Choosing a Future-proof DDoS Detection Architecture

One of our core beliefs at Kentik is that network analytics should be cloud-scale and cloud-based so that you’re not limited — today or tomorrow — by hardware infrastructure. By taking a big data SaaS approach to network analytics and DDoS detection, Kentik provides a distributed solution that scales with your traffic. It also has the critical advantage of protecting you from the continuous cycle of OS and appliance hardware EOLs and upgrades, which often are packaged with unwelcome licensing and vendor monetization surprises. In contrast, many Arbor Networks customers are facing an upcoming EOL and upgrade cycle with Peakflow version 7.5. Let’s look into how this will work out for Arbor customers so that we can get a feel for the pros and cons of the two approaches.

The Coming Peakflow 7.5 Cliff

Historically, Arbor, like many appliance vendors, has offered a few generations of appliance hardware. You get to upgrade the Peakflow software on your appliance for a while, but eventually Arbor releases a version that isn’t supported on your older hardware. At that point you are stuck with a software version that’s gone EOL. If you want to maintain support, you’re forced into a hardware upgrade, which is when the monetization magic happens (for the appliance manufacturer, that is). The product licenses are attached to the appliance, so you have to re-buy the entire product. Of course, existing customers get a substantial discount, but basically it means that customers face at least a partial repayment cliff every few years. Not fun.

This is the situation that Peakflow 7.5.x customers will be in this coming summer. Just two years after the software’s release, Arbor will be ending support. And much of the installed base of hardware running 7.5 hasn’t been qualified for an upgrade to Peakflow 8.0. If you’re one of the unlucky owners of excluded appliances, be prepared to dig deep into your pockets for a hardware upgrade.

How Much Will You Pay? More!

When Arbor began supporting VM-based appliances, they realized they were going to lose the ability to force upgrades based on “out of date hardware.” So they introduced “Flex Licensing,” which decouples the flow source licenses from the hardware. Flex Licensing includes an upfront perpetual license capex cost PLUS annual software subscription (for new versions) PLUS annual support and maintenance. The “software subscription” component is designed to recapture the revenue lost from the decline in forced hardware upgrades.

If you’re an Arbor customer and haven’t already converted to Flex Licensing, it’s likely that you’ll be required to do so — on top of buying new hardware appliances — in order to upgrade to 8.0 and remain under support. Of course, you can convert to a VM-based deployment, but one way or another you’re still paying for the infrastructure.

Good News! There’s an Add-On!

As a side note, Arbor recently announced a big data add-on to Peakflow called SP Insight, which is built on Druid open source software. I emphasize “add-on,” because you’re required to keep using Peakflow appliances, in addition to which you add your own infrastructure to run SP Insight. It’ll require you to buy yet another license, and to maintain an enterprise software deployment.

But no biggie. After all, you’re already hooked on those expensive and continuously EOL’d appliances, so what’s a major enterprise software investment to boot? You’ll get to enjoy the process of configuring all of that stuff, and thrill at the experience of jumping between the appliance and the UI for the big data back-end, all the while devoting valuable resources to a bespoke big data compute and storage infrastructure. And just when you’re getting the whole thing settled into your daily workflow you’ll encounter the infinite pleasures of separate and likely asynchronous software upgrades. Gosh, you’ll be so busy chasing the dream that you won’t have time to realize that…

Escape the Dizzying Cycle

Or, you could stop the madness and escape this carousel of EOLs, appliance upgrades, fragmented solutions, enterprise software, hosting maintenance, and licensing cliffs. How? By switching to a far more powerful DDoS detection solution based on big data and deployed in a cost-effective, zero-maintenance SaaS.

With Kentik, you get it all. No appliances, enterprise software, or infrastructure maintenance burden. You pay a straight subscription fee based on how many of your network devices (routers, switches, hosts) are sending flow to Kentik Detect. Not only do you get DDoS detection that’s field-proven to catch 30% more attacks than traditional appliances, you can also trigger multiple DDoS mitigation methods, including RTBH and third-party integrations from an expanding list of leading vendors such as Radware (DefensePro) and A10 (Thunder TPS). Plus you’ll have raw traffic data that’s available in real time and retained for months (90 days standard), enabling ultra-granular, super-fast ad-hoc traffic analysis, network performance monitoring, and peering and transit analytics.

Ready to see the power of big data DDoS protection and the world’s deepest, fastest network traffic analytics? Sign up for a free trial on our SaaS; turn on a flow exporter and you can be analyzing your own data in fifteen minutes. Or contact us at info@kentik.com to schedule a demo so we can schedule a step-by-step walk-through of our solution.