering carrier grade DDoS Mitigation to service providers. We estimate this segment of the market as roughly 30% of the $1B global anti-DDoS market. The service provider segment, especially mobile CSPs, is growing significantly, as reflected in the rising number of opportunities we see for inline service provider DDoS Mitigation. The major drivers appear to be:
- Complementing existing solutions with outbound anti-DDoS that will cover IoT driven attacks from within the service provider network
- Replacement of aging scrubbing center solutions which are expensive to maintain and difficult scale to withstand the continually growing threat volumes
- New deployments driven by various compelling events including: 5G, IoT, NFV, QoS, monetization (anti-DDoS as a Service), as described above
If you have further questions/comments, please contact: sachi.mulmi@frost.com
For further information about DDoS Mitigation Global Market Scenario, please visit:
https://store.frost.com/ddos-mitigation-global-market-analysis-forecast-to-2021.html?