Asta Networks Inc. this week launched its new Vantage System software that it claims will help users quickly detect and respond to distributed denial-of-service (DDOS) attacks.
Such attacks, which are considered to be one of the most serious security threats on the Internet, make Web sites inaccessible to legitimate users by overloading servers or networks with useless traffic.
Asta's Vantage Systems makes it possible for companies to automatically identify abnormalities in network traffic that signal such attacks, said Joe Devich, president and CEO of Seattle-based Asta.
The technology is composed of two primary components: network sensors that collect samples of traffic data from key routers, and coordinators that aggregate and analyze the data from the sensors.
Vantage System uses proprietary signature-based and anomaly-based algorithms to detect attacks. Signature-based technology looks for traffic patterns that indicate previously known attacks. Anomaly-based algorithms look for traffic patterns that are different from the usual traffic on a network. Automatic alerts then notify administrators of potential attacks.
Such capabilities are crucial, said Charles Kolodgy, an analyst at International Data Corp. in Framingham, Mass. There is little that companies can do to prevent a DDOS attack from being launched against them. But with early detection and the right technologies, it's possible to choke off a lot of the disruptive traffic, he said.
"It is designed to give [service providers] and users a better handle on the volumes of data going through their networks so that they can try and stop the bad traffic closer to the source," Kolodgy said.
But a lot depends on the ability of such technologies to scale in high-bandwidth service provider networks, said Russ Cooper, an analyst at TruSecure Corp., a consultancy in Reston, Va. Also crucial is the ability of such technologies to sift the bad traffic from the good traffic. For instance, it's possible to have sharp, sudden spikes in traffic for legitimate reasons.
A number of other companies have begun offering similar capabilities. They include Mazu Networks Inc. in Cambridge, Mass.; Arbor Networks Inc. in Waltham, Mass.; and Niksun Inc. in Monmouth Junction, N.J.