“In its 30 years, NETSCOUT has evolved into the largest provider of service assurance and cybersecurity solutions for IP networks,” explained Paul Barrett, CTO-Enterprise, NETSCOUT. In the burgeoning $17.35 billion unified communications market, the company empowers some of the world’s most complex and valuable service providers—such as Microsoft and Cisco—and enterprises, helping them deliver services by consistently staying ahead of technology advancements along their extremely challenging digital journey.
When the first private-exchange telephone handset went “off the hook,” only to be replaced by IP-based telephony, it set off a ripple effect in the telecom market. Today, even the desk phone has hundreds of lines of programming, making it a highly complex computing device. Adding to the challenge has been the advent of other real-time communication modes, such as immersive video conferencing, instant messengers, and non-real-time means like e-mail, fax, voicemail, and video-on-demand. “Face-to-face video sessions are already emerging in applications such as remote tellers and high-value sales and customer support situations,” stated Barrett.
In addition to being highly complex, Unified Communication & Collaboration (UC&C) systems are almost always multi-vendor environments. As a result, an enterprise becomes a labyrinth of gizmos and software applications—gushing multifarious voice, text, and video data, in and out, every second of the day. In the process of binding the realms of these distinct elements, UC&C networks often run out of steam when it comes to attaining visibility into the infrastructure. “This spells trouble for decision makers, as any degradation in service for the organization can wreck havoc, resulting in damaged business, or worse, lost customers,” said Barrett. To stave off such incidents, NETSCOUT has developed its indigenous nGeniusONE Service Assurance platform, underpinned by its patented Adaptive Service Intelligence (ASI) technology that provides real-time, end-to-end visibility into UC&C networks.
ASI technology scouts through customer networks to collect data from disparate sources, services, and protocols in the broader UC&C environment
With nGeniusONE, an enterprise—or service provider—gets the complete picture of its UC&C deployment, along with the health and activities of its multifarious entities and the underlying inter-dependencies. It is necessary to note that NETSCOUT’s intelligent ASI algorithms remove the noise from network traffic in real-time and store only what is required. “As a result, the amount of storage needed by a deployment is considerably smaller than if all the raw data was retained—translating into a reduced need for rack space, lower power consumption, and less of a strain on cooling systems,” Barrett extoled. “The ASI technology scouts through customer networks to collect data from disparate sources, services, and protocols in the broader UC&C environment,” he added. By sifting through a broad spectrum of industry standards for transmission protocols, including RTP, SIP, and LDAP, the nGeniusONE analytical engine supports multiple vendor devices and various forms of data—voice, video, image, and text.
Although UC&C systems offer an increasing number of modes of communication, Barrett vouches for real-time voice and video as one of the most effective, owing to its ability to convey subtleties in tone, emphasis, and cadence in speech and the capability to see facial expressions and body language. Advocating for the importance of reliable, high-quality voice and video, NETSCOUT employs a best-in-class approach to measuring the media quality through its Mean Opinion Score (MOS) technology. Enterprises are constantly reaping visible benefits from MOS by assessing the quality of speech and other metrics, and taking actionable steps to mitigate the problem.
A Map of the Connected World
Organizations are realizing the dire need to put a proactive strategy in place to detect network anomalies and avoid a potential outage before it has a chance to escalate. For an undulating UC&C network, administrators can take a quick look at the interactive nGeniusONE dashboard and identify a malfunctioning system from the map-like interface of the entire UC&C infrastructure. Additionally, “by performing active analysis in the background, the system sends ‘situation alerts’ and alarms when it identifies an abnormality that should be investigated further,” Barrett pointed out. Nothing escapes NETSCOUT’s range of vision, promising optimal levels of service assurance throughout the service timeline, from implementation to delivery of the communication infrastructure. “This isn’t restricted to core UC&C entities, but also includes services that were previously independent of the UC system and have now become an integral part of the new design.”
At the end of the day, “NETSCOUT isn’t just about IT service assurance; it’s about enabling CIOs to make a significant contribution to Business Assurance as a whole,” assured Barrett. The consolidated contribution that NETSCOUT offers to UC&C networks for leading enterprises that record some of the busiest traffic levels is a true testament to its proficiency in service assurance, cybersecurity, and performance optimization.
