“We heard the alerts notifying us that the network service wasn’t available and that the wireless wasn’t working so it was all hands on deck.”
– Usman Ali Dar, Infrastructure Support Technologist, Georgian College
Cybersecurity attacks have been on the rise and we have seen a spike in DDoS attacks during the COVID-19 pandemic, disrupting productivity and business continuity, including for research, education and innovation organizations. ORION recently conducted a DDoS pilot program with our network constituents, Georgian College and Wilfrid Laurier University. The goal? To understand how we could best leverage the power of our shared network and IT services against the threat of DDoS attacks for our community.
In early 2020, Usman Ali Dar’s team at Georgian College saw their internet bandwidth at near capacity. It was a distributed denial of services (DDoS) attack and it lasted about 30 minutes—a half-hour IT nightmare, to be sure, but it could have lasted much longer. Within minutes, ORION DDoS Threat Protection software had detected the anomalous traffic flooding Georgian’s network and our security expert began investigations.
When ORION provided information about the IPs generating the traffic, Georgian’s team blocked them, as suggested. The teams then discussed the causes of the attack and Georgian was provided with a comprehensive incident report. Georgian used the Forensic Report requested from ORION to better understand the details of the disruption and to make changes to Georgian’s network security like switching from manual to dynamic IP blocking to help prevent similar future attacks.
“Before ORION’s DDoS Threat Protection service, I was not able to analyze or review any threat beyond my perimeter network,” says Dar. “With it, I am able to see one step further to review traffic patterns and better protect against threats to Georgian’s infrastructure.”
Protecting a network isn’t easy. It involves significant resources for protective devices, software as well as skilled and experienced staff. It’s a huge concern for organizations and not every institution has the resources to do it right. Even if they do, there are still visibility and controls that are beyond their reach.
“We’re limited; I can see my main door and what comes through it, but I can’t see beyond it,” says Dar. “We can protect all the doors but can’t protect the hallways outside.”
ORION DDoS Threat Protection
ORION DDoS Threat Protection changes that. Leveraging a powerful cybersecurity system from industry leader NETSCOUT Arbor, ORION DDoS Threat Protection works inline to detect threats that target your network, so that our security experts can help you address them from 9 a.m. to 5 p.m. Monday to Friday.
By participating in the pilot, Georgian College provided valuable feedback which helped shape this latest cybersecurity service for Ontario’s research, education and innovation community. They helped inform the service, which is always up-to-date and requires no on-site equipment, software or manual intervention. ORION’s network security experts become a valuable part of your organization’s cybersecurity defence team, freeing up your IT resources for other important functions.
“Having ORION as part of our defence team to block the threat felt awesome. When you partner with someone you can trust and rely on, it’s the best thing,” says Usman Ali Dar. “With ORION, we have a special relationship that’s beyond that of an organization providing a service. There’s added value and benefit. They gather and share valuable information to help us upgrade our network to the best of our abilities.”
As a shared solution that ORION is providing to all constituents as part of our network enhancements, ORION DDoS Threat Protection ensures the safety and security of your organization’s most important business systems including your network, servers and network-connected applications.
Additional services coming soon
This pilot project has helped us better understand our community’s needs. The DDoS threat landscape is evolving quickly and is further exacerbated by COVID-19. Research, education, and healthcare organizations with valuable intellectual property are vulnerable to cyberattacks from threat actors and yet digital business continuity has become even more important than ever. While this latest service represents a significant safeguard, we know that some organizations need more, and we’re already working to enhance our DDoS services.