Q&A with Michael Wheeler, EVP, global IP network, NTT Communications

NTT has recently expanded its DDoS protection services (DPS). What changes has it made, and why?

As customer requirements have eveolved, and the types of frequency of attacks have grown, we felt there was a need to expand the product in terms of features and functionality.

We expanded our existing product line to make it a wider version of our DPS Core, adding DPS Control, and there will be a few other options in our roadmap.

DPS Control takes the core ability of our mitigation platform and allows cutomers to put in permanent ACLs, allowing them to modify those on a monthly basis. It’s a much more effective tool than managing black hole routing.

So it’s a product family for us. We have DPS Control and then DPS Core, but we expect more products to come along the line which will offer a further step of capability that will be significant for our customers.


Have you seen an increase in the scale of DDoS attacks, and what are the risks that these attacks hold?

The sophistication and the sheer volume of traffic have became a concern. Because of the nature of DDoS attack that means they will be a greater scale. So we have definitely seen an increase in them so they’re requiring more focus from providers like ourselves, and also large scale users of the internet.

Those customers need to assess their risk profile, but any customer really serious about network security is using multiple mechanisms by which to address attacks. They’ll address some issues in house, or pay for a service such as the one we’re offering, or bring solutions on-premise.

Anyone in financial services, for example, has a huge risk profile. But if you’re just selling stuff on eBay, you’re not as at risk. So you have to size it and scale it to match your risk profile. There’s much more visibility to it now.


How important is security to OTT customers and providers, whose entire business model relies on connectivity?

 When we discuss security with those type of companies, it is a different kind of conversation. The more sophisticated your business is, the more that changes, and in those cases, we have a 24/7 network operation centre, which our security team is connected to. Those types of companies also have their own teams on that side, and we’ll always be interacting with them.

When attacks happen, there is a lot of real time interaction around it. We work with them in different ways, but often the most valuable conversations come a few days later, when the dust has settled. It’s then that you can carry out a post-mortem and compare notes, address what worked and didn’t work, and what could have been done differently. That’s part of that consistent refreshing cycle that customers, and ourselves, need to do.

Anyone that reliant on the internet is very committed to that approach. It’s not new to them, but there is certainly an awareness and recognition around the security issue.


What is the relationship like between carriers and the OTT service providers in the LATAM region and how is this developing?

For a long time, we’ve believed it is the best case for the internet at large, and for us as a company, to have a mutually beneficial relationship with the content side of the internet. For the most case, that’s the perspective that side has had as well. That’s why we’ve seen the success and growth we’ve had with those customers over time.

Latin America has a certain set of realities, but there are similar parameters to Europe and the US. But there are also some different parameters, but ultimately the nature of the relationship, and goals of the parties, is quite similar. If that’s in alignment, you can work through any challenges, whether it be operational or commercial.

We take a global view of this, although we recognise there is sometimes regional concerns. Most of those companies have a global reach and we provide services across multiple continents. Not every conversation is fun or easy, but both sides are committed to working out a beneficial relationship.