Arbor Bolts On Threat Intelligence, Antimalware To DDoS Appliances


Arbor Networks, which made its mark helping companies prevent denial-of-service attacks from knocking out their websites and corporate networks, has introduced a cloud-strategy that makes use of a hybrid approach, with an on-premise appliance that the company's executives say could enable engineers to bolt on new threat detection capabilities.

The Burlington, Mass.-based company is looking to expand beyond protection from distributed denial-of-service attacks (DDoS) and slowly adding threat intelligence, malware detection and incident response capabilities to its platform. The firm is even considering the addition of suspicious file analysis to its platform, following in the footsteps of FireEye, Palo Alto Networks and Sourcefire, which are modernizing advanced threat detection capabilities.

The company acquired Packetloop, a Sydney-based firm in September to expand into packet analysis as part of digital forensics investigations. Packetloop fills Arbor's gap for internal threat detection. It can help forensics teams identify anomalous activity that signals data theft from botnet activity. The firm has been focused on defending the data pipeline between businesses and their cloud services.

 

[Related: 5 Reasons DDoS Attacks Are Gaining Strength]

Arbor worked very closely with Internet service providers, establishing a presence, and currently boasts a nearly 70 percent install base among tier 1 and tier 2 providers globally, said Jeremy Nicholls, Arbor's global vice president of channel sales and alliances. The Pravail appliance line is 100 percent channel and will remain that way, but the company is attempting to build out its capabilities, adding components that make it a broader platform.

Nicholls, who replaced channel veteran Bill Lipson in October, said the biggest opportunity for growth is at enterprise data centers that are currently relying on firewalls and other standard network devices for DDoS protection and often forced to depend on Internet service providers for help after an attack disrupts services.

"We've done a huge investment in enterprise high-touch teams and are bringing that back in engagements with the channel to help bring in leads and opportunities with them," Nicholls told CRN. "The channel is also closing deals that we haven't had to engage with at all."

The market for DDoS protection technology has increased significantly following a string of high profile attacks against banks, websites and e-commerce firms mainly conducted by hacktivist groups. The financial industry is concerned about threats that can disrupt trading and roil financial markets. Meanwhile, gaming sites have long been a big buyer of DDoS mitigation appliances. Their Web-based services are critical because any downtime can cost millions in lost revenue, Nicholls said.

The market has been getting more competitive with Cambridge, Mass.-based Akamai buying Prolexic earlier this month to extend its DDoS protection capabilities to enterprise data center deployments. Meanwhile, Belmont, Calif.-based Defense.net is developing new ways to address DDoS, the company said in August.

NEXT: Channel Sees Opportunity In Broader Threat Platform