23% of e-retail transactions on Thanksgiving and Black Friday came from mobile devices.
Corero plays DDoS traffic cop
Site hosting service Applied Innovations reports a “dramatic drop” in cyber attacks.
Chief Technology Editor
For years, it was common for e-commerce site hosting service Applied Innovations to deal with one to three site-crippling DDoS attacks every month. And its approach was always reactionary, after the fact.
“It was always, ‘Oh man, our clients are down. They’re not doing any business, and their customers are going to their competitors,’” recalls Dan Farrell, director of network operations at Applied Innovations, a provider of web-hosting services to e-commerce sites.
While figuring out exactly where an attack occurred and how to fix operations, a typical attack would result in downtime of six to seven hours, he adds. A DDoS, or distributed denial of service, attack occurs when an attacker—often using countless numbers of hijacked computers—sends more Internet traffic than a web site’s servers can handle, causing the site to get kicked offline.
But since Applied Innovations deployed a security appliance from Corero Network Security just outside of its Internet firewall three years ago, the web site hosting company has only rarely experienced a DDoS attack getting inside its network where it can do harm, Farrell says. “We’ve seen two or less per year, it’s been a dramatic drop,” he says.
It’s not that DDoS attacks have ceased coming. In nearly all cases, the Corero network appliance has blocked attacks after quickly detecting their malevolent nature, he says.
In addition, Applied Innovations has used the Corero technology, a combination of hardware and software, to block software viruses from infiltrating its network, where they can carry out various other types of attacks such as SQL Injection attacks designed to infiltrate databases and steal confidential information. “Now the viruses don’t even make it into our network,” Farrell says. “We have anti-virus software on our servers, but we haven’t needed it because viruses no longer hit our servers.”
To make its technology effective at blocking DDoS and other types of attacks, Corero first learns from clients about their web sites’ typical traffic patterns, such as the typical number of hits on a web page and the common traffic routes, says CEO Marty Meyer. “We profile what a client’s normal traffic looks like, how it looks at products, how it goes through checkout and how often it checks the price on every product.”
In some cases, excessive checking of products and prices could indicate scraping of a client’s web content by the client’s competitors. In that case, a client, figuring that such scraping is becoming a fairly common way of doing business, may decide to only partially cut down such traffic or, if it’s hurting the client’s site performance, block it completely.
But if Corero’s software detects additional suspicious behavior, such as a high volume of repeated requests for content that doesn’t exist on the client’s site, it may deem the traffic too risky and completely block it from entering the network. Corero also uses other standard security methods, such as blocking traffic from blacklisted IP addresses known for malicious behavior. At the same time, the security technology lets legitimate traffic flow without interruption, Farrell says.
Applied Innovations, which has what Farrell describes as “not a big I.T. team,” used its own personnel to install the Corero appliance within about an hour, Farrell says. He declined to discuss the costs related to deploying the appliance.
Applied Innovations will also consider deploying Corero’s newest version of DDoS security technology, which Corero is calling First Line of Defense. The new technology, which Corero launched this month, was designed to let clients quickly ramp up security to higher levels to block particular types of attacks. “It offers an ability to throw more horsepower to protect against particular problems,” Farrell says.
The cost of Corero’s network security appliance starts at about $10,000 and runs as high as $150,000 for a one-time purchase price plus an annual service fee equal to about 15% to 20% of the purchase amount, according to Meyer.
For more information on e-commerce security companies, click here.