In all situations, early warning of an attack offers the best chance of defense against that attack. Having detailed information about the attack before it occurs provides a defender with more options to use in his or her defense. These principles are true regardless of when or how an attack occurs. When armed with early warning and information, effective and preemptive countermeasures may be efficiently employed. Unfortunately, the configuration of a network and the speed of electronic communications often prevent any substantive early warning or preemptive informational analysis.
The most common countermeasure employed by networks limits the speed of ingress (incoming) electronic communications by forcing the traffic through one or more filters at the ingress point in order to detect malicious or suspicious traffic. Currently, when malicious or suspicious traffic is identified, the particular signal or packet is quarantined. Each subsequent filter then adds another layer of delay, thereby imposing additional time costs on network traffic and electronic communications. Ultimately, malicious and suspicious attacks on computer networks are a common occurrence causing significant performance and financial loss, while redirecting resources and budgets. The alternative to filtering is to allow network security systems to react to an attack.
Users of networks want the fastest communication speeds for their signals and data packets as they transit the network. This is the optimal communications path. The competing needs for network security against the end users' need for fast communications are one of the many balancing efforts network administrators face. Multiprotocol label switching (MPLS) networks are one solution where balancing the competing needs provides additional opportunities to satisfy the competing demands of security and speed.
MPLS networks are quickly becoming the standard for high-speed network backbones. MPLS networks used by major service providers offer a variety of high-priority paths (optimal) and low-priority paths (suboptimal) for customer traffic based on service level agreements. Thus, network administrators can meet the end users' needs by modifying the choices the end user makes and pays for.
For each MPLS network, there is at least one optimal path corresponding to the optimum speed for each signal or packet. Similarly, there are usually several suboptimal paths corresponding to the suboptimal speeds of signals or packets, the suboptimal speeds being less than the optimum speed. Current MPLS network security limits all of these transmissions to some value below the absolute fastest or optimal speed technologically available, thereby causing the performance of the network to be slower.
Because MPLS networks have a plurality of nodes, there are numerous routes and paths electronic communication signals can travel. This also means networks have numerous ingress points, routes and paths for the malicious and suspicious traffic to traverse. Because each node adds the burden of filtering an electronic signal, the speed of the network dramatically slows down, and the electronic signal travels at an extremely low, suboptimal speed. Optimization of the system also suffers filtration limits. However, without filtration systems, the network and its nodes have limited ability to react to threats when attacked.
The foregoing issues show a need for one or more ways to protect networks, optimize the electronic signal speed, and provide early warning messages without the burden of multiple filters.