Corero

Hivelocity, a data center services and cloud hosting provider, serves a wide range of customers from more than 130 countries around the world. The company’s network, which features 8 transit providers and 300+ private peers, has been designed to provide high levels of availability, reliability, and performance for every customer regardless of their geographic location. However, with DDoS attacks on the rise and being a global concern, Hivelocity needed to deploy a solution that would ensure that its customers stay online. The demographic of their customer base varies widely, hosting web applications, online games, audio and video streams as well as credit card processing services and health service companies who require a HIPAA compliant data center. These customers count on Hivelocity to provide them with a highly reliable network that keeps their businesses online at all times.

Jagex Games Studio, a Cambridge-based multi-award-winning games developer and publisher, was facing an increase in DDoS attacks for various reasons, including banning known DDoSers, attention-seeking purposes, and those looking for bragging rights. The company also faced extortion attempts, with bad actors threatening to take down the site unless Jagex paid their ransom requests. The company was also threatened with DDoS unless they made changes to the game itself. These instances posed a serious challenge to game availability, which is the lifeblood of the organisation. The company was using a legacy DDoS mitigation solution that was not performing to specifications and was based on time-consuming reactive policies in an industry that demands proactive defense measures.

Brady Distributing Company heavily relies on the Internet for its business operations, making it vulnerable to malware, viruses, and Denial of Service (DoS) attacks. The company's IT manager, Rick Baird, was particularly concerned about the lack of visibility into the network, especially on remote PCs. Despite having a firewall for its MPLS network and a content filtering appliance, these measures did not provide enough layers of security. The company was still plagued by malware and viruses, which threatened the business and consumed the IT department’s resources to remediate the problems. Baird decided to add an Intrusion Prevention System (IPS) to the company’s line of defense.

Liquid Web Inc., a managed web hosting and datacenter company, was facing a significant increase in distributed denial-of-service (DDoS) attacks, affecting its core business. These attacks could be either volumetric or nonvolumetric in nature. The company had an existing solution in place from a security provider that was used for attack detection. However, that solution was not doing enough to deal with mounting DDoS problems. When DDoS attacks were made on the Liquid Web network, incidents needed to be identified, isolated, and mitigated. Before Liquid Web onboarded the Corero solution, such attacks were routinely detected but not prevented. Another challenge was that 'innocent bystanders' (i.e., other customers on the network) could be impacted by a network slowdown even though they weren't the specific target of a DDoS attack.

San Miguel County, Colorado, is a popular tourist destination with a diverse region ranging from rugged mountain resort communities to arid ranching communities. Despite its peaceful and scenic locale, the county government is connected to the world through the Internet and is at risk from the same types of threats from cyber attackers. The county provides online constituent services and important information for citizens and visitors on its website. As residents become more dependent on the website, there is a growing requirement to protect against web-based attacks aimed at stealing data and distributed denial of service (DDoS) attacks that could bring the site down. The county needed a comprehensive network security solution that would protect the county’s sensitive data and maintain online services without disruption in the face of an increasingly dangerous Internet environment.

Fastmetrics, a full-service Internet service provider (ISP), was facing the challenge of ensuring uninterrupted service to its clients in the Bay Area and throughout California. The company was committed to protecting its infrastructure against the growing threat of distributed denial of service (DDoS) attacks. Internet access is business-critical for Fastmetrics’ clients. If Internet access, email, voice services and unified communications are slowed or, worse, unavailable, Fastmetrics’ clients would be unable to service their own customers. That means the ISP’s business would suffer if their customers move to other providers to ensure uninterrupted availability. Fastmetrics already had strong security measures in place, including locking down its servers to help thwart attempted intrusions. But it also saw that it was imperative to take proactive measures to improve the ISP’s ability to address the growing DDoS menace.

Hyve, a leading UK IT service provider specializing in mission-critical cloud hosting, was looking to stand out among competitors in the large UK market. The company aimed to provide the utmost security to its customers while also ensuring continued availability through unhindered access to their systems. In today’s environment of increasingly sophisticated and common attacks, Hyve cannot deliver the performance and satisfaction its customers demand without addressing security threats that plague organizations the world over. To mitigate these risks and meet customer expectations, Hyve’s environment has multiple layers of defense, is ISO-27001 and PCI-DSS certified, and has been architected to prevent client cross-contamination if a problem does occur. Nevertheless, Hyve was still challenged by weaknesses in individual clients’ hosted environments. Being a proactive, security driven company, Hyve have looked for another line of defense to better protect the entire IT environment.

