Application Performance – MEC Networks Corporation

Netscout: DDoS Attacks and Attackers Are Evolving

MEC Digital — Fri, 02 Aug 2019 06:47:58 +0000

Evident in NETSCOUT’s 14th Worldwide Infrastructure Security Report (WISR) findings is the current game of whack-a-mole between defenders and attackers. Wait. Nearly every year’s findings show proof of how a lot of things change, the more they stay similar.

Once a brand new exploit is identified, it never goes away. It gets used and abused in cycles during which activity spikes then recedes, often for years, until it comes back to life once more. There’s no higher example than Memcached servers and their potential for abuse.

The Rise of Memcached Attacks

In 2010, a presentation at the BlackHat USA Digital Self Defense conference indicated that there have been several insecure Memcached deployments internet-wide that might be abused and exploited. Not much happened—that is, till early 2018, once NETSCOUT’s Threat Intelligence Team warned that it “observed a major increase in the abuse of misconfigured Memcached servers residing on internet data Center (IDC) networks as reflectors/amplifiers to launch high-volume UDP reflection/amplification attacks.”

Weeks later, in February 2018, there was the first-ever terabit-size DDoS attack. This was followed days later by an attack nearly double that big, measuring 1.7 Tbps.

While exploits are identified, abused, and abandoned, attackers continue searching for the simplest path to success. They’re looking for the weakest link, and therefore the WISR has shown over the last fourteen years however the game is played between attackers and defenders. As one area of defense is made up, attackers advance to something else. If a crucial new service is launched, they check its resilience. That’s how it goes. That’s how it will perpetually go.

The Constant Evolution of DDoS Attacks:

The 2007 WISR mirrored significant concern over DDoS flooding of links and hosts. As a result, ISPs created investments in their mitigation capabilities to prevent these attacks. By the 2008 WISR, ISP concern over DDoS flooding of links and hosts had fallen within the rankings from 24-karat gold to 11 November. Attackers then began targeting applications.
In 2009, network operators centered their defenses against lower-bandwidth and application-layer DDoS attacks. This led to a modification in techniques and a comeback to volumetric attacks in 2010. “Based upon our experiences operating with operators over the last year, we tend to believe this huge increase in attack-traffic bandwidth is also partly due to operators focusing their defenses against lower-bandwidth and application-layer DDoS attacks. Attackers could have had to ‘up the ante’ to overwhelm the defenses and bandwidth capacity of defenders,” same report authors.
By 2012, network operators had invested with each in on-premises protection against low-bandwidth application-layer attacks and cloud-based defenses for high-volume attacks. So, what did attackers do? They modified techniques once more, unleashing complicated, multivector offenses that enclosed high-volume, application-layer, and stateful-infrastructure assaults all in one sustained attack.
“This year’s results ensure that application-layer and multivector attacks are continuing to evolve whereas volumetrical attacks are beginning to plateau in terms of size,” scan the 8th annual WISR. “While eighty-six reported application-layer attacks targeting internet services, most concerning is that multivector attacks are up markedly. Attackers have currently turned to sophisticated, long-lived, multivector attacks—combinations of attack vectors designed to chop through the defenses a corporation have in place—to accomplish their goals.”

This year’s WISR found attackers had yet again shifted their focus to stateful infrastructure attacks targeting firewalls and IPS devices. These attacks virtually doubled, from 16 pf in 2017 to 31st in 2018. One reason firewalls and ISP devices are targeted? The probability of success is fairly high. Of those who experienced stateful attacks in 2018, 43rd reported that their firewall and/or IPS contributed to an outage throughout the attack.

Another fascinating finding was that SaaS, cloud, and information center services were all progressively targeted by attackers. Adversaries typically target new services because they’re viewed as less mature, a lot of vulnerable targets.

