CASE STUDY DDOS ATTACKS PROTECTION - PROJECT REQUIREMENTS
In order to cope with growing cyber threats, Orange Slovakia decided to adopt an anti-DDoS solution that would protect its own infrastructure but could also be delivered as a service to end customers. (reference project)
To address this project, the company appealed to the Soitron Group, which, through Datanet Systems – a part of the Slovak group and one of the most important ITC system integrators in Romania – has designed implemented and configured a solution based on Arbor Networks technology. Short-term effects: Response time for DDoS attacks has decreased “from days, to minutes and seconds”.
ABOUT ORANGE SLOVAKIA
Part of the Orange group since 2002, Orange Slovakia is the largest mobile telecommunications operator on the Slovak market. Being an early adopter for many technologies, the company offers voice services and triple play services delivered through FTTH (Fibre To The Home) as well as digital television services. With 2.797 million customers for mobile services and over 198,000 clients for internet and digital television, Orange Slovakia services cover 99.8% of the country’s territory.
For a telecom operator that manages millions of clients, Orange Slovakia has to ensure a high level of security as a critical priority for both its own IT infrastructure and for protecting end-users through the services they use. The operator’s Cyber Security Department continuously monitors market developments, analyzing technological trends and the evolution of cyber crimes.
THE BUSINESS NEED – PROTECTION AGAINST DDOS ATTACKS
Like any major telecommunications company, Orange Slovakia is confronted with a variety of network attacks, including Distributed-Denial-of-Services (DDoS). For this reason, the cybersecurity team permanently evaluates attacks, measuring the effectiveness with which threats are identified and the response time for resolving and removing the threat.
Another important aspect for Orange Slovakia was reducing the volume of manual investigations conducted by the Network Operation Center (NOC) team for detecting attacks and protecting against DDoS, operation that was blocking significant resources and consumed a lot of time, keeping in mind that hundreds of thousands of IP addresses needed protection.
“DDoS attacks are a real problem for any telecom operator. We were coping with the attacks also before the implementation of this project, but we wanted a better response rate and a solution that would provide us with a higher level of protection in the future, especially in the context of developments indicating a 37% increase in DDoS attacks in 2018, as well as increased use of DDoS-as-a-Service, “says Henrich Snajder, Information Security Manager, Orange Slovakia
CASE STUDY DDOS ATTACKS PROTECTION
CHOOSING THE SOLUTION AND PARTNER
After defining technical and business requirements, Orange Slovakia started the process of identifying the right solution and implementation partner. The Slovak operator’s activity respects global standards adopted at the level of the entire Orange group, covering both current and future technological developments.
Based on the Group’s best practices and experience , the project team opted for the adoption of the Arbor DDoS Protection solution, already successfully used by Orange Poland.
“Within the Orange Group there were already some functional projects on Arbor technology, so Orange Slovakia made a knowledge transfer with Orange Polish subsidiary. The recommendations and positive experiences were decisive in choosing the solution, “explains Henrich Snajder
Orange Slovakia has chosen Soitron Group as the implementation partner, a long-standing collaboration already existing between the two companies. The decisive elements in this choice were the experience and skills on Arbor Networks technology and anti-DDoS protection within Datanet Systems, the Romanian company part of the Soitron Group
“We had previous collaboration with Soitron Group and we know they have the ability to deliver high quality services on time and we expected the same professional approach from Datanet Systems. Clearly, the Datanet team’s expertise and its experience in similar projects also has an positive impact on decision,” says Jan Derer, Transmission & IP Engineering Manager, Orange Slovacia.
TESTING AND GO TO MARKET
The project started in December 2017 and entered into production in April 2018. The Slovak operator’s anti-DDoS solution is based on Arbor Networks equipment and uses the global real-time threat monitoring system through the Arbor Security Operation Center (SOC). The first stage of the project involves exclusive protection of Orange Slovakia’s IT infrastructure, and after an assessment and validation phase, the solution will be extended to the end customers as a “managed services” package.
The anti-DDoS solution provides protection against attacks targeting both Orange Slovakia IT infrastructure and the operator’s end customer base. The DDoS Arbor Protection allows verification of each data package and creation of smart signatures that differentiate the attacks from legitimate traffic, also enabling them to quickly and efficiently neutralize the attacks, without compromising the quality of communications services. All solution components were designed, deployed and configured by Datanet Systems’ technical team, which also provided training to Security Operation Center (SOC) users and IP network engineers.
“Before entering into production, Orange Slovakia’s technical team carried out an intense series of laboratory tests. VMware virtual machines, Cisco equipment and Ixia Traffic Generator were used to test the most common types of attacks at varying intensities. The results have been in line with expectations and have proven to us that Arbor DDoS Protection is a solid solution that we can rely on,” says Jan Derer, Transmission & IP Engineering Manager, Orange Slovacia.
CASE STUDY DDOS ATTACKS PROTECTION
- VISIBILITY OVER TRAFFIC. Orange Slovakia’s technical team knows that the network is targeted and, with the help of Arbor Solution, closely monitors threat level evolution, by using signatures and traffic templates and intervenes when necessary.
- REDUCING THE PRESSURE ON HUMAN RESOURCES. The volume of manual interventions for interrogating, detecting and mitigating DDoS attacks has been considerably reduced. Numerous workflows have been automated, which reduces operational pressure on SOC team. Also, the level of automation will increase in the future.
- INCREASED REACTION SPEED. The performance level in identifying and applying a resolution and neutralizing a DDoS attack has increased considerably. The response time decrease to seconds and minutes, compared to days and hours prior to the implementation of the solution.
- NEW MONETIZATION OPPORTUNITIES. After the solution will be been validated internally, Orange Slovakia will be able to offer its customers anti-DDoS protection services based on the Arbor Networks solution. Protecting end-customers and reaching a higher level of Customer Experience are, moreover, strategic goals for the entire Orange Group.
“Six months after entry entering into production, the solution is functional, offers the desired level of protection and reduces operational complexity and volume of manual interventions. We have defined new workflows to limit the risks of DDoS attacks, and we continually carry out analyzes and evaluations. So far, we have mitigated all DDoS attacks without any loss of quality or service degradation, ” says Henrich Snajder, Information Security Manager, Orange Slovacia.
„We had a great collaboration with Datanet Systems and we appreciated the skills and professionalism of the Romanian team, that contributed to the creation and implementation of a powerful anti-DDoS solution. ”
Jan Derer, Transmission & IP Engineering Manager, Orange Slovacia
“Ensuring cyber security is a 24/7 responsibility and the Arbor Networks DDoS Protection solution implemented by Datanet Systems helps us be prepared for the most sophisticated attacks and offer a high level of protection to all customers.”
Henrich Snajder, Information Security Manager, Orange Slovacia
“The project conducted for Orange Slovakia is relevant both from the perspective of the implemented solution and the specifics of the beneficiary. Distributed-Denial-of-Services is a form of highly virulent attack with a serious increase in magnitude and complexity in recent years, and Orange Slovakia is a telecom operator managing millions of fixed and mobile connections. The Arbor Networks solution we implemented provides the required DDoS protection, allows a high level of redundancy and offers a high automation capability for incident response.”
Alexandru Gheorghiţă, Senior SP Consultant, Datanet Systems