Pep Boys, a multibillion-dollar automotive services and retail chain, needed to protect its network of over 700 stores and corporate headquarters against malicious attacks that could result in the theft of sensitive customer and employee information. The company is the custodian of a myriad of customer and employee records from its stores, as well as its Philadelphia corporate headquarters. Personally identifiable information (PII) and corporate data are valuable targets for cyber-criminals. As an e-commerce company, Pep Boys is entrusted with a large amount of customer information and employee data, such as Social Security numbers. The company also stores customer information through its online “Glovebox” feature, which enables customers to record and conveniently access information about their vehicles and service history. Firewalls are essential to control access to Pep Boys’ corporate network and the sensitive data it holds, but far from sufficient in today’s threat environment.

Telesystem and Line Systems (LSI), divisions of Block Communications, provide voice, internet, and cloud computing solutions to thousands of commercial customers across the east coast and Midwest. Their customers, which include universities, government agencies, schools, hospitals, and financial institutions, rely on constant connectivity. However, the companies were frequently targeted by DDoS attacks, which threatened their commitment to delivering reliable and highly available solutions. The operations team had to take provisional measures to prevent outages and began looking for a permanent DDoS defense solution.

Phase 2, a leading software-as-a-service (SaaS) provider servicing the federal and enterprise markets, needed to ensure superior data center architecture, flawless application performance, and dedicated expert support to ensure an uninterrupted, trouble-free customer experience. As one of the first cloud services providers to achieve Federal Information Security Management Act (FISMA) certification, Phase 2 needed to become even more hardened from a network and applications security perspective. The company serves hundreds of customers around the globe, including federal agencies and enterprises in the United States, the United Kingdom, Canada, Australia, Germany, Saudi Arabia, Syria, South Africa, and Japan. Given the threat climate and federal mandates, Phase 2 wanted to proactively strengthen its defenses with the best security technology available to ensure the utmost protection and uptime for its customers.

Zacks Investment Research is a unique institution with a very special purpose: To deliver sound investment advice their clients can take to the bank. But that means that Zacks must be free of intrusions. It must protect its site to not only ensure it is available to its users, it must also safeguard its information to maintain strong customer confidence. Voloshin said the DDoS attack identified attempts to penetrate the network. He called it “very sophisticated,” and said it was quite strong in volume. Credit cards, personally identifiable information, and PCI mandates, all require protection as well. Proprietary information as a result of the research needed to be protected including data researched and released to institutional clients.

Los Angeles Dedicated (LAD) is a cloud and Infrastructure-as-a-Service provider with a significant portion of its business involving providing dedicated servers and infrastructure to gaming clients. These gaming companies are prime targets for DDoS attacks, and LAD is concerned about its network being impacted by the rapid escalation of the DDoS attack landscape. Even one significant DDoS attack could cut off network connectivity to all of LAD’s customers, causing unacceptable collateral damage. LAD had experienced some attacks that it was not able to fend off using homegrown means, resulting in service outages that cost them a few customer contracts. The company’s president and CEO, Robby Hicks, initiated a search for a dedicated DDoS solution that could protect LA Dedicated’s systems and all of the company’s customers while under duress from attacks.

The Journal Register Company, a large newspaper publisher in the United States, experienced a network attack during its transformation from a print-only newspaper publisher to a digital-first news organization. Malware breached existing defenses at one of the company’s regional news-gathering locations and began degrading network performance. Midway through the audit, the Journal Register’s Michigan location experienced a DDoS [Distributed Denial of Service] attack, significantly impacting the content delivery. The company needed to stop the malicious attack quickly and adopt the appropriate technology to protect them going forward.

GamersFirst, a rapidly growing online video gaming company, was facing serious issues with Distributed Denial of Service (DDoS) attacks. These attacks were severely impacting the gaming experience, even preventing online play, which was costing the business tens of thousands of dollars. The attacks were slowing down games and in some cases, bringing them to a halt. This resulted in lost business and the risk of losing customers to other online video gaming sites. The sources of the attacks were typically angry and vindictive former players who had been banned from GamersFirst.com for cheating. These attackers mobilized large armies or “botnets” of hijacked computers to attack the online gaming service. At one point, the service was attacked daily over a four-month period, and an attack even succeeded in bringing down GamersFirst’s data center.