Nokia Deepfield Overview
Nokia Deepfield is a sophisticated software-based solution designed to integrate network intelligence, analytics, and advanced DDoS security into a unified platform. This solution is the result of Nokia’s acquisition of Deepfield, a company specializing in real-time analytics for IP network performance, security, and management.
Key Functionality
- DDoS Protection: Nokia Deepfield, particularly through its component known as Deepfield Defender, offers robust and comprehensive distributed denial of service (DDoS) protection. It combines petabyte-scale big data IP analytics with the capabilities of advanced network routers and next-generation DDoS mitigation systems to detect and mitigate DDoS attacks with unprecedented scale, efficiency, and cost-effectiveness.
Core Components and Features
- Deepfield Secure Genome: This is a cloud-based, up-to-date data feed that tracks the security context of the internet. It provides detailed visibility into over 5 billion IPv4 and IPv6 addresses, enabling the tracking of internet traffic across more than 30 categories. Secure Genome includes information about prior attacks, insecure servers, and compromised IoT devices that could be used in DDoS attacks.
- Advanced AI/ML Algorithms: Deepfield Defender uses more than 100 machine learning rules to automatically classify and allocate applications and flows into security-related traffic types and categories. These algorithms calculate the optimal mitigation strategy for DDoS attacks and instruct routers or dedicated mitigation systems in real-time to apply these filters and neutralize the attacks.
- Integration with Nokia Routers: The solution tightly integrates with Nokia’s advanced IP routers (such as FP4/FP5/FPcx-based IP Routers) and the 7750 Defender Mitigation System. This integration allows for the detection of DDoS attacks and the immediate application of mitigation measures, ensuring minimal impact on customer traffic and network services.
- Real-Time Analytics and Automation: Deepfield Defender provides real-time tracking and analytics of network traffic, enabling quick detection of new types of DDoS attacks as they evolve. The system automates DDoS protection and mitigation, allowing for optimized auto-mitigation with supervision and manual tuning options. This automation scales the defense to petabyte levels, ensuring efficient and rapid DDoS mitigation.
- Holistic Network Visibility: The solution offers comprehensive visibility across the network, from content-originating domains and CDNs to peering and backbone networks, and finally to the customer edge. This holistic visibility is crucial for automating network responses to changing conditions, reducing operational costs, and enhancing service delivery.
Benefits
- Enhanced Security: Deepfield Defender enhances network security by providing advanced DDoS detection and mitigation capabilities, ensuring robust protection against volumetric and multi-vector attacks.
- Improved Performance and Efficiency: The solution optimizes network performance by providing real-time and historical analytics for traffic engineering and network planning. It also improves overall network efficacy and customer satisfaction by mapping OTT video traffic and other services to network measurements.
- Cost Efficiency and Scalability: Nokia Deepfield scales protection without increasing costs, offering a cost-efficient approach to DDoS mitigation. The 7750 Defender Mitigation System, for example, packs 2.8 Tb/s of DDoS processing capacity into a compact form factor, providing significant flexibility in choosing the optimal approach to DDoS mitigation.
- Managed Security Services: The solution allows service providers to become managed DDoS security service providers (MSSPs), offering managed security services to their customers. This is supported by extensive features for optimization, streamlining, and automation of security workflows.
In summary, Nokia Deepfield is a powerful, scalable, and flexible solution that leverages big data analytics and machine learning to transform network operations and security management. It provides unparalleled insights and control over network infrastructures, ensuring a superior quality of experience for customers while safeguarding against evolving cyber threats.