Wholesale Telecoms Aggregator, Australia
This customer sells wholesale products, technology, services, systems and processes to a wide variety of organizations so that they can operate as network providers, offering phone and internet connectivity to their users. It provides network services, end-user billing, payment processing and support to carriers, ISPs and virtual operators. Its customers range from SMBs and enterprises to large Communication Service Providers (CSP) and Internet Service Providers (ISP).
The wholesaler wanted to develop its business as a network seller to CSPs and ISPs by providing them a value added service offering for their consumer and Enterprise customers that would allow them to grow their revenues. Consumer services were meant to assure subscriber QoE and grow ARPU, while enterprise services were meant to allow downstream business customers to offload their infrastructure and reduce their operational costs.
These business plans were threatened following a massive DDoS attack which brought the wholesaler’s infrastructure to a halt and resulted in significant damage to both reputation and service level agreements (SLA). The first order of business became to find an immediate solution to protect the network from malicious attack.
Due to the nature of wholesale business, they needed a network-level solution that would protect their valuable infrastructure and could also be sold to multiple downstream service providers. Scalability was essential to ensure protection could handle the expected increases in network users, bandwidth demand, application proliferation, and the growing number of threats that are constantly emerging.
Finally, the urgency of addressing these issues meant that the solution needed to be credible, proven, and with fast ROI, especially for downstream CSPs who planned to offer DDoS Protection as a service to their enterprise customers.
The solution needed to remedy the problem by mitigating attacks in seconds before any damage occurs. Threats could manifest themselves both as inbound and outbound attacks. Whilst individual outbound attacks are small, their combined volume could not only cause network congestion, but also could cause the blacklisting of IP networks, which would effectively terminate the network service to the downstream customers.
While some solutions were able to target and mitigate large attacks, few could handle large combinations of small DDoS attacks and at the same time mitigate these damaging volumetric attacks in seconds. The failure of traditional security approaches meant that behavior-based detection and mitigation was required.
The necessary solution required three key elements:
Initially, Allot multiservice platform, powered by Allot Service Gateway, was providing DPI-based Traffic Management for application prioritization as well as captive portal redirection. Following the DDoS attack and after considering a variety of other options, Allot DDoS Protection and Bot Containment services – provided by Allot ServiceProtector licenses -were enabled in the same Allot Service Gateway platform. The ability to deploy multiple services in a single platform made the upgrade easy and provided the speed, versatility and security that the Wholesaler needed.
By leveraging Allot’s know-how in multiservice delivery and successful telco deployments, the Wholesale Service Aggregator is able to provide a compelling sell-through proposition that allows downstream ISPs to assure network availability and user quality of experience as they differentiate their service offering and enhance profitability.
Allot enabled us to offer greater security to high-value customers and attract larger businesses and service providers.”