SYS-CON MEDIA Authors: Adrian Bridgwater, Yeshim Deniz, Elizabeth White, Sean Houghton, Glenn Rossman

News Feed Item

Businesses Lack Safeguards Against DDoS Attacks and DNS Failures, New Research Shows

At Interop Las Vegas, Verisign Spotlights Two Studies That Illustrate the Urgent Need to Maximize Network Security, Availability and Performance

LAS VEGAS, NV -- (Marketwire) -- 05/09/11 -- INTEROP LAS VEGAS -- A significant percentage of organizations are ill-equipped to prevent and respond to web infrastructure failures caused by distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, according to two new research studies commissioned by VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world.

As networking executives from around the world convene this week at Interop's annual flagship event, Verisign is spotlighting research findings that underscore the urgent need for robust DDoS protection, reliable and secure DNS infrastructure, and advanced threat intelligence.

"This research illustrates the dire costs of insufficient web and network protection to businesses spanning all industries. When a DDoS attack or DNS failure hits a website or network, companies are losing significant revenue and employee productivity, and are likely seeing decreasing customer satisfaction and loyalty," said Ben Petro, senior vice president of Verisign's Network Intelligence and Availability Group. "Businesses are facing a number of threats in today's economy. Implementing Verisign's suite of trusted network intelligence and availability services will help ensure that DDoS attacks and DNS failures are not among them."

DDoS Protection: Vital, as frequency and strength of DDoS attacks are predicted to grow
Verisign commissioned a market research report from Merrill Research to investigate the level of concern IT decision makers have with the growing threat of DDoS attacks in today's ever evolving cyber landscape. An online survey of 225 IT decision-makers in the U.S. from large and medium-sized businesses revealed that 78 percent are extremely or very concerned about DDoS attacks, and more than two-thirds (67 percent) expect the frequency and strength of DDoS attacks to increase or stay the same over the next two years. Nearly nine in 10 respondents (87 percent) view DDoS protection as very important for maintaining availability of websites and services. Moreover, seven in 10 (71 percent) respondents who reported a lack of DDoS protection said they plan on implementing a solution in the next 12 months.

Research Highlights:

  • DDoS attacks are widespread: Nearly two-thirds (63 percent) of respondents who reported experiencing a DDoS attack in the past year said they sustained more than one attack. Eleven percent were hit six or more times.
  • More sites will soon be protected: Of the respondents who currently lack DDoS protection, 71 percent plan to implement a solution in the next 12 months -- 40 percent plan to outsource their DDoS protection, 31 percent plan to implement an in-house solution, and 29 percent are still undecided on their approach for protection.
  • Leaving web infrastructures unprotected is too risky: More than half (53 percent) of the respondents said they experienced downtime in the past year, with DDoS attacks accounting for one-third (33 percent) of all downtime incidents.
  • Downtime impacts customers and revenue: More than two-thirds (67 percent) said their downtime impacted customers and half (51 percent) reported they lost revenue. Considering 60 percent of the respondents rely on their websites for at least 25 percent of their annual revenue, downtime can have significant and lasting impacts.
  • Threats extend beyond DDoS attacks: The study also found that nine in 10 respondents rate "access to threat and vulnerability data" as very important and nearly three-fourths (73 percent) are "concerned with DNS failures" -- suggesting a significant need for ongoing threat intelligence and managed DNS services, in addition to DDoS protection and mitigation.

DNS Availability Lower for Internally Managed Sites
A separate study commissioned by Verisign sheds light on the need for solutions that ensure DNS availability -- a crucial requirement for the reliable operation of websites, network services, and online communications. The study, which is highlighted in the inaugural issue of the Verisign State of DNS Availability Report, found that in the first quarter of 2011, DNS availability was a problem for even the highest ranked e-commerce sites.

Using proprietary technology, ThousandEyes, a company that provides application performance analytics, calculated the minimum availability, maximum availability, and average availability of the Alexa 1,000 websites in the first quarter of 2011 to illustrate the state of global DNS availability.

The research revealed some stark differences between sites with internally managed DNS and those that employ third-party managed DNS services. In particular, the study revealed that minimum DNS availability on average dropped to 90.13 percent for sites that host their own DNS, while sites using third-party managed DNS services averaged a minimum DNS availability rate of more than 98 percent. When examining minimum availability overall, the research showed that some sites with internally managed DNS had total outages, while sites with third-party DNS management never went below 50 percent availability. Similarly, average downtime for sites that host their own DNS is twice that of those that use a third party (99.7 percent versus 99.85 percent).

This dramatic difference is most likely attributed to the fact that most third-party DNS providers use an anycast resolution service, meaning there is always a server available somewhere to respond to DNS queries. This allows end users to experience less impact even if a few physical anycast servers fail or are unreachable. Verisign has taken DNS resolution a step further by implementing a unique hybrid model of anycast and unicast resolution into its Managed DNS service, which provides the optimal combination of performance and reliability for responding to DNS queries. Most enterprises do not have the resources and expertise to set up such extensive systems for their internally managed DNS, which may make them more vulnerable to availability problems.

Verisign at Interop Las Vegas:
Verisign will showcase its suite of network intelligence and availability services in Booth 1221 at Interop Las Vegas this week. These services include DDoS monitoring and mitigation, Verisign Managed DNS®, and Verisign iDefense® Security Intelligence Services.

Also at Interop, Sean Leach, vice president of technology for Verisign's Network Intelligence and Availability Group, will give a 45-minute presentation exploring how organizations can leverage recent advances in Internet infrastructure, such as DNSSEC and IPv6, to provide greater protection from the ever evolving cyber threat landscape, while managing the growing complexity of their network infrastructure.

The session, titled: "The Yin-and-Yang of Internet Infrastructure: Balancing New Opportunities with Growing Threats and Increased Risk," is on Tuesday, May 10, 2011 at 12:15 p.m. PT at Mandalay Bay L at the Mandalay Bay Convention Center.

Limited-Time Promotion:
Verisign is currently offering the Verisign Uptime Bundle, which combines the Verisign Managed DNS service with threat intelligence services and protection from DDoS attacks -- all in one competitively priced suite starting at just $495. To learn more about Verisign's solutions and the Verisign Uptime Bundle, please visit www.verisigninc.com.

About Verisign
VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, Verisign helps companies and consumers all over the world to connect online with confidence. Additional news and information about the company is available at www.verisigninc.com.

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 as amended and Section 21E of the Securities Exchange Act of 1934 as amended. These statements involve risks and uncertainties that could cause Verisign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability and potential fluctuations in quarterly operating results due to such factors as increasing competition, pricing pressure from competing services offered at prices below our prices and changes in marketing practices including those of third-party registrars; the sluggish economic recovery; challenges to ongoing privatization of Internet administration; the outcome of legal or other challenges resulting from our activities or the activities of registrars or registrants; new or existing governmental laws and regulations; changes in customer behavior, Internet platforms and web-browsing patterns; the inability of Verisign to successfully develop and market new services; the uncertainty of whether our new services will achieve market acceptance or result in any revenues; system interruptions; security breaches; attacks on the Internet by hackers, viruses, or intentional acts of vandalism; the uncertainty of the expense and duration of transition services and requests for indemnification relating to completed divestitures; and the uncertainty of whether Project Apollo will achieve its stated objectives. More information about potential factors that could affect the company's business and financial results is included in Verisign's filings with the Securities and Exchange Commission, including in the Company's Annual Report on Form 10-K for the year ended December 31, 2010, Quarterly Reports on Form 10-Q and Current Reports on Form 8-K. Verisign undertakes no obligation to update any of the forward-looking statements after the date of this announcement.

©2011 VeriSign, Inc. All rights reserved. VeriSign, VeriSign Trust, and other related trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc., or its affiliates or subsidiaries in the United States and other countries. All other trademarks are property of their respective owners.

Add to Digg Bookmark with del.icio.us Add to Newsvine

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the ...
This builds on Puppet Labs' first class Windows support, including native .MSI packages for x32 and x64 operating systems, modules to extend common Windows server management tools, including Powershell, and integrations with Microsoft Azure and Visual Studio. By automating common Windows administration tasks, Puppet Labs is enabling users to adopt DevOps practices, thereby reducing the time needed to deploy applications from weeks to hours.
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big D...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
SYS-CON Media announced today that Skytap blog on "DevOps Journal" exceeded 84,000 story reads. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Noel Wurst is the managing content editor at Skytap. Skytap provides SaaS-based dev/test environments to the enterprise. Skytap solution removes the inefficiencies and constraints that comp...
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.