According to global research company Omdia, NETSCOUT is the top-ranked vendor in the DDoS Prevention Appliance Market, with 22 percent market share. Omdia’s biannual market tracker found that NETSCOUT continued to lead the sector in DDoS prevention, as the company has expanded from its dominant position in the communications service provider (CSP) market to gain significant market share in the enterprise DDoS mitigation business.
Chart: DDoS prevention worldwide quarterly revenue market share
DDoS prevention appliances are the first line of defense for most service providers and large enterprises around the globe looking to protect themselves from brute-force attacks on network or resource availability. And as the pandemic-driven surge in DDoS attack activity shows, this is a market poised for continued growth. Indeed, Omdia outlined several key issues that are likely to drive continued increase in demand across both the service provider and enterprise sector:
- The impact of COVID-19. According to NETSCOUT’s 1H 2020 Threat Intelligence Report, during the shutdown, the world was hit by the single largest number of monthly attacks yet seen—929,000 DDoS attacks in May alone. NETSCOUT Threat Intelligence observed 4.83 million DDoS attacks in the first half of 2020, up 15 percent from 2019. Even more telling, DDoS attack frequency jumped 25 percent during the pandemic lockdown months of March through June.
- Low bar to entry. Inexpensive booter/stresser services and botnets for hire, as well as the wide availability of crowd-source attack tools, is one factor behind the ever- increasing volume of highly visible attacks.
- Attack sophistication and scale. Attackers are launching increasingly sophisticated attacks, such as application layer attacks, that some DDoS detection and mitigation infrastructure can’t identify and block. At the same time, the emergence of terabit-sized amplification attacks are pushing the boundaries of mitigation performance. The buildout of massive new IoT botnets like Mirai and LizardStresser will further exacerbate these issues.
- Increased infrastructural complexity. Data center consolidation, data center upgrades, and the rollout of next-generation cloud infrastructure are driving significant changes in data center scale and architecture, which in turn require more sophisticated DDoS solutions.
- CSP infrastructure upgrades. Internet traffic growth has driven major carriers to upgrade their backbone infrastructure to increase capacity, driving a need for increased capacity DDoS prevention solutions; by 2022, there will be 4.8 billion internet users and 28.5 billion networked devices and connections.
- Demand for on-premises solutions. There are many enterprise environments that require a faster response than many cloud services offer, or where data must remain on premises for compliance reasons. At the same time, smaller regional SPs and hosting providers want to leverage on-premises tools to lower operating costs and generate revenue from customers for customized services.
- Mobile network upgrades. As mobile providers upgrade networks to deliver additional 4G services and upgrade to 5G, they are forced to add new layers of network protection and increase their overall security processing capacity significantly.
- Managed DDoS mitigation services. in addition to purchasing DDoS solutions to protect their own infrastructure, many carriers around the globe are buying DDoS products to build out managed services for their customers.
- SDN and NFV. These pervasive trends in network and telecommunications infrastructure will eventually touch all areas of security.
Subhead: Growth Plan
As the report notes, one of the reasons behind NETSCOUT’S market position lies in its architectural trend toward deploying smaller/virtual DDoS mitigation solutions at the edge, which their software version of TMS can support on COTS hardware with flexible licensing. Moreover, NETSCOUT's Arbor smart DDoS protection solutions are now wholly integrated into the overall NETSCOUT portfolio, and integrations such as Sightline with Sentinel allow the company to do some interesting smart/orchestrated mitigation at the edge.
Read the Omdia report