Peakflow SP: Traffic Anomaly Detection
Pervasive Network Visibility, Deep Application Insight, Security and Profitable Managed Network Security Services
Today, global enterprises, hosting providers and the majority of the world's leading Internet service providers rely on Arbor Networks Peakflow SP for the network-wide visibility and security they need to proactively fend off malicious threats, thwart distributed denial of service (DDoS) attacks and strengthen the quality of their service. In addition to being their security platform of choice, Peakflow SP is enabling these organizations to reduce cost by improving IPv4 and IPv6 traffic engineering and operational efficiencies, and to increase profitability by delivering new revenue-generating managed network security services.
Comprehensive Threat Management & Preventing DDoS Attacks
Large-scale DDoS attacks affect not only the intended victim, but also other unfortunate customers who use the same shared network service. To reduce the collateral damage, service providers often shut down all traffic destined for the victim’s site—thus completing the DDoS attack. Armed with application-layer threat detection capabilities and up-to-date network behavioral patterns of known or emerging threats (aka fingerprints), the combination of Arbor Peakflow SP and the Peakflow SP Threat Management System (TMS) allows you to detect and surgically remove only the attack traffic while maintaining legitimate business traffic. After the attack has been thwarted, you can easily produce reports that summarize the DDoS mitigation process for customers and/or management.
Application-Layer Intelligence and Protection
Arbor Peakflow SP, which utilizes flow for pervasive network visibility, provides the application-layer intelligence to secure and manage critical business applications such as voice, video, data, messaging, file sharing, Web, mail and more. That means you can understand what applications are running on your network, profile application network behavior, and detect and report on application traffic violations—thereby reducing downtime and accelerating problem resolution. Combined with the Peakflow SP TMS appliance, Peakflow SP also offers application-layer performance monitoring, attack detection and surgical mitigation for protecting and optimizing the availability of critical IP servicessuch as DNS, HTTP or VoIP. Only Peakflow SP combines pervasive, cost-effective visibility with deep application insight and analysis of critical network traffic, services and applications.
Intelligent Traffic Engineering
Peakflow SP models traffic from across the entire network, enabling you to make informed business decisions about routing, transit, partners, customers and quality of service. It dramatically improves traffic engineering and capacity planning by correlating topology information with real-time and historic traffic data, including traffic on IP-based MPLS VPNs. Peakflow SP also helps network operators gain visibilty into and secure their IPv6 traffic via new IPv6 specific dashboards, reports and attack detection capabilities. With detailed insight into the traffic that enters and leaves your network and customer-by-customer traffic matrices, you can engineer your network for lower cost and higher performance—eliminating hot spots before they adversely impact services.
Profitable, In-Cloud Service Offerings
As the price of bandwidth declines and competition increases, IP-based services play a crucial role in generating new revenue. It is critical to leverage as much of your existing network infrastructure as possible in order to deliver profitable, new, in-cloud managed services. Peakflow SP is a strategic investment that lets you utilize the same solution used for infrastructure visibility and security to deliver new, differentiated, revenue-generating managed services such as MPLS VPN visibility and DDoS protection. Peakflow SP TMS plays a key role in the delivery of in-cloud DDoS protection services. That’s because it features multiple TMS models enabling 1 Gbps to 10 Gbps of surgical mitigation, real-time mitigation dashboards, customizable mitigation groups/templates and "one-click" mitigation and raw packet analysis. As a result, Peakflow SP TMS can reduce the cost and operational complexity of managed services and ultimately increase profitability and customer satisfaction.
The Arbor Peakflow SP Solution Architecture
A deployment can consists of five types of appliances:
1. Peakflow SP Collector Platform (CP) appliances in the peering edge or backbone.
2. Peakflow SP Flow Sensor (FS) appliances in the customer aggregation edge;
3. Peakflow SP Business Intelligence (BI) appliances to increase scalability and add redundancy for managing critical business objects.
4. Peakflow SP Portal Interface (PI) appliances to increase the scale, redundancy and profitability of Arbor-based managed services..
5. Peakflow SP Threat Management System (TMS) appliances deployed in any part of the network to surgically mitigate network threats.
Benefits of the Arbor Peakflow SP Appliances
- Edge-to-Edge Security & Visibility – With Arbor Peakflow SP Flow Sensor (FS) appliance, you can expand your Peakflow SP deployment far beyond the peering edge and backbone – gaining a clear view of network traffic all the way to the customer edge in order to detect insidious internal threats.
- Business Intelligence – The Arbor Peakflow SP Business Intelligence (BI) appliance provides deep insight into critical, network-based business entities such as transit partners, customers, routers and applications to support sound decision-making. It also increases the scalability of Peakflow SP and the availability of critical IP services.
- Carrier-Class Threat Management – Through its Threat Management System (TMS) appliance, Arbor Peakflow SP integrates network-wide intelligence and carrier-class threat management. Peakflow SP TMS speeds remediation by coupling high-level threat identification with deep packet-level analysis. The first-and-only carrier-class threat management solution for converged networks, it augments the network-wide situational awareness of Peakflow SP with application-layer attack detection, surgical mitigation and comprehensive reporting.
- High Availability for Managed Services – The Peakflow SP Portal Interface (PI) appliance provides fault tolerance and redundancy to keep managed services up and running. Through real-time data synchronization and automated, near-instantaneous failover, it optimizes the availability of managed services.
Peakflow X: Enterprise Network Security
Protection, Monitoring and Visibility for the Enterprise Network
In today’s networked world, the financial performance of a company hinges on the operational performance of its network. Yet these business-critical networks are increasingly vulnerable to malicious threats that imperil enterprise success. With its unsurpassed network visibility and real-time threat detection, the Arbor Peakflow X solution optimizes the performance and security of today’s largest enterprise and Internet data center networks – including those based on multiprotocol label switching (MPLS).
Peakflow X constructs a system-wide view of enterprise and Internet data center networks, auto-learning host behaviors to determine who talks to whom – and how. It enables you to address a wide range of internal and external threats while maintaining business continuity. In addition to the real-time security information of Arbor’s Active Threat Feed (ATF) service, Peakflow X also integrates data from Arbor’s Active Threat Level Analysis System (ATLAS) – providing contextualized threat intelligence from a global and local perspective.