Data-center owners and other service providers are prioritizing investments in technology designed to prevent Distributed Denial of Service (DDoS) attacks, according to a new survey from Infonetics Research. That survey further suggested that, while operators are choosing from a long list of security vendors, they still prefer larger firms for their protection needs. At the same time, however, they’re also turning to custom solutions, which they perceive as having an advantage over off-the-shelf products. “Ever-industrious hackers are churning out unprecedented volumes of spam and malware and launching massive DDoS attacks aimed directly at data centers every day, forcing providers to shore up their networks and develop innovative security solutions to protect themselves and generate revenue,” Jeff Wilson, principal analyst for security at Infonetics Research, wrote in a statement. High-profile organizations such as Anonymous have launched distributed network attacks on corporations and government Websites, facilitated by automated tools that ping or send requests to Web servers and other infrastructure—overloading them with requests and bringing them down. Two men were recently jailed in Britain for participating in “Operation Payback,” an Anonymous-led series of DDoS attacks on PayPal, Visa, and MasterCard, which had refused to process payments to Wikileaks, an online repository of confidential documents. Such attacks, of course, have sparked security concerns among many data-center operators and IT vendors of all stripes. “For the most part, data center buyers want to buy security solutions from large, established companies who offer a broad range of products—they have a lot riding on their security implementations, and they need a large neck to choke if something goes wrong,” Wilson wrote. “But there’s always room for small providers who offer highly-innovative solutions.” In the past, according to Infonetics, those “large necks” have belonged to the leaders: Cisco, followed by Juniper, McAfee, Fortinet and Check Point. The firm reported that customers prefer vendors with diverse security offerings, including hardware appliances, virtual appliances, and server software. Revenue across the virtual appliance market is expected to grow at a 21 percent combined annual growth rate (CAGR) through 2016, driven by cloud infrastructure build-outs, the high visibility of security as a barrier for cloud adoption, and the rapid adoption of server virtualization. Infonetics’ research found that about 30 percent of respondents said that they wanted 40-gigabit interfaces on their security gear—with a whopping 75 percent saying that they’ll need 100-gigabit interfaces for 2014. In part, that’s because a DDoS attack goes after the WAN infrastructure, not the servers; clogging the data highway in and out of the data center is the goal, not an attack on the servers themselves. With a wider interface, the appliance also has the breathing room to look for characteristics of the attack traffic that differ from the normal traffic. Any similarities in the attack traffic can be identified and filtered, according to Prolexic chief technology officer Paul Sop. Within the data center, operators seem to be ignoring 10-Gbit Ethernet, and even 40-Gbit. But as far as packets coming into the data center, it seems that wider is better.   Image: Rob Kints/