Level 3 acquires Black Lotus, enhances DDoS mitigation capabilities

Level 3 Communications has acquired privately-held Black Lotus, a provider of global Distributed Denial of Service (DDoS) mitigation services, furthering its network security capabilities for its growing enterprise customer base.

Other than saying it acquired the outstanding equity of Black Lotus in an all-cash transaction on July 1, 2015, Level 3 did not reveal any other terms of the transaction.

The timing of this deal coincides with an ongoing rise in the frequency, volume and complexity of DDoS attacks, which Level 3 highlighted in its report, "Safeguarding the Internet: Level 3 Botnet Research Report."

By acquiring Black Lotus, Level 3 will be able to add new capabilities to its existing DDoS service, which was launched in February, including the addition of extra scrubbing centers.

When it introduced the DDoS service, Level 3 placed network protection in what it calls scrubbing centers that reside near the network edge, something it claims allows it to more rapidly respond to an attack on a business' network. The service provider has built a total of seven scrubbing centers, including five in the United States and two in Europe with plans to add a third center in Sao Paulo, Brazil, in May.

With the DDoS Mitigation service, Level 3 provides enhanced network-based detection and mitigation scrubbing solution alongside network routing, rate limiting and IP filtering abilities.

"We're seeing demand for these types of services from our customers," said Chris Richter, senior vice president of managed security services at Level 3, in an interview with FierceTelecom. "We acquired a company like Black Lotus, which does DDoS mitigation primarily just a few months after we launched our own DDoS mitigation service in February."

Richter added that the acquisition of Lotus is part of an ongoing roadmap for its growing DDoS and security business units.

"Even when we launched our DDoS mitigation service, we had in place a two year roadmap to build and enhance it and make it better and enable it to reach a broader base of customers and Black Louts gave us the capability to accelerate that development roadmap," Richter said. "At the same time it gave access to a very talented pool of security engineers and additional technological capabilities so all the planets lined up perfectly for us on this opportunity."

By bringing Black Lotus into the fold, the service provider will add proxy-based DDoS mitigation services to the portfolio providing additional capabilities for application layer attacks, along with advanced behavioral analytics technology. Level 3 said that application layer is a prime target for DDoS attacks that often impact Web servers and Web hosting providers.

In particular, Lotus enhanced Level 3's security portfolio with new proxy-based DDoS capabilities. The service the service provider launched in February was based on diversion of traffic to one or all of their regional scrubbing centers which makes use of BGP to redirect blocks of traffic to those scrubbing centers.  

"Typically, the way it works is the attack traffic is service is redirected to the scrubbing center server closest to the source of the attack," Richter said. "If it's a global, large, truly distributed denial of service attack, it could take all of our regional scrubbing centers into account to mitigate that traffic, but what proxy does is it takes individual IP addresses or blocks of IP addresses it directs it to a proxy of the web site and built into that site is scrubbing capacity and scrubbing capability."

What's also compelling about the proxy DDoS aproach is that Level 3 can address a wider audience with its security services, particularly companies that have a smaller set of address requirements and address attacks more quickly.

"The reason it expands our addressable market is because it can help us deliver DDoS mitigation services to customers who have smaller IP address blocks," Richter said. "It also gives us the ability to provide more rapid turn up of DDoS mitigation."

For more:
- see the release

Related articles:
Level 3, Zayo fiber cuts in Northern Calif. come under FBI investigation
Level 3 fiber network outage disrupts Internet traffic in the U.S. and Europe
Level 3, COMPTEL ask FCC to rework utility pole attachment rules
Level 3 takes active role in blocking traffic to criminal sites