From Network Protection to a Revenue-Generating Service
Why DDoS Attacks Are a Growing Risk for ISP Clients
For companies offering online payments, cloud services, or customer-facing digital platforms, a DDoS attack can instantly block access to critical services. Legitimate users are locked out, transactions fail, and trust is lost. These incidents directly impact revenue and brand reputation.
ISPs serving such businesses increasingly face pressure to provide not only connectivity but also protection. Recognizing this demand, NVP VOLZ LLC expanded its portfolio by launching a managed DDoS protection service for clients. This model is relevant not only in Ukraine but also for providers across Eastern Europe and Central Asia.
Why NETSCOUT Arbor Became the Technology Foundation
Choosing a DDoS protection platform is not only a technical decision but also a business one. NETSCOUT Arbor (formerly Arbor Networks) was selected due to its scalability, efficiency, and suitability for service-based delivery.
The Arbor platform analyzes traffic using metadata sources such as BGP, Flow, and SNMP. This approach avoids full traffic redirection and minimizes additional points of failure—an essential requirement for ISPs. With standard configurations, Arbor is capable of mitigating up to 95% of common DDoS attacks.
Another key advantage is deployment flexibility. NETSCOUT Arbor can operate as a virtual machine within a standard server cluster, allowing providers to scale resources quickly and efficiently. This flexibility is especially valuable for ISPs managing high-volume and cross-border traffic.
Implementation: From Pilot to Production
To implement the solution, NVP VOLZ LLC partnered with OmniLink, an authorized Arbor integrator. NWU, the official distributor of NETSCOUT / Arbor solutions, supported the project by providing licensing, technical expertise, and coordination with the vendor.
- Pilot Phase:
The project began with a pilot deployment using demo licenses. This phase validated performance, highlighted fine-tuning requirements, and confirmed the need for core network upgrades. - Arbor Sightline and Arbor TMS:
- Arbor Sightline continuously monitors traffic patterns and detects anomalies in real time. Detection can occur in as little as one second, with an average response time of 10–15 seconds.
- Arbor Threat Mitigation System (TMS) performs traffic scrubbing. Once an attack is detected, malicious traffic is redirected for cleaning, while legitimate traffic continues to its destination.
- Layer 3 / Layer 4 Protection:
Using BGP FlowSpec, high-volume attacks can be blocked directly at the network edge. This significantly reduces pressure on DPI systems, which may struggle with extreme traffic volumes. - Commercial Launch:
The solution entered full production between September and November 2020. Early operational results confirmed that up to 95% of typical DDoS threats were neutralized before impacting client services.
Traffic Visibility and Operational Control
According to Yuri Zayika, Sales Director at OmniLink, fine-tuning DDoS protection parameters for each customer requires effort but is essential for reliable service delivery. Arbor provides detailed traffic visualization, allowing operators to see traffic volume, origin, and type in real time.
This visibility enables faster response to changing attack vectors, which often evolve within minutes. For ISPs operating in Ukraine, Georgia, or Kazakhstan, such insight is critical to maintaining service continuity.
Scalability and Subscription-Based Business Model
Telecom operators often manage traffic flows reaching hundreds of gigabits per second. Under such conditions, traditional DPI-based defenses alone may be insufficient.
Arbor TMS performs “surgical” traffic filtering, removing malicious packets while preserving legitimate requests. This allows providers to maintain uninterrupted services even during large-scale attacks.
Equally important, the platform supports a subscription-based anti-DDoS service model. ISPs can allocate shared mitigation capacity across multiple clients, assuming that not all customers will be targeted simultaneously. This approach makes enterprise-grade DDoS protection accessible to smaller businesses and creates a predictable revenue stream for providers.
NWU’s Role as NETSCOUT Arbor Distributor
In this project, NWU acted as the official distributor of NETSCOUT Arbor solutions, supporting deployments in Ukraine and across Eastern Europe and Central Asia.
NWU provides:
- Access to NETSCOUT / Arbor anti-DDoS technologies
- Technical consulting and architecture design
- Support during pilot projects and production rollouts
Organizations seeking reliable DDoS protection can work with NWU to select, deploy, and operate solutions tailored to their network environment.
Key Takeaways for ISPs and Integrators
- Applicable to Different Business Sizes:
NETSCOUT Arbor solutions are suitable for large carriers as well as mid-sized ISPs. - Fast Detection and Automated Response:
DDoS attacks can be identified and mitigated within seconds. - Flexible Configuration:
Fine-grained tuning improves accuracy and reduces false positives. - Scalable and Cost-Efficient:
Subscription-based DDoS protection creates new revenue opportunities. - Partner Ecosystem Support:
Collaboration with integrators like OmniLink and distributors such as NWU simplifies deployment and operation.
Conclusion
The experience of NVP VOLZ LLC demonstrates that DDoS protection can evolve from a defensive necessity into a profitable service offering. By combining monitoring, mitigation, automation, and scalable architecture, ISPs can protect their networks while generating additional revenue.
For service providers across Ukraine, Kazakhstan, Georgia, and the broader Eastern Europe and Central Asia region, this model offers a practical path toward stronger security and sustainable business growth.
To learn more about DDoS protection and anti-DDoS services based on NETSCOUT Arbor, contact NWU for expert guidance and tailored solutions.
