For service providers, in terms of the importance of providing DDoS mitigation in relation to other types of security services for customers, 93% see it as a high priority.
According to Corero Network Security’s second-annual study of service providers offering services like VoIP, UC, transit, public and private cloud services and E-Line and E-LAN functionality, this is up 10 points compared with the 83% total from last year.
About 37% ranked DDoS mitigation as more important than other managed security services, and 56% said it was just as important.
The findings highlight this group’s unique needs for deploying DDoS protection across their networks and the valuable business benefit to position themselves as leading the charge against DDoS attacks, both in protecting their own infrastructure and offering more comprehensive security solutions to their customers, as a paid-for managed service. A full 82% see a clear business opportunity in providing a DDoS protection as-a-service to their customers.
“Given that DDoS attacks are growing in frequency and sophistication, it’s not at all surprising that providers are prioritizing and enhancing DDoS mitigation service offerings, and understand the revenue opportunity that such a service brings to the table. It’s much more cost effective—and less complicated—for a business to secure DDoS protection from their trusted provider,” stated Stephanie Weagle, Corero vice president of marketing.
Even as service providers are clearly concerned about DDoS and its effects, the top issue in providing a managed DDoS service is proving the value of the service to customers, as cited by 39% survey respondents. Other concerns include a requirement for per-customer visibility and protection capabilities from a single management console (held by 23%), and cost (21%).
In ranking what providers are looking for in an ideal DDoS solution, unsurprisingly, the results display a wide range of requirements. The ability to maintain bandwidth/throughput in the face of a DDoS attack was ranked most important at 42%, similar to last year. Unsurprisingly, the ability to handle high-volume, indiscriminate attacks ranked second highest in importance to 29% of respondents. The ability to mitigate attacks in seconds’ vs minutes or more, and ability to handle attacks that are aimed at disrupting specific applications garnered 25% each, while the ability to reduce overall CAPEX/OPEX was key for about a fifth of service providers, 22%.
And finally, the capability to integrate DDoS attack mitigation with third-party DDoS detection tools, the ability to provide reporting and visibility into attack types and mitigation that was executed, as well as a solution with low false blocking rates all scored relatively equally as requirements in deploying a DDoS mitigation solution.