Telco Transformation: enable you to deploy and offer DDoS mitigation-as-a-service at a low CapEx and a low OpEx.
Read more
Run Bastions Services on premises for a truly consistent and seamless hybrid experience
Learn more
TAP the lucrative market for DDoS Protection.
Be Our Partner
The Capture The Flag challenge: Get on the top of the scoreboard and win an Pentester Expert Coin !
Enroll now
The DDoS Statistical Report for 1HY 2023 shows significant changes in attack patterns and trends in the first half of 2023, revealing details of attack size, duration, types, categories, distribution and targets. Learn More
Cybersecurity best practices and DDoS defence strategies
Nexusguard Research identified a new breed of stealthy DDoS attacks known as Bit-and-Piece attacks that target ASN-level CSP networks by dispersing small pieces of junk traffic across a diverse pool of IP addresses across hundreds of IP prefixes. This stealthy tactic is designed to evade detection. Going unnoticed, the convergence of polluted traffic toward the target IP prefix forms a massive traffic flow that can easily go beyond the capacity limits of generic mitigation devices, leading to a high latency at best, or deadlock at worst.
Detection
Legacy flow-aware devices such as firewalls, load balancers, IPS, IDS, etc. often fail to detect stealthy
network layer attacks, which could become bottlenecks themselves.
Mitigation
When faced with powerful or advanced attacks such as Bit-and-Piece attacks, blackholing traffic to
targeted IP addresses as a mitigation measure is no longer effective nor is it viable.
Designed to protect large networks from L3/L4 attacks of all complexities, Nexusguard InfraProtect offers telcos and ISPs the ability to leverage Nexusguard's globally distributed infrastructure to be used as an off-site sandbox to perform traffic analysis, shaping and attack mitigation.
The multi-layered detection and mitigation engine features Network Behavior Analysis (NBA) to analyze traffic data in order to detect traffic anomalies and alerts the CSP to divert traffic to Nexusguard’s scrubbing cloud. Only clean traffic is forwarded back to the origin server.
To learn more about how to counter the threat from Bit-And-Piece Attacks, please read about Nexusguard’s Origin Protection.
Thank You!
We will get back to you shortly.
You may be concerned about the impact posed by “Bit-and-Piece Attacks”, a tactic targeting ASN-level CSP networks and able to bypass traditional detection. It can give a great challenge to the legacy detection and mitigation of traditional telcos and ISPs.
© 2023 Nexusguard - All Rights Reserved. Read Our Privacy Policy.