SaaS, Cloud, and Data Center DDoS Attack Trends

SaaS services: 2018 information showed a threefold year-over-year increase within the variety of DDoS attacks against SaaS services, from 13 to 41st
Third-party information center and cloud services: the quantity of DDoS attacks against third-party information centers and cloud services conjointly showed a threefold increase in 2018, from 11 November to 34th
Service providers: Cloud-based services were more and more targeted by DDoS attacks, up from 25th in 2016 to 47th in 2018

Looking ahead to next year, we all know that the innovation will continue. Simply since the close of the WISR survey period, NETSCOUT’s Threat Intelligence Team has disclosed the following:

Mirai DDoS attacks have moved from IoT to Linux: Threat actors are learning from their experience with IoT malware to focus on commodity Linux servers. For example, the Hadoop YARN vulnerability was initially used to deliver DemonBot, a DDoS malware, to IoT devices. Soon after, threat actors used the vulnerability to install Mirai on Linux servers, blurring the road between IoT and server malware.
Mobile phones are progressively employed in DDoS attacks: “Attackers have recently begun launching CoAP reflection/amplification DDoS attacks, a protocol primarily used nowadays by mobile phones in China, but expected to grow with the explosion of the Internet of Things (IoT) devices. like any reflection/amplification attack, attackers begin by scanning for abusable addresses, then launch a flood of packets spoofed with the source address of their target,” the team warned in January this year.

DDoS attacks are perpetually evolving, and attackers are continuously trying to find new targets and adopting new techniques. This can be why NETSCOUT has been advocating over the better part of the past decade for a multilayered defensive approach that includes on-premises protection for your stateful infrastructure and applications, with cloud-based protection from high-volume attacks.

Download Free Netscout Resource

Get access to authentic content from one of the leading network assessment and performance experts in the world from the Philippines’ premiere technology provider.

The post Netscout: DDoS Attacks and Attackers Are Evolving appeared first on MEC Networks Corporation.

Netscout: Location’s Power in Networks Without Borders

MEC Digital — Mon, 01 Jul 2019 08:32:09 +0000

NETSCOUT’s “visibility without borders” vision is focused on the idea that digital transformation and virtualization erase the borders across components and layers that exist in today’s networks, bringing end-to-end visibility into however networks work and perform. Demolishing the borders that isolate network elements frees operators from the constraints of location, however, it doesn’t abstract network performance from the location. On the contrary, networks without borders unlock the power of location.

Removing Borders within the Enterprise Network

Just as the internet takes down borders across cultures and nations whereas supporting extremely localized content and services, removing the borders in our communication networks permits operators to extract the value of location in ways in which aren’t attainable in today’s networks, wherever function remains tied to a fixed location among the network architecture, and traffic is treated as an identical stream of bits transmitted across the network.

As borders come down, operators not solely gain (and need) network visibility, they conjointly gain (and need) flexibility. During a virtualized network, they get to settle on what goes where. That functions ought to be kept during a centralized location or within the cloud? Which of them ought to instead be moved towards the edge? And wherever is that the suitable edge – the cell site, the basement of an enterprise, the central office, or a metropolitan data center? How distributed should the network be? And how should totally different traffic flows, services, and content varieties be managed among such distributed networks? That bit ought to be transmitted first?

Network Topology within the Age of 5G

In the age of 5G, networks become dynamic, agile, and self-optimizing, and performance progressively depends on real-time resource allocation and network topology–which during a virtualized network translates into the location of function.

And location doesn’t solely impact performance. It conjointly impacts the cost of deploying and running the network, the type of services and also the quality of service the network will support, and also the revenue streams it will command.

Latency may be a prime example of this. By deploying computing resources nearer to the edge and using network slicing to keep the latency low for specific types of traffic or services, operators need to modify their network’s topology, however, they’ll conjointly generate new revenues from new services that rely upon latency, like online gaming or some IoT enterprise applications.

Edge computing and network slicing are the main technologies that offer the location to its new prominence. They operate orthogonally: edge computing horizontally from the center to the periphery of the network; network slicing vertically with parallel channels that cross the network. Their intersection magnifies the power of location in optimizing the utilization of network resources. Not all traffic is formed equal, and edge computing and network slicing are designed to manage the variety in traffic requirements, among the capabilities of the deployed wireless infrastructure, and extract the very best value from the network topology.

Extracting more value From the Network

But the adoption of edge computing and network slicing is merely the primary step in extracting value from the choice of location. Even more significantly, operators need to decide a way to implement them to fully benefit from the latency – in addition as higher capacity, reliability, and security – that 5G guarantees. There’s no unique answer to the what-goes-where queries we asked earlier. every operator can need to find its own answers and because this is all new territory, the whole wireless ecosystem needs to learn – vendors included – a way to use the data available, however still mostly underused, to extract more value from their networks.

