Rhode Island’s OSHEAN, Inc. is on guard with Akamai’s Prolexic to mitigate massive volumetric DDoS attacks
Founded in 1999, OSHEAN, Inc. is Rhode Island’s non-profit Research and Education Network (REN) providing service to a coalition of universities, K-12 schools, libraries, hospitals, government agencies, and other non-profit organizations. Leveraging its 600+ mile fiber network, the organization’s mission is to provide innovative Internet-based technology solutions to its approximately 160 member institutions and the communities they serve. OSHEAN’s network is the foundational fiber and IP infrastructure for its membership.
The Challenge: Preventing Unacceptable Outages
According to Ventsi Gotov, Senior Network Engineer for OSHEAN, the intensity and frequency of attacks against OSHEAN’s members had noticeably increased, particularly those targeting its K12 and higher education sectors. In fact, those attacks accounted for nearly 80% of all attacks, averaging one-to-two per day. These largely volumetric attacks were overwhelming the member institutions and had the potential to affect OSHEAN’s 10-100Gbps middle-mile backbone.
These days, schools rely on uninterrupted Internet connectivity to enable a range of lifeblood functions such as online testing, access to the cloud, research feeds and other important administrative services. The cost, time, skills and process required of OSHEAN members to individually try to address the attacks was prohibitive.
Without a formal solution to detect and mitigate Distributed Denial of Service (DDoS) attacks, OSHEAN’s staff was always in react mode, forced to manually reroute the traffic to dedicated “Black Hole” ports. That approach stopped the attacks and prevented further damage but took time and shut down the service.
With limited available staff time, Gotov knew it was unsustainable to keep manually handling a continuous onslaught of DDoS attacks. “We needed a long-term solution we could control and automate to mitigate these attacks,” explains Gotov. To that end, Gotov and other members of the OSHEAN staff and membership set off to evaluate a scalable, sustainable solution.
OSHEAN needed to satisfy two key requirements to support its objectives:
Ensure uninterrupted services. The organization wanted to optimize mitigation of future DDoS attacks so it could ensure uninterrupted network access to its members.
Augment in-house expertise. OSHEAN wanted to tap into cybersecurity expertise to better understand how to best protect its network members.
Partnering with the Experts
OSHEAN evaluated its options, including third-party services and building its own in-house solution with scrubbing capabilities. The latter option was considered capital intensive and not scalable to a large membership whose bandwidth requirements grow markedly year over year. Then the organization learned it could take advantage of Akamai Prolexic Connect through OSHEAN’s partnership with the Northern Crossroads (NoX).
NoX facilitates advanced networking among research institutions in New England, including Massachusetts Institute of Technology (MIT), Boston University, Dartmouth and Harvard. After selecting Akamai Prolexic to protect the MIT campus network, MIT extended the service to other NoX members.
“Akamai Prolexic was the best option because it did not require tunneling technology, had massive scale and could be implemented through our existing peering with the NoX,” says Gotov.
Moreover, Gotov was impressed by the expert guidance of the Akamai team. “Akamai’s specialized knowledge and expertise proved invaluable in helping us bring our unique DDoS protection program to life. The team displayed an open, helpful attitude toward our requirements for automation, collaborating with us to support our innovative approach to automate part of the process,” continues Gotov.
Realizing a Best-of-Breed Vision
OSHEAN was pleasantly surprised by the speedy 15-day implementation. This put minimal stress on OSHEAN’s technical team while delivering a valuable and critical security service to ensure scalable DDoS protection for its members.
OSHEAN integrated the Akamai Prolexic solution with its in-house detection systems and routing infrastructure to completely automate the recognition, rerouting and scrubbing of an attack. “Rather than throw additional bodies at this ever-growing problem, we now rely on best-of-breed tools and automation to give us the scale to handle any DDoS attack,” explains Gotov.
Under the watchful eye of Akamai’s Security Operations Command Center (SOCC) and monitoring service, the Akamai Prolexic solution stands ready to accept reroutes to its scrubbing centers for identification and blocking and the return of clean traffic.
As Gotov describes it, the use of Akamai Prolexic has enabled his team to move from a manual, reactive approach to an automatic, proactive one. While attacks continue, the impact is minimized.
Mitigating Even the Largest Attacks
Akamai’s data shows that the scale of DDoS attack size has been consistently growing over time, roughly doubling about every two years. Knowing this, the Akamai Prolexic platform is designed and continually enhanced to absorb 3X-5X the largest known attack.
Perhaps the best test of the OSHEAN DDoS protection program is seeing how well the organization now handles DDoS attacks. According to Gotov, between January and July 2018, OSHEAN saw 224 attack events with an average size of around 1.1Gbps+ or 580Kpps+. Forty-one of the 224 attacks were considered substantial, with the potential for significant network impact on individual members and the OSHEAN network as a whole. Those 41 – including an 18Gbps+ / 1.8Mpps+ Memcached amplification attack – were automatically directed to an Akamai scrubbing center for mitigation.
“The Akamai solution is a prime example of OSHEAN’s core mission to deliver the highest value, most cost-efficient services to our members,” says Gotov. “The Akamai Prolexic solution is so seamless and effective that our members are completely relieved of the burden of worrying about DDoS attacks. Implementing and managing a solution that handles DDoS attacks is not something our members want to spend their time doing. Akamai makes it possible for us to do that for our members, without any interruptions to service,” concludes Gotov.
About OSHEAN, Inc.
OSHEAN, Inc. delivers carrier class optical transport, advanced IP-based networking and innovative cloud solutions to Community Anchor Institutions and the communities they serve. OSHEAN creates trusted connections for peer-to-peer interactions that lead to more efficient, effective and collaborative information technology environments. With an extensive member network consisting of leading healthcare organizations, colleges and universities, K-12 schools, libraries, government agencies, and other community organizations, OSHEAN acts as a key strategic technology partner by facilitating member collaboration and providing best-in-class technology solutions and services that provide operational efficiencies and transform traditional enterprise operating models in support of its members' missions. For more information, visit http://www.oshean.org.
As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale with over 200,000 servers across 130 countries, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7 monitoring. To learn why the top financial institutions, e-commerce leaders, media & entertainment providers, and government organizations trust Akamai please visit http://www.akamai.com/, blogs.akamai.com, or @Akamai on Twitter.