Dispersive Technologies does software-defined networking (SDN) to help the California Independent System Operator control (Cal-ISO) the flow of electricity on its power grid. But in addition to SDN, Dispersive also created a unique tactic for dealing with distributed denial of service (DDoS) attacks.
Normally, DDoS attackers target a website’s address, going after port 80. “We allow you to use different ports,” says Dispersive’s Founder and CTO Robert Twitchell. “We have a client on the server, and we allow you to use whatever ports are allowed to be set up for the server within the 3,000 to 4,000 [port range].”
If something is trying to flood the server, software will close out port 80 and use ports in the 3,000 to 4,000 range. The larger port range makes it difficult for an attacker to monitor which ports might be used. And the software can constantly switch the ports being used.
The company essentially “disperses” traffic so it becomes overwhelming for a hacker to attack.
Dispersive uses the same concept of spreading out data for its SDN. For Cal-ISO, it manages energy information over many connection types from many providers, including single-family homes contributing renewable energy to the grid.
Security is part of Dispersive’s SDN technology. The company uses what it calls “deflectors” to break traffic up and spread traffic data out.
“We split traffic across multiple routes across the network through a cloud of servers that can number in the thousands,” says Twitchell.
These deflectors distribute the data plane for services, creating a cloud that can absorb a DDoS attack and roll traffic away from the attack.