How to Combat Top Security Threats We’ll Face in 2016


All companies should be concerned with how to stay ahead of security breaches and mitigate damage in an age where hacking methods continue to grow ever more sophisticated. We’re likely to see more evolving techniques in 2016, so it’s important to stay ahead of the curve with a multi-layered security approach.

From Sony to Ashley Madison to Juniper, there’s been no shortage of large scale security breaches recently. The takeaway from these breaches is that all enterprises should boost their  server protection. For tips on how to do this, check out my recent blog post on how Solarflare’s accelerated, monitored and secure server solutions can drastically improve your company and customers’ sensitive data. Read on for solutions on how to combat three security threats we’re likely to see more of in 2016.

1. Cloud Computing

As more companies move sensitive data to cloud storage infrastructures, we can expect to see a rise in revenue for centrally hosted cloud based software companies, to the tune of $33 billion in 2016, according to tech investing firm Centaur Partners. With this move to cloud hosting we can expect to see hackers shifting their focus from physical network hacks to cloud breaches. Solarflare’s recent partnership with DigitalOcean, the world’s second largest cloud hosting provider, illustrates the proper approach to safeguard against cloud hacks. With 60,000+ developers depending on its network, DigitalOcean turned to Solarflare to enhance, accelerate and secure its network. Utilizing Solarflare’s Flareon 7042 Series 10/40GbE PCIe 3.0 server I/O adapters, DigitalOcean can now scale network capacity much more efficiently and with greater throughput than other solutions on the market. For tips on how to make your cloud partnership more stable and secure, check out my recent post on DigitalOcean.

2. Extortion Hacks

Extortion hacks, in which sensitive data is released, have been on the rise ever since the Sony hack back in 2014. These are the worst kind of attacks for a company to recover from, because they destroy customer trust, confidential information is revealed, and lawsuits can result. Last year’s big extortion hack was the Ashley Madison case, so we can expect to see more in 2016. The best method for mitigating the likelihood of an extortion attack is through utilizing a packet capture approach to add an additional layer of protection at the server network. Read more about how to do this in my recent blog post on why packet capture tech is essential for strong security, as it brings an additional layer of protection to the top of every rack of every server.

3. Abusive Bots

The rise of abusive bots and DDoS attacks that interfere with website performance have made protection software a top concern for high traffic sites. The recent partnership between Solarflare and CloudFlare illustrates a great solution to this very real threat.

San Francisco based startup CloudFlare accelerates, optimizes, and protects over 2 million sites and counting, by expanding its capabilities of mitigating growing DDoS attacks (among other things). To help with this process, CloudFlare partnered with Solarflare to add an additional layer of security and headroom at the server level. By headroom, we mean that the insertion of Solarflare builds depth, performance, and responsiveness into the CloudFlare servers in the face of DDoS attacks. CloudFlare reports that the Solarflare SFN5122F server adapters run circles around other offerings in the market. In CloudFlare’s SYN flood tests, they performed 180% better than the competition. According to CloudFlare benchmarks, Solarflare hardware and software delivered 16 million packets per second (at 60 bytes per packet, the typical size of a SYN packet in a SYN flood attack), compared with the next best alternative topping out around 9 million packets per second.

Staying ahead of abusive bots and DDoS attacks is a matter of being armed with the best server adapters and filter engines. Solarflare’s SolarSecure paired with its best in class 10GbE servers pack a strong one-two punch to any imminent threats that hackers might throw your way.


Afraid of Security Breaches? Boost Your Server Protection


News of the recent large scale security breach at networking company Juniper is just the latest example of why corporations should actively increase their cyber defense. While the FBI is currently investigating the back door hack that potentially compromised 3 years worth of highly classified data, the take away here should be that all companies looking to protect data and customer information should implement a multi-layered defense system for their networks.

Solarflare is the leader in secure network solutions, by proactively approaching security from multiple points of possible infiltration. Particularly for financial institutions or other industries with highly sensitive information, maintaining uninterrupted performance across applications while ensuring the earliest possible detection of breaches is essential. Here’s a three step plan to keep your network safe, secure, and speedy:

1. Proactively Protect the Server Perimeter

The network server is the number one target of cyber attacks, because this piece of hardware is where crucial client and institutional data is stored. Defense in depth begins at the perimeter level, much like a moat surrounding a castle from possible intruders.

The core of Solarflare’s DDoS server attack mitigation is SolarSecure– a high performance packet filter engine that enables “bad” traffic to be detected very early in the network stack, so DDoS attacks can be absorbed without the degradation of “good” traffic. The filtering engine allows for individual packets to be inspected, limited or blocked based on their contents.

In the face of DDoS attacks,  servers enabled with the SolarSecure were found to be 3 to 4 times more effective at packet filtering than iptables. This is a great way to identify and slow down potential threats before they escalate to a level where real damage is done.

2. Build Layered Defenses

The second phase of protection involves internal network segmentation. Multitenant cloud environments help defend against the spread of threats across the entire network. Partitioning off infected areas, new policies, filters and access control lists can be implemented to protect critical data from unauthenticated users.

Solarflare’s Capture SolarSecure (CSS) enables packet capture deployment on the top of every server rack in the data center, providing enhanced “DVR-like” real time lossless data recording. For financial institutions in particular, CSS provides greater threat mitigation, regulatory compliance requirements, and optimized trade execution management with precise time stamping capabilities. CSS mitigates cybersecurity risk by providing greater visibility into enterprise network, enabling prevention of hostile intrusion and data theft.

3. Close the Gap

Once a company can identify where its vulnerabilities lie, it can proactively mitigate risks to the perimeter and inner layers. Machine learning and optimizing data management and analytics allows companies to build the capability to analyze all the data on their networks. Having this detailed trail of information will be more important than ever before, as security regulations tighten in the face of ongoing large scale security breaches like the one at Jupiter.

SolarFlare’s recent partnership with Velocimetrics provides this kind of forward-thinking analysis, allowing all financial orders and trades to be tracked in real time. This is the kind of customized solution that more companies would do well to implement to bridge the gap between detecting breaches, preventing breaches, and ensuring that there is no exfiltration of sensitive assets from servers.

Companies can use these strategies and Solarflare’s security tools to help mitigate the cost of prevention and reduce the time of detection, creating a cost-effective security strategy. As large enterprises continue to be targeted by evolving hacking methods, a multilayered defense plan at the server level is essential.