Neustar: Building The World's Largest DDoS Defense Network

Nicolai Bezsonoff, General Manager Denial of Service (DoS) attacks in various forms have existed for decades, since the first computers came online, someone has been trying to take them offline. The number of attacks is only increasing, with as many as 77 percent of organizations experiencing a DDoS attack in the last three years. But service interruptions and lost revenue aren’t the only collateral damage businesses have to contend with when faced with a DDoS attack. Theft of intellectual property, compromised customer information and brand damage also weigh heavily on the minds of today’s CIO. In a world where users spend an estimated $1 million per minute online, more than 150 million emails are created, and Google alone handles 3.5 million search queries, the stakes are quite high.

To be in business in 2017 is to be online, and the expectation of constant connectivity makes companies susceptible to the enormous impact of DDoS from determined and remorseless attackers. Attacks are more frequent— 80 percent of companies attacked are assaulted more than once—more complex and more damaging than ever. Protecting against them is all the more difficult when you factor in adoption of new technologies and disciplines, such as Internet of Things devices (IoT) and public and private clouds. The junctions and interdependencies in the modern enterprise create both opportunities and vulnerabilities— and attackers know right where to strike.

Having a security technology partner well-versed in the expertise, management, and protection of complex, dynamic infrastructures is essential in defeating the volume, frequency, and complexity of DDoS threats. The right partner knows how to empower companies to proactively protect themselves before an attack severely disrupts business operations and customer experience. For more than two decades, Neustar has honed its expertise in online security, and successfully helped enterprise clients thwart countless DDoS issues threatening the viability of their operations.

A Partner in Threat Mitigation

Nicolai Bezsonoff, GM of Security Solutions at Neustar explains, “Our mission is to help brands securely grow online by monitoring, accelerating and defending their online assets.” The company offers a full suite of solutions tailored to address the risk level of each enterprise, without draining their ever-dwindling security budgets. Neustar recognizes that no enterprise can afford downtime due to a DDoS attack or another external pressure. “Attacks can happen very fast,” says Bezsonoff. “They need to be neutralized quickly to avoid impact, especially those that can catch the public eye.”

What makes Neustar stand apart from the crowded sea of security offerings? Experience, architecture, and obsession with speed. Last year, the world watched as attacks of unprecedented size—more than 1 Tbps—knocked global enterprises offline. Beyond scale, cybercriminals are getting ever more creative, combining DDoS attacks with other types of assaults.
For example, the use of DDoS attacks in concert with ransomware almost doubled in 2017, and DDoS is often used to confuse defenses and stymie forensics as smokescreens to cover other illegitimate activities. Neustar has significantly increased its capacity to fight online threats while building out its 10 Tbps infrastructure of large, high performance nodes. This investment in infrastructure positions Neustar to identify attacks, stop them, and send clean traffic back to the company quickly. Bezsonoff explains, “It’s not enough to survive attacks, you are expected to thrive in spite of them and that means fast protection.”

Our solutions are built to provide peace of mind to clients that their online defenses are strong and mitigation tactics are timely

In all of 2016, Neustar’s Mean Time to Mitigation—the average time it takes from detection of the attack to being protected—was roughly 90 seconds. Neustar automation and customized configurations not only extend protection across all elements of the enterprise, but also are essential to driving the speed necessary to beat back modern security threats. Neustar evaluates each company’s level of risk and then works to align the right solution to meet their needs from the broadest array of options available in the market. Neustar enables enterprises to simplify their security portfolio while reducing capital costs into an operational investment that streamlines and improves comprehensive protection.

A big challenge for organizations has been the inflexibility of available protection options that often force customers to conform to rigid, ill-fitting services. Neustar meets customers where they are, providing DDoS defense configurations best suited to individual customer requirements, including cloud-based, on-premise, or hybrid combinations. For organizations with a high risk of large, complex attacks, the security provider can implement a cloud-based protection service supported by a global network with expansive reach. The hybrid service combines both cloud-based and on-premise platforms to protect against small and complex attacks. Neustar works with each enterprise individually to determine which solution is the most appropriate for safeguarding its online assets, and they provide ongoing professional management for each service.

DDoS protection is just one weapon in Neustar’s arsenal. According to Bezsonoff, “Transparency is essential to a company’s situational awareness in security and monitoring and acceleration are part of that equation.” For example, through web performance metrics, customers gain an external view as well as a user perspective that offers powerful insight into how its customers are experiencing its online presence. “Knowing the difference between a performance anomaly and a potential security event determines what actions are appropriate in order to protect organizations and their brands,” Bezsonoff continues.

With the UltraDNS solution, enterprise acceleration is aided by reliable and fast resolution of a company’s site and in disrupting otherwise dangerous and latency-causing traffic communication from inside the organization to command and control servers operated by attackers.
Large, well-known global brands depend on these additional offerings from Neustar as part of a full stack solution. Bezsonoff states, “Each client has different layers and complexities. Issues come from all sides, including network threats and application attacks. Neustar has the ability to protect against each, while monitoring and accelerating online assets that their brands require.”

Innovation from Necessity

Neustar’s dedication to defending business assets online was born from the company’s own need to safeguard its enterprise. As a provider of security solutions, Neustar is also a target, sharing the same concerns as any other business that runs global mission-critical infrastructures. Innovation is a driver at Neustar because it takes effort, investment, and experience to stay ahead of present emerging threats. Through years of threat data evaluation, the company has been able to tailor their service offerings to meet the growing needs of businesses from nearly every industry. From financial institutions that work with highly sensitive customer data to large e-commerce sites, Neustar’s commitment to innovation and security ensures organizations and their brand reputations are protected. Large enterprises, as well as small- and medium-sized businesses, trust Neustar to mitigate threats, optimize infrastructure costs, and ensure they are always up and running.

Over the last year, it is this culture and demand for innovation that has attracted cyber security industry “rock stars” to Neustar. Although many companies talk a good game on innovation, Bezsonoff is hiring leaders who have pioneered and influenced security industries, such as Prolexic founder and renowned DDoS expert Barrett Lyon, who heads Neustar’s Security research and development. If innovation is the first priority for Bezsonoff, having a laser-like focus on customer needs is a close second. Every team member of Neustar recognizes the importance of rapid product development and implementation to meet the sense of urgency in the space, and clients reap the rewards of that in-depth understanding.

"Neustar has such a large footprint of DDoS and DNS threat data that the company produces its own intel"

Neustar has put its team of innovators and decades-long expertise to work in the last year to enhance the capacity of its DDoS defense solutions to handle increasingly large threats, but the company is also working on several other improvements. The company plans to provide a more robust and faster cloud solution by injecting a degree of machine learning into the process. Bezsonoff explains, “Artificial intelligence has become a significant factor in what we will offer in the near future. Neustar has such a large footprint of DDoS and DNS threat data that the company produces its own intel.” With the use of real-time threat intelligence, DDoS attacks can be identified quickly and then scrubbed and routed through an automated solution. The addition of machine learning mechanisms in Neustar’s solutions will bring an anti-fragile, fast mitigation framework to large enterprises in need.

Bezsonoff concludes, “The bad actors are always a few steps ahead, and the good guys are constantly trying to catch up.” With the company’s focus on innovation, hiring the best of the best, and advanced strategies for delivering monitoring, acceleration, and defense of online assets, Neustar is well positioned to be a resilient, proactive partner for companies across the board.


Sterling, VA

Nicolai Bezsonoff, General Manager

Neustar provides a one-stop-shop solution to help clients effectively mitigate DDoS attacks and defend their online assets