DDoS Attacks on Carrier-grade NAT Infrastructure

A10 Networks has produced a series of LightTalk videos in which company solutions architects explain a technical concept such as the evolution to containers, SYN cookies or, in this case, how DDoS attacks affect carrier-grade NAT infrastructure.

In this video, our solutions architect describes what happens when an attack is initiated using a single IP address. Up to 256 users could be affected by such an attack and while a DDoS detection solution may be able to mitigate the attack, the carrier-grade NAT infrastructure may not be aware, and service then goes down for those subscribers.

Turner goes on to describe how the A10 Thunder® Threat Protection System (TPS) uses auto blacklisting of NAT pool addressing to help detect these attacks and take the IP address out, preserving subscriber services.


|

October 3, 2019

About A10 Staff