That begs the question of wherever the value of the network comes from. Traditional metrics, like throughout or dropped calls, are no longer enough to capture network value. To maximize network value, operators need to optimize network performance for specific outcomes and strategic goals.

Key queries Network Operators ought to raise to improve the value:

What should an operator optimize?
What cost-benefit tradeoffs it’s willing to make?
In the latency example, that applications ought to have guaranteed low latency?
And which of them are ok on best efforts?
How is the operator going to balance the requirements of various traffic flows cost-effectively?
How much is it willing to pay an extra cost and effort to lower the latency on some applications?
How much should it expect to save from running some traffic as best-efforts?
Operators got to answer these two sets of queries – what goes where and what to optimize – as they decide a way to deploy edge computing and network slicing in commercial deployments. they have visibility across the network to guide through this method, create the proper decisions, and still refine the capabilities of their networks.

Because edge computing and network slicing add two dimensions (horizontal and vertical) that move with one another, they conjointly increase the complexity of the optimization process and also the quantity of data to be processed. And to induce to the correct answers for their specific network, services, demand, and strategy, operators are moving to a lot of power but also a lot of intensive approaches to grasp their networks and use what they learn during a continuous optimization process:

Collect reliable, detailed, location-aware, real-time data on network performance at the application or service level
Develop the capabilities to access the data as required (e.g., performance data across vendors)
Drill down network data at the layer level, at the network slice level, and at the microservice level and relate it to the quality of experience and performance for various users or devices and services
Identify the relevant data (e.g., anomaly detection, user experience) and ignore the remainder
Analyze, monitor and troubleshoot the network in real-time, with a high spatial granularity
Generate responses to deal with issues and optimize the network topology and also the real-time resource allocation
Automate the method, and repeat to continue to improve network performance

This is a difficult transformation which will end up giving operators data that’s too detailed to lead to issue resolution or learning, making duplication and fragmentation if the optimization process is completed individually for various functions, or more generally creating excessive complexity. Visibility might end up obfuscating the workings of the network instead of exposing them.

Managing the complexity of modern Networking

To avoid falling into this predicament, operators need to establish a strong and reliable optimization process that permits them to travel deeper to induce a much better understanding of the network once needed, however without adding unmanageable overhead. the combination of learning (AI and machine learning) and automation can help operators manage the extra complexity that technologies like edge computing and network slicing bring and make it attainable to extract the worth of the location, and enable new ways in which to operate and profit from the network.

For sure, we are still taking the primary steps during this direction and also the move to a distributed, location-aware and function-aware network needs time, effort and commitment. however, it’s conjointly an opportunity that operators cannot afford to sit out if they need to make their 5G networks shine.

The post Netscout: Location’s Power in Networks Without Borders appeared first on MEC Networks Corporation.

ICT Trends in the Philippines that will Dominate 2019 and Beyond

MEC Digital — Fri, 14 Jun 2019 06:44:43 +0000

ICT Trends in the Philippines

ICT in the PH in the past few years witnessed the emergence and eventual maturity of advanced technological trends. As we celebrate the National ICT Month in the Philippines, let us assess how we are faring in the Information and Communications Technology industry.

Digital Determination

PH organizations are moving towards digital determination by employing a unified strategy of continuous enterprise-wide digital innovation to transform markets, business models, as well as, products and services.

IDC, in its recent CIO Summit, presented a study that 37% of Philippine enterprises are considered digitally determined.

Prioritization of Cybersecurity

The ICT PH shift to Digital Transformation made a fundamental impact on Cybersecurity. Vulnerability is greatly increased with evolving threats as more and more sensitive data are stored in the cloud, and are accessed remotely via mobile devices.

The Shift of Focus to Digital Analytics

Big Data analytics is seen as one of the major drivers of the evolution of ICT in the PH making it easier for companies to make data-driven decisions. With abundant data available, machine-learning application and artificial intelligence can be used to interpret and obtain meaningful insights for businesses.

Upscaling the Workforce & Workplace

The advantages of ICT innovations are realized with the help of the right people with the right skills. Thus, continuous bridging of skill gap among the workforce is vital in ensuring the effective integration of acquired digital technologies in the ICT PH landscape.