"NETSCOUT isn’t just about IT service assurance; it’s about enabling CIOs to make a significant contribution to Business Assurance as a whole"
NETSCOUT in Action
Recently, the IT department of a major metropolitan agency that encompasses the city-wide infrastructure and systems— from public safety to human services and education, and economic development— was running into a bottleneck with its legacy communication network management. With the rapid influx of voice and video data that was growing in size day-by-day, network performance was unable to meet rising demands. “It was then that the metropolitan authorities approached NETSCOUT,” explained Barrett. “We started by delivering much-needed visibility into the overall network traffic flow.” The project was a huge success and the city reaped the benefits of a central console that managed and monitored the city’s network. Additionally, by analyzing metadata accumulated from the routers and acting on it appropriately, NETSCOUT had raised the bar for the city’s network security.
Having laid its cornerstone long before there were mobile phones and the Internet was still a privilege for the common man, NETSCOUT today stands strong in the UC&C landscape, supporting many of today’s technology giants. Despite its stature in the industry, the company is diligently pushing the envelope through the innovation of more prolific and automated techniques. “As the tidal wave of digital transformation continues to build, networks remain the heart of this brave new world,” concluded Barrett. “And the surrounding network intelligence will be an increasingly important part of service assurance and ultimately, business assurance for our customers. This is what we do best and it’s what enables us to be a leader in the industry.”
Vital Pandemic Industries Foster Unprecedented DDoS Attack Activity According to 2H2020 NETSCOUT Threat Intelligence Report
WESTFORD, Mass. - NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT) today announced findings from its bi-annual Threat Intelligence Report, punctuated by a record-setting 10,089,687 Distributed Denial of Service (DDoS) attacks observed during 2020. Cybercriminals exploited vulnerabilities exposed by massive internet usage shifts since many users were no longer protected by enterprise-grade security. Attackers paid particular attention to vital pandemic industries such as e-commerce, streaming services, online learning, and healthcare generating a 20% year-over-year increase in attack frequency over 2019 plus a 22% increase in the last six months of 2020.
In August, a threat actor NETSCOUT dubbed Lazarus Bear Armada (LBA) launched one of the most sustained and extensive DDoS extortion campaigns yet seen, taking down the New Zealand stock exchange and targeting organizations involved in COVID-19 testing and vaccine development.
According to NETSCOUT's Worldwide Infrastructure Security Report® (WISR), which helps inform the Threat Intelligence Report findings, the number of enterprise respondents reporting DDoS extortion attacks increased by 125%. Overloaded firewalls and virtual private network (VPN) concentrators, crucial technologies used during the pandemic lockdown, contributed to the outages in 83% of the enterprises that suffered DDoS attacks. This finding represents a 21% increase over 2019 figures.
"Cybercriminals set multiple records in 2020, taking advantage of the shift towards remote work across the globe," stated Richard Hummel, threat intelligence lead, NETSCOUT. "The second half of last year witnessed a huge upsurge in DDoS attacks, brute-forcing of access credentials, and malware targeting internet-connected devices. As the COVID-19 pandemic continues, it will be imperative for security professionals to remain vigilant to protect critical infrastructure."
Other key findings from the NETSCOUT 2H2020 Threat Intelligence Report include:
• Monthly DDoS attack numbers surpassed 800,000. Threat actors increased their DDoS onslaught due to the pandemic lockdown; monthly DDoS attacks exceeded 800,000 in March and never looked back, representing a new normal for DDoS attack activity. On average, there were 839,083 attacks per month in 2020, an increase of nearly 130 thousand attacks over 2019.
• Mirai malware continued to thrive during the pandemic. Adversaries using Mirai malware and its variants took advantage of shifts away from enterprise-grade protection to generate a surge in brute-force attempts on Internet of Things (IoT) consumer-grade devices. Threat actors absorbed more devices into their botnets to further strengthen the frequency, size, and throughput of DDoS attacks worldwide.
• Commonly Used UDP-based DDoS attack vectors fueled attack increases. New reflection/amplification DDoS vectors permitted the abuse of misconfigured Microsoft RDP over UDP, Plex Media SSDP, and DTLS services resulting in an increasingly complex threat landscape.
NETSCOUT's Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data secured from NETSCOUT's Active Level Threat Analysis System (ATLAS„¢) coupled with NETSCOUT's ATLAS Security Engineering & Response Team (ASERT) insights.
The visibility and analysis represented in the Threat Intelligence Report and Cyber Threat Horizon fuel the ATLAS Intelligence Feed used across NETSCOUT's Arbor security product portfolio to detect and block threat activity for enterprises and service providers worldwide.