Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

10th August 2011 -- Simwood has announced a comprehensive and affordable security solution designed to enable IT and Internet Service Providers take proactive measures to prevent and mitigate the impact of Distributed Denial of Service (DDoS) attacks. Its multi-layer DDoS security service is available immediately and is an economic and effective alternative to expensive standalone solutions. A flexible pricing model enables ISPs and ITSPs to purchase the exact degree of protection they require, with complete flexibility and scaleability to cope with rapidly changing security threats and challenges. The solution is hardware-based, always-on and blocks traffic from questionable sources, provides rapid and continuous monitoring for anomalies, and actively blocks intrusion. Lastly it is overlaid by a vast capacity solution which can be brought into play to cope with even extreme DDoS attacks.

Service providers are facing an increasing risk from DDoS attacks targeted at their customers as well as at themselves, but many have struggled with the cost and complexity of putting effective security solutions in place. The Simwood solution creates a broad-based defence by integrating four key aspects of security within a multi-layered model and backing this up with a vast provision of capacity and DDoS mitigation for extreme attack scenarios. In essence, dirty traffic comes in one side, passes through progressive layers and leaves only clean traffic to pass into the customer network. Some layers are also offered as a partial DDoS solution for those seeking to augment existing security models.

• Layer A – An estimated 60% of attack traffic originates from falsified or otherwise invalid IP addresses, usually those which are reserved for internal use or are not allocated to an ISP. Simwood edge routers maintain a continuous track of these and deny any traffic to or from them.

• Layer B - Traffic from suspicious sources is blocked through the use of ThreatSTOP block lists. ThreatSTOP is the leading provider of real-time IP reputation services. It has an unparalleled database of infected hosts involved in botnets, botnet command and control hosts, spam sources and malicious ISPs, which is updated every two hours. Traffic to and from disreputable sources is dropped from the Simwood network at wire speed on a continual basis.

• Layer C - Rapid and continuous monitoring for anomalies within traffic at layer 3, 4 and 7 provides the next layer of defence. Checks are conducted on 100% of all traffic rather than only sample traffic, as many other monitoring solutions do. This layer seeks to identify and take the volume out of an attack, blocking traffic which deviates from continually updated acceptable behaviour patterns whilst avoiding false-positives.

• Layer D –Provides a final check and ‘polishing’ of traffic through 8 sub-layers. It combines packet and protocol consistency checking, rate-based protection at the lowest level, traffic rate limits, highly configurable firewalling which can specify acceptable traffic types for a particular customer, and the proactive scanning of traffic for attack or vulnerability signatures.

Processing for all four layers is done entirely in hardware at wirespeed, adding a latency of only 100 micro-seconds.

The solution has been created to cope with multiple simultaneous DDoS attacks fitting the size profile of over 90 per cent of previously recorded attacks. In such a rapidly developing security landscape even this was not considered enough, so the model is also overlaid and supported by a heavy duty DDoS mitigation and capacity solution which sits in front of the Simwood network and ensures that even the largest attacks can be mitigated. This final and additional level of security is provided through a partnership with one of the world leaders in DDoS protection and is essentially re-insurance to complement the Simwood solution only if required. In the event of a significantly concerning attack detected by the Simwood Layer C monitoring, this would be activated. Affected traffic would immediately be rerouted through it with cleansed traffic then entering the Simwood network for additional cleansing.

Simon Woodhead, managing director of Simwood says “The impetus for developing this solution was that we were simply unable to find an adequate solution at a workable price-point for Simwood itself. We certainly couldn’t find one that could be made to work economically for our customers, and were deeply concerned at the growing risks. We identified a number of best of breed partners and equipment to weave a solution that offers protection with multiple USPs at a price-point that is workable for customers of all sizes and critically is also fair in structure.”

The only DDoS defence solutions that were previously available to ITSPs and ISPs were either inadequate or overly expensive. Individual solutions such as buying outsourced ‘scrubbing’ capacity are often designed and priced for large enterprises, making them cost prohibitive for SME sized service providers. Hosted proxy server solutions which field and then ‘scrub’ traffic can only be effective in the case of direct website hostname attacks, and do not protect against associated non-web services. Firewalls and other security hardware elements have provided only partial defence, alongside antivirus and malware software solutions, to some types of malicious attack. The inadequacies and expense of such solutions have previously meant that many ITSPs and ISPS have gambled on there being little likelihood of an attack. The rapid rise in the incidence of DDoS and other malicious attacks now makes this an increasingly risky strategy.

The Simwood solution effectively makes networks invisible to many attackers, and shares the cost of heavyweight DDoS defence across a large number of service provider customers who would otherwise not have the funds or specialist experience to create their own integrated DDoS solutions. This takes place entirely in hardware and at wire speed, with that hardware sitting behind Simwood’s all-Brocade MPLS network and with transit connections that are dedicated to DDoS mitigation.

About Simwood

Simwood is a UK-based wholesale communications provider which was incorporated in 1997 to develop eSMS, the world’s first global gateway between SMS and the internet. Simwood evolved to offer wholesale telecommunication services to communications providers and ISPs. It operates its own national MPLS network built entirely on Brocade equipment. Simwood operates from Telehouse East in London, with additional datacentres in Edinburgh and Manchester. It is peered with approximately 80 other networks, giving it exceptional global reach.

More information can be found at

Media contacts:

Further information including an in-depth white paper outlining the risks and solutions for IT service providers and ISPs can be obtained by contacting

Sue Rizzello ( / 01895 392 621)

or Ally Gau ( / 01895 392 622)

This press release was distributed by ResponseSource Press Release Wire on behalf of Potion PR and Marketing Ltd in the following categories: Computing & Telecoms, for more information visit