System Design

ATLAS Internet Schematic

(Click to enlarge)

What separates Arbor Networks from other vendors is how we leverage our pervasive service provider footprint to benefit all of our customers. ATLAS is a truly innovative, one-of-a-kind, globally scoped threat analysis and monitoring system with more than 330+ ISP customers participating.

These customers have agreed to share network traffic and attack statistics with the ATLAS system anonymously on an hourly basis (leveraging Arbor’s technology that sits on ISP networks). ATLAS also pulls in information from a network of honeypots Arbor has deployed around the world and utilizes information from ASERT malware and attack-tool research as well as intelligence from third party feeds.

The network and security intelligence delivered via ATLAS gives Arbor customers a considerable competitive advantage because of the powerful combination of the micro view of their own network (via Arbor products) together with the macro view of global Internet traffic (via ATLAS). This is a powerful combination of network security intelligence that is unrivaled today.

ATLAS currently monitors 130Tbps of peak Internet traffic. With this unique vantage point, Arbor is ideally positioned to deliver intelligence about DDoS, malware, exploits, phishing and botnets that threaten Internet infrastructure and services. The information is aggregated, analyzed and fed back to our customers via our products, the ATLAS portal and the ATLAS Intelligence Feed (AIF). AIF delivers application layer DDoS attack signatures to keep networks protected from hundreds of malware families, DDoS attack tools and their variants. This unique feed automates the identification and mitigation of attacks against infrastructure and services from known botnets while ensuring that updates for new threats are automatically delivered without software upgrades. The AIF enables customers to directly benefit from the depth and breadth of Arbor’s research capability.

For the security community at large, the ATLAS portal is a public resource that delivers a sub-set of the intelligence derived from the ATLAS system on host/port scanning activity, zero-day exploits and worm propagation, security events, vulnerability disclosures and dynamic botnet and phishing infrastructures. It includes:

Global Threat Map:
Real-time visibility into globally propagating threats
Threat Briefs:
Summarizing the most significant security events that have taken place over the past 24 hours
Top Threat Sources:
Multi-dimensional visualization of originating attack activity
Threat Index:
Summarizing Internet malicious activity by offering detailed threat ratings
Top Internet Attacks:
24-hour snapshot of the most prevalent exploits being used to launch attacks globally
Vulnerability Risk Index:
Determines the most dangerous vulnerabilities being exploited on the Internet today

What does the industry think of ATLAS?

“Arbor Networks has used its ATLAS traffic monitoring system to provide both an early and ongoing look at IPv6 adoption. World IPv6 day is just the beginning of a multi-year transition. With the data derived from ATLAS, we now have a baseline against which to measure the progress of that transition.”

Battle Green Research President Jennifer Pigg

“The ATLAS Initiative is a world first – but more importantly, it gives us the most comprehensive threat intelligence on the market today and provides a nice cherry on top of our managed security services offering.”

Cable & Wireless Security Expert Graham Smith

“ATLAS is not a theoretical concept but a set of established services that have been supporting carriers and large, Internet-based enterprises on an opt-in basis for six years. ATLAS’s existence and expanding carrier and large enterprise participation is a testament to its value.”

Frost & Sullivan/Stratecast Vice President Michael Suby

“Arbor Networks’ research is utterly indispensable for anyone who wants to understand the network security landscape, how it is evolving and what the implications may be.”

Harvard University Berkman Center for Internet & Society’s Ethan Zuckerman

“ATLAS is an important component of the Tata Communications' global security intelligence platform. ATLAS offers a unique and diverse data set that helps augment Tata Communications' view of Internet traffic trends beyond its own global network assets, thereby enhancing the value of its Managed Security Services platform for its customers and resellers alike."

Tata Communications General Manager of Managed Security Services Gray Williams

“With ATLAS aggregating data from so many ISPs all over the world, we are given real information that allows us to fight back against botnets, denial of service attacks and other malicious internet activity. ATLAS data delivers visibility far beyond our own network infrastructure and provides us with a truly global view of Internet traffic and trends.”

TelstraClear General Manager Adrian van Hest

"With a real-time view of potential Internet threats we can make more informed network management and security decisions. Because ATLAS aggregates data from so many ISPs all over the world, we are given actionable intelligence that not only provides us with a competitive advantage but allows us to fight back against botnets, denial of service attacks and other malicious Internet activity."

TELUS CSO of Business Transformation Technology Operations Ken Haertling

“Arbor Networks knows more about the Internet’s workings than possibly anyone outside the National Security Agency. Their monitoring equipment sits in nearly all Tier 1 internet providers — and if you want data on what the Internet looks like and what the top threats are, they’ve got it through their ATLAS service.”

Wired.com, May, 2009