Equinix and Akamai Team to Defend Against Sophisticated DDoS Attacks

Deploying an interconnected approach to combat distributed denial of service traffic

Martin Atkinson
Vaughn Eisler
Gregory Burns

Much like earthquake experts are waiting for the “big one” to hit, security experts are doing the same with distributed denial of service (DDoS) attacks. The largest DDoS attack to date was recorded by Akamai in 2018, ramping up quickly and peaking at 1.3 Tbps,[i] and Akamai has fought equally large packet-per-second attacks – successfully mitigating a 312 Mpps attack in April 2020. Though not all DDoS attacks are that large  ̶  the average attack size (12 Gbps) and intensity (3 Mpps) remained consistent year over year between 2018 and 2019  ̶  the number of attacks are growing in size and sophistication. For example, in an 18-month period between November 2017 and April 2019, Akamai observed more than 800 DDoS attacks targeting the financial services industry.[ii] And one only has to look at the number of insecure internet of things (IoT) devices that are on the rise  ̶  an estimated 20.6 billion in 2020  ̶  to see that the way in for DDoS perpetrators has increased exponentially.[iii]

As discussed in the Equinix blog “How to Thwart DDoS Attacks From Hitting Critical Infrastructure” cybercriminals take advantage of critical services in times of crisis, such as the current COVID-19 pandemic. No industry or individual business is immune to these attacks, though they seem to be more prevalent in sectors like online gaming, financial services, digital payments, and media and entertainment.

Protect your Digital Infrastructure from DDoS Attacks

Enterprises are grappling with how to defend themselves from rising security threats on their digital infrastructure, cloud applications, websites and other services. Security functions, including Distributed Denial of Service (DDoS) detection and mitigation, can be distributed to solve complexity and integration challenges and protect businesses from bad actors. Find out how you can use Equinix Performance Hub® on Platform Equinix® to protect your infrastructure.

Learn more
DDOS image banner

To help companies address this increased risk of DDoS and other attacks such as phishing and ransomware, organizations need to strategically deploy an interconnected security solution to protect from these multiple points of entry.  With low latency access to DDoS protection clouds within interconnection hubs on a distributed platform, such as Platform Equinix®, enterprises have multiple protection option when choosing to protect their IP space and cloud applications. A virtualized interconnection fabric offers access to very large DDoS protection clouds that offer multiple defensive postures including full managed DDoS service that provide 24/7detection and mitigation SLA’s.

Stopping DDoS attacks before they begin

In sports, the best offense is a good defense. With a similar mindset, Equinix and Akamai Prolexic teams cooperatively developed a cloud-based, interconnected DDoS detection and mitigation solution that helps businesses easily connect into the Prolexic global cloud DDoS platform via Equinix Cloud exchange, gaining the ability to mitigate DDoS attacks wherever they can start – instantly in most cases. The Akamai Prolexic service stops attacks in the cloud, before they reach an organization’s applications, data center and IT infrastructure.

Here’s how it works:

Using Equinix Cloud Exchange Fabric™ (ECX Fabric™) software-defined interconnection, Akamai Prolexic offers direct and secure, private connectivity to its cloud-based DDoS solution for its customers. Prolexic stops attacks with a scalable, cloud-based DDoS scrubbing platform to protect entire customer networks including all of their enterprise applications, whether they are deployed in an on-premises data center, the public cloud, or a colocation facility such as Equinix.

The Prolexic solution leverages the Border Gateway Protocol (BGP) to route all network traffic through Akamai’s globally distributed scrubbing centers on Platform Equinix. Within each scrubbing center, proactive mitigation controls remove all abnormal traffic instantly, while Akamai Security Operations Control Center (SOCC) staff inspects the remaining traffic, mitigates any and all detected attacks, and forwards only clean traffic to the application origin via ECX Fabric. ‘

In the architecture shown below, an interconnected approach, where ECX Fabric returns cleaned/scrubbed data and workload traffic back to the customer, removes threats with greater efficiency and speed. This interconnected solution also reduces the complexity and eliminates the overhead and bandwidth constraints associated with moving traffic through multiple Generic Routing Encapsulation (GRE)/IPsec tunnels. The capacity needed to effectively mitigate large-scale DDoS attacks far exceeds connected bandwidth that even most enterprise companies contract/purchase or deploy to run an enterprise, which means that these limitations could be catastrophic for most companies under a major attack.

Akamai Prolexic and ECX Fabric Interconnection on Platform Equinix

The Akamai Prolexic service stops attacks in the cloud, before they reach an organization's applications, data center and IT infrastructure.

Built on a global interconnected network with 8+ Tbps of dedicated DDoS mitigation bandwidth capacity, Prolexic protects many of the world’s largest internet-facing organizations from the most sophisticated DDoS attacks. Because traffic is being exchanged between users and Akamai Prolexic over high-speed, low-latency software-defined interconnection via ECX Fabric, application performance is not impacted by the ongoing data packet inspection. And the solution can be deployed in days versus the weeks it takes to implement traditional DDoS solutions.

No single point of failure or attack

Many Akamai “scrubbing centers” are hosted on Platform Equinix and strategically located between a business data center infrastructure and the cloud, in physical proximity to both locations (data center and cloud).

Placeholders for consideration:

  • Akamai’s global SOCC team is comprised of 180+ experienced team members across 6 global locations. This depth of service ensures that a knowledgeable technical resource from the Prolexic team can always be accessed in minutes, 24x7x365, whether it’s a question about DDoS detection, mitigation, network performance, or the latest global threat intelligence.
  • Customers increasingly opting to run always-on, with visibility and API-accessible network data that provides real-time network monitoring, reporting, and attack-fighting visibility
  • Industry-leading 0-second SLA, and the case for proactive cloud mitigation

By placing DDoS security controls close to users, IT infrastructure and the Akamai Prolexic solution, you can reduce the roundtrip latency of cleaned traffic between services while maintaining real-time application performance for less cost. With less return traffic traversing clouds and the internet, you save money by reducing egress costs. It is also more efficient and cost-effective to return cleaned/scrubbed DDoS traffic over a private network.

The geographically distributed and redundant nature (multiple connection points are recommended) of the Equinix and Akamai DDoS prevention solution also means that there is no single point of failure and no single point of attack.

Akamai Prolexic and ECX Fabric Interconnection on Platform Equinix

As more companies in every industry are getting hit with DDoS attacks, an integrated and interconnected, cloud-based DDoS prevention solution is the most effective and cost-efficient way to mitigate this increased risk.

Though not all DDoS attacks are that large ̶ the average attack size (12 Gbps) and intensity (3 Mpps) remained consistent year over year between 2018 and 2019 ̶ the number of attacks are growing in size and sophistication.
Martin Atkinson
Martin Atkinson Senior Manager of Peering and Interconnection EMEA, Equinix
Vaughn Eisler
Vaughn Eisler Director, Business Development, Security
Gregory Burns
Gregory Burns Director – Security Product Management at Akamai