Sustaining Power Supply

The greater requirement of ICT systems for energy quality calls for power systems that are robust and able to endure any disruptions to the main power systems. An increasing number of organizations then are starting to invest in reliable and alternative electrical backup systems.

State of ICT in the Philippines

More than a decade of celebrating the National ICT Month, the government recognizes the need for strengthening efforts to widen the reach of ICT in the Philippines. In partnership with various sectors of society, they are extending the benefits of digitalization to a wider scope of beneficiaries.

The Future of Payments

The rise of online shopping positively contributes to the adoption of e-wallet in the country. Although cash is still the primary mode of payment, Filipinos are slowly immersing themselves to online payments. According to BSP, online transactions are to reach 20% of total payments in 2020– foreshadowing changes in ICT in the PH.

How Often Filipinos Access The Internet For Personal Reasons

Everyday

Atleast Once Per Week

Atleast Once A Month

Less Than Once Per Month

Ready to Get Started?

Ready to
Get Started?

Connecting with MEC provides you with access to globally recognized technology brands and a range of premium value-added services.

The post ICT Trends in the Philippines that will Dominate 2019 and Beyond appeared first on MEC Networks Corporation.

Netscout: ICT Cloud Management Challenges

MEC Digital — Thu, 13 Jun 2019 02:34:23 +0000

Today’s growing trend toward cloud adoption – whether or not it’s a multi-cloud strategy using completely different cloud providers, or a hybrid-cloud one counting on public and private clouds – has opened the door to tremendous transformational opportunities. It’s also added significant complexity and challenges for IT. as an example, widespread cloud migration has led to new application architectures, like micro-services, similarly as self-conscious, self-healing, self-scaling and self-optimizing software-defined infrastructure that supports these services. This added complexity is stretching IT professionals to seek out ways to effectively monitor and secure services across these environments with success.

Achieving Cloud Visibility

According to the RightScale 2018 State of the Cloud Report, 71 percent of respondents found governance and control to be a challenge, with several IT organizations lacking the visibility required to manage cloud environments.

Hybrid and multi-cloud environments raise the best hurdles once it involves detection when and how security breaches or service failures can occur then what steps have to be compelled to be taken to resolve issues before end-users are adversely affected. What’s needed is visibility without boundaries – gaining an entire in-depth view into the whole hybrid-cloud environment and every one of its various interdependencies.

Visibility without boundaries boils all the way down to seeing across all service layers, as well as applications, infrastructure, and their various dependencies. Since each application transaction is communicated across the virtual or physical network, wire data or traffic flows are the best supply of data needed to achieve visibility. In short, IT desires continuous end-to-end cloud monitoring, and in-depth analysis of the traffic flows over the network so as to achieve holistic visibility across applications and also the entire service delivery infrastructure. The key to cloud visibility is extracting, collecting, organizing, and analyzing pertinent information from the wire data that’s exchanged between application workloads within the form of East-West and North-South traffic flows that span private cloud, public cloud, and also the data center. This traffic-based information will then be leveraged to form sensible data that are generated at the gathering point. The ensuing smart data, that is gathered in real-time provides enterprises with actionable intelligence that permits IT to spot problems, optimize infrastructure and application performance, and discover threats and vulnerabilities in line with demand.

Analyzing the smart data to extract key metrics, and disseminative this very important data in conjunction with services inter-dependencies through dashboards, alerts, and workflows empowers IT to better perceive applications and service availability, reliability and responsiveness. Visibility without boundaries permits IT to cut through the complexity of a cloud environment and troubleshoot problems in real-time, mitigating potential network, security, and compliance risks.

By harnessing the insights of smart data, organizations will retain visibility and control over their hybrid- and multi-cloud environments and leverage confidently the strategic worth of flexibility, agility, and measurability required to stay competitive in today’s extremely connected world. a smart data approach offers a detailed image of the applications and services, and their various dependencies, giving IT organizations the visibility they have to make sure success.

Download the Free NETSCOUT Resource

Get access to authentic content from one of the leading network assessment and performance experts in the world from the Philippines’ premier technology provider.

The post Netscout: ICT Cloud Management Challenges appeared first on MEC Networks Corporation.