Distributed Denial of Service (DDoS) attacks. Imminent danger for financial systems. Tata Communications Arbor Networks.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Distributed Denial of Service (DDoS) attacks. Imminent danger for financial systems. Tata Communications Arbor Networks."

Transcription

1 Distributed Denial of Service (DDoS) attacks Imminent danger for financial systems Presented by Tata Communications Arbor Networks 1

2 Agenda Importance of DDoS for BFSI DDoS Industry Trends DDoS Technology Overview Recent DDoS Attacks in India TCL DDoS Service World s largest ISP deployment Q&A 2

3 DDoS Why Should Financial Companies Care A DDoS attack can (and will) Cause substantial revenue loss due to system downtime Reduce customer confidence Leave systems vulnerable for hacking exploits Prevention Is Easier Than The Cure! RBI s Guidelines on Information security, Electronic Banking, Technology risk management and cyber frauds mandates the deployment of systems for DDoS mitigation RBI/ / 494 DBS.CO.ITC.BC.No. 6/ / April 29,

4 Industry Trends Operational & Security Threats DDoS attacks cost an average enterprise $6.3M* for a 24-hour outage * McAfee, January

5 DDoS Attack Trend Increased Volume Largest volumetric DDoS has grown from 9 to 100 Gbps in 5 years Increased Complexity Over quarter of attacks are now application-based DDoS mostly targeting HTTP, DNS, SMTP Increased Frequency More than 50% of data center operators are seeing more than 10 attacks per month 5

6 The Evolution of DDoS Attacks Other IRC SIP/VOIP HTTPS SMTP DNS HTTP Services Targeted by Application Layer DDoS Attacks 7% 11% 19% 24% 25% 67% 87% Have You Experienced Multi-vector Application / Volumetric DDoS Attacks 32% 41% 27% Don't Know No Yes 0% 20% 40% 60% 80% 100% 50% 40% 30% 20% 10% 0% Number of DDoS Attacks per Month 9% 47% 15% 7% 10% 11% % > Average Monthly Mbps of Attacks

7 The Evolution of DDoS Attacks Other IRC SIP/VOIP 50% 40% 30% 20% 10% HTTPS Services Targeted by Application Layer DDoS Attacks 7% 11% 19% 24% Have You Experienced Multi-vector Application / Volumetric DDoS Attacks SMTP 25% No DNS protection technologies. The 67% threats that increased continued 41% to be multivector Yes HTTP approaches for reconnaissance, 87% attack, and command and control. The most serious 0% 20% attacks 40% have 60% been 80% targeted 100% ones using evasive malware techniques, with 0% During 2011, an increase in threats and attacks has challenged infrastructure some customized for the target enterprise. These attacks are primarily financially motivated also saw an increase in large-scale nuisance attacks. Source: Number Gartner, of DDoS Hype Attacks Cycle for per Infrastructure Protection Average 2011 Monthly Mbps of Attacks 2000 Month 9% 47% 15% 7% 10% 11% % > % 27% 1843 Don't Know 7

8 DDoS Misconceptions Successful DDoS Attacks My firewall/ips provides DDoS protection I have enough bandwidth to absorb DDoS attacks No one would want to attack my business. FACT FACT FACT Most large data center operators have seen their firewalls/ips fail due to DDoS Multigigabit attacks are common and can overwhelm the largest networks Most data centers suffer