inner_solutionsweprovide

Protecting and Managing the Mobile Data Infrastructure and Services

As a mobile operator, you face the challenge of managing a dramatic rise in mobile data traffic traversing your mobile core and backbone networks. This explosion in volume is fueled by subscriber’s usage of ever-popular mobile devices such as smartphones, and PCs with air cards for Web 2.0 applications like streaming audio, video and other social media. In response, your company is undoubtedly making major investments in 3G and 4G technologies to optimize and transform once voice-centric networks into data-centric networks. But are these investments sufficient to meet your critical business objectives such as increasing market share, reducing customer churn and increasing average revenue per user (ARPU)?

As mobile broadband continues to rise in popularity and usage, so too does the potential for malicious activity or crippling threats to your mobile network, services and subscribers. Attackers see mobile devices and networks as new fertile ground for compromise and attacks. Threats such as "overbilling" attacks and Internet-sourced DDoS attacks that target infrastructure including SGSNs, GGSNs, DNS or even firewalls are becoming common—threatening the availability of your mobile services and the profitability of your business.

Arbor's Peakflow SP solution allows mobile network operators to optimize and protect their mobile infrastructure and services.

Image

Mobile Infrastructure Protection

Can you protect your fragile mobile infrastructure from Internet-sourced DDoS attacks? Are you relying on inline security devices such as firewalls for this protection? According to Arbor’s 5th Annual Worldwide Infrastructure Security Report , DDoS attacks continue to be the number one concern of fixed broadband providers around the world. As mobile broadband networks become more like fixed broadband networks, mobile operators will undoubtedly experience the same threats to their mobile subscribers and infrastructure as fixed broadband operators. One such threat that is becoming more common is Internet-sourced DDoS attacks that target specific devices in the mobile network. Knowing that mobile infrastructure devices such as SGSNs, GGSNs and firewalls are already stressed, attackers target these devices with TCP session attacks—causing them to fail due to state exhaustion. Mobile operators know that once these inline devices fail, the impact is severe.

Arbor’s Peakflow SP and Peakflow SP Threat Management System (TMS) provide a comprehensive threat detection, mitigation and reporting solution that can be deployed on the Gi/SGi interfaces of the GGSN/PGW —allowing you to protect your mobile infrastructure from threats such as Internet-sourced DDoS attacks. Key features include:

  • Multiple methods of threat detection and real-time mitigation (including TCP session attacks and DNS attacks).
  • Different models of Peakflow SP TMS providing 1-40Gbps of surgical mitigation of attack traffic.
  • Out-of-band deployment.

Mobile Service Protection

As a mobile service provider who faces increased competition, you know that simply providing mobile broadband access is no longer enough to retain and attract new customers. In addition to building relationships with mobile device manufacturers, you need to offer more mobile services such as customer Web portals, streaming audio and music, and wireless access to social networking in order to maximize ARPU. So how do you protect these critical mobile services from attacks via the Internet or mobile subscribers? Can you detect both the large volumetric DDoS attacks as well as the small application-layer attacks that threaten your services?

Peakflow SP and Peakflow SP TMS enable mobile network operators to detect and stop attacks that threaten their mobile data centers and services. Key features include:
  • Mitigation of volumetric DDoS attacks (i.e., UDP floods) and application-layer attacks (i.e., malformed DNS, VOIP and HTTPs attacks).
  • Either out-of-band or in-line deployment of Peakflow SP TMS.
  • Comprehensive alerting and reporting.
Image

Backbone Network Visibility, Capacity Planning and Bill Back

Do you know exactly where your mobile data traffic is coming from or going to? Do you know what impact your mobile traffic is having on your shared IP backbone? By leveraging IP flow data (i.e., NetFlow, sFlow, etc.) embedded in network backbone routers, Peakflow SP provides cost-effective visibility into your backbone traffic. Peakflow SP allows network operators to gain visibility into your mobile network traffic flow. It enables network engineers to conduct more intelligent traffic engineering for projects such as fixed mobile convergence (FMC) or IPv6. And if you’re a parent company sharing a common backbone among multiple mobile subsidiaries, Peakflow SP can be used for proper bill-back purposes.

Optimized Peering/Transit Analysis

You’ve invested heavily in the access, backhaul and core of your mobile network. But are you loosing profitability via non-optimized peering and transit relationships? Do you know exactly which network provider your mobile subscribers are using most often? Using Border Gateway Protocol (BGP), Simple Network Management Protocol (SNMP) and NetFlow data, Peakflow SP conducts detailed peering analysis—allowing mobile network operators to evaluate current peering or transit relationships to optimize investments in mobile infrastructure and maximize ARPU.