Verizon Business has announced a global expansion of its WAN-based service to detect and defend against denial-of-service attacks.

DoS attacks have been around for years but are on the rise with backing from organised groups, including intelligence agencies inside smaller nations that use the attacks as a form of cyber-terrorism against their enemies, Verizon officials and analysts said.

Verizon Business, a unit of Verizon Communications, said it has added a detection component to its DoS Defence service for mitigating DoS attacks. DoS Defense has been available for more than four years and is in use in 22 countries in Europe and the Asia-Pacific region.

In addition to already offering mitigation services in the US, Verizon today began offering both mitigation and detection of denial-of-service in Canada as well.

The monthly price for the service is $5,500 (£3,700) for both mitigation and detection. No customer on-premises equipment is required, since all the detection and mitigation is managed in the cloud over the Verizon IP network backbone and with several Verizon security centers, including three in the US, said Jonathan Nguyen-Duy, Verizon's director of product management for DoS Defense.

The detection component of DoS Defense works by scanning Internet traffic flow for suspicious activity, while the mitigation component diverts malicious traffic away from a customer's network, Nguyen-Duy said.

The detection function enables a customer to spot an attack early to allow quick mitigation, before the attack can hinder communications, he said. With mitigation, malicious traffic is diverted to Verizon's security centres where the data is scrubbed before being returned to the customer.

Bernt Ostergaard, a Copenhagen-based Current Analysis analyst, said Verizon is expanding its previous defence service in this offering by guaranteeing customers that it will stop a DoS attack within 15 minutes of an alert.

"Verizon is monitoring your websites and knows your traffic, and if they see trouble they shoot a message to the IT manager responsible and tell them they are seeing a rise in packets directed to a site," he said.

The service does not provide an automatic web defence, which might be undesirable for some companies. For example, a sudden surge of traffic to a retail website might be explained because the company has a special sale going on, Ostergaard said.

Ostergaard said Verizon already has thousands of DoS Defense customers and is one of the largest carriers offering such a service. AT&T's defense service has more customers, but Verizon is able to reach into more Asian countries than AT&T, he said, and it provides a superior interface for tracking alerts and problems.
"[Verizon has] near-real-time graphics and alerts in a format that's understandable," he said.

Ostergaard said that while the Verizon announcement is an "important step" in the battle against denial-of-service attacks, he said customers might still want to have internal defenses and not rely solely on Verizon to handle it in the cloud. In fact, some customers will want both the WAN service from Verizon and their own internal defences, he said.

"I don't know how efficient it is to do DoS defenses in the WAN," Ostergaard said. "All the carriers, including AT&T, Verizon and Orange, are moving their DoS detection and mitigation into the cloud, and their argument is that they can control this environment and have server farms where they can filter and data-scrub and pass through the good traffic so customers have a minimal delay."

But, Ostergaard added, "it sounds like a good idea, but my problem is that I'm not seeing anybody who has got prime examples of DoS mitigation in the cloud actually working. Overall, I'm not sure I'd trust these guys without defenses of my own."