NETSCOUT SYSTEMS, INC., a leading provider of service assurance, security, and business analytics, today announced enhancements to its suite of traffic visibility, data analytics and threat mitigation solutions for global network and data center operators. NETSCOUT’s Arbor Sightline solution with the integrated Threat Mitigation System is pervasively deployed among service providers and large cloud operators to provide network-wide traffic engineering, peering analytics, traffic forensics and DDoS protection.
With the availability of the latest 9.0 updates, customers benefit from greater visibility and clarity into their network operations, enhanced anomaly detection, and improved automation for DDoS protection.
“NETSCOUT is continuing their strategy of disaggregating hardware from software, offering flexible deployment options, including virtualized versions of their products that enable customers to scale cost-effectively across even the largest networks. The increased focus on analytics is vitally important, bringing greater context to network data and helping operators improve their response time to traffic anomalies and performance issues through a single user interface,” said Rik Turner, principal security analyst, Ovum.
Enhanced Visibility and Network Clarity
NETSCOUT’s Arbor Sightline, formerly sold as Arbor SP, analyzes NetFlow, SNMP and BGP telemetry data, annotating it with context specific to the customer network, users and traffic, transforming raw telemetry into smart data for actionable business insights into service and application performance, traffic engineering, capacity planning and security operations.
Sightline with Insight adds powerful visual analytics and a big data repository giving users an infinitely searchable, ‘what if’ photographic memory of their traffic data. With the latest release, hours of analysis and investigation can be reduced to minutes through more flexible visualizations of traffic flows, unlimited filtering options and more intuitive workflows.
DDoS Detection & Mitigation
NETSCOUT’s Arbor Threat Mitigation System (Arbor TMS) is the DDoS platform of choice for more than sixty managed security services providers and hundreds of ISPs and other network operators globally. TMS can be deployed either in diversion mode or inline to provide “always on” mitigation against DDoS attack traffic without disrupting key network infrastructure and customer services.
With this release, Arbor Sightline can intelligently and automatically manage available TMS mitigation capacity by dynamically shifting attacks among available Arbor TMS mitigation infrastructure as attack traffic volume changes. This prevents overloading network infrastructure and reduces operation staff time spent managing DDoS attack response. Arbor TMS can now mitigate twice as many simultaneous attacks allowing service providers to significantly grow their DDoS managed service customer base.
New features allow Arbor Sightline to detect carpet bombing DDoS attacks in as little as one second using enhanced fast flood detection and then automatically mitigate these attacks by determining which IP ranges are under attack at any given moment and dynamically diverting just that traffic to the Arbor TMS mitigation infrastructure.
“The growth of IoT and the ever-expanding threat of network-based attacks puts intensifying pressure on organizations’ ability to identify, analyze and protect their infrastructure against these threats,” said Talbot Hack, senior director, product management, NETSCOUT. “Scrutinizing large traffic volumes over time, contextualizing and refining this data, and quickly acting on anomalies that threaten network availability has never been more necessary. But resource constraints continue to impact network operators, increasing the value of scalable, end-to-end, automated analytics workflows and protections.”