Founded in 1999, OSHEAN, Inc. is Rhode Island’s nonprofit Research and Education Network (REN) providing service to a coalition of universities, K-12 schools, libraries, hospitals, government agencies, and other nonprofit organizations. Leveraging its 600+ mile fiber network, the organization’s mission is to provide innovative Internet-based technology solutions to its approximately 160 member institutions and the communities they serve. OSHEAN’s network is the foundational fiber and IP infrastructure for its membership.
According to Ventsi Gotov, Senior Network Engineer for OSHEAN, the intensity and frequency of attacks against OSHEAN’s members had noticeably increased, particularly those targeting its K-12 and higher education sectors. In fact, those attacks accounted for nearly 80% of all attacks, averaging one to two per day. These largely volumetric attacks were overwhelming the member institutions and had the potential to affect OSHEAN’s 10-100 Gbps middle-mile backbone.
These days, schools rely on uninterrupted Internet connectivity to enable a range of lifeblood functions such as online testing, access to the cloud, research feeds, and other important administrative services. The cost, time, skills, and process required of OSHEAN members to individually try to address the attacks was prohibitive.
Without a formal solution to detect and mitigate Distributed Denial of Service (DDoS) attacks, OSHEAN’s staff was always in react mode, forced to manually reroute the traffic to dedicated “black hole” ports. That approach stopped the attacks and prevented further damage, but took time and shut down the service.
With limited available staff time, Gotov knew it was unsustainable to keep manually handling a continuous onslaught of DDoS attacks. “We needed a long-term solution we could control and automate to mitigate these attacks,” explains Gotov. To that end, Gotov and other members of the OSHEAN staff and membership set off to evaluate a scalable, sustainable solution.
OSHEAN needed to satisfy two key requirements to support its objectives:
OSHEAN evaluated its options, including using third-party services and building its own in-house solution with scrubbing capabilities. The latter option was considered capital intensive and not scalable to a large membership whose bandwidth requirements grow markedly year over year. Then the organization learned it could take advantage of Akamai Prolexic Connect through OSHEAN’s partnership with the Northern Crossroads (NoX).
NoX facilitates advanced networking among research institutions in New England, including Massachusetts Institute of Technology (MIT), Boston University, Dartmouth, and Harvard. After selecting Akamai Prolexic to protect the MIT campus network, MIT extended the service to other NoX members.
“Akamai Prolexic was the best option because it did not require tunneling technology, had massive scale, and could be implemented through our existing peering with the NoX,” says Gotov.
Moreover, Gotov was impressed by the expert guidance of the Akamai team. “Akamai’s specialized knowledge and expertise proved invaluable in helping us bring our unique DDoS protection program to life. The team displayed an open, helpful attitude toward our requirements for automation, collaborating with us to support our innovative approach to automate part of the process,” continues Gotov.
OSHEAN was pleasantly surprised by the speedy 15-day implementation. This put minimal stress on OSHEAN’s technical team while delivering a valuable and critical security service to ensure scalable DDoS protection for its members.
OSHEAN integrated the Akamai Prolexic solution with its in-house detection systems and routing infrastructure to completely automate the recognition, rerouting, and scrubbing of an attack. “Rather than throw additional bodies at this ever-growing problem, we now rely on best-of-breed tools and automation to give us the scale to handle any DDoS attack,” explains Gotov.
Under the watchful eye of Akamai’s Security Operations Command Center (SOCC) and monitoring service, the Akamai Prolexic solution stands ready to accept reroutes to its scrubbing centers for identification and blocking and the return of clean traffic.
As Gotov describes it, the use of Akamai Prolexic has enabled his team to move from a manual, reactive approach to an automatic, proactive one. While attacks continue, the impact is minimized.
Akamai’s data shows that the scale of DDoS attacks has been consistently growing over time, roughly doubling about every two years. Knowing this, the Akamai Prolexic platform is designed and continually enhanced to absorb 3x-5x the largest known attack.
Perhaps the best test of the OSHEAN DDoS protection program is seeing how well the organization now handles DDoS attacks. According to Gotov, between January and July 2018, OSHEAN saw 224 attack events with an average size of around 1.1+ Gbps or 580+ Kpps. Forty-one of the 224 attacks were considered substantial, with the potential for significant network impact on individual members and the OSHEAN network as a whole. Those 41 — including an 18+ Gbps / 1.8+ Mpps memcached amplification attack — were automatically directed to an Akamai scrubbing center for mitigation.
“The Akamai Prolexic solution is a prime example of OSHEAN’s core mission to deliver the highest-value, most cost-efficient services to our members,” says Gotov. “The solution is so seamless and effective that our members are completely relieved of the burden of worrying about DDoS attacks. Implementing and managing a solution that handles DDoS attacks is not something our members want to spend their time doing. Akamai makes it possible for us to do that for our members, without any interruptions to service,” concludes Gotov.
OSHEAN, Inc., delivers carrier-class optical transport, advanced IP-based networking, and innovative cloud solutions to community anchor institutions and the communities they serve. OSHEAN creates trusted connections for peer-to-peer interactions that lead to more efficient, effective, and collaborative information technology environments. With an extensive member network consisting of leading healthcare organizations, colleges and universities, K-12 schools, libraries, government agencies, and other community organizations, OSHEAN acts as a key strategic technology partner by facilitating member collaboration and providing best-in-class technology solutions and services that provide operational efficiencies and transform traditional enterprise operating models in support of its members’ missions. For more information, visit www.oshean.org.
As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7/365 monitoring. To learn why the top financial institutions, online retail leaders, media and entertainment providers, and government organizations trust Akamai, please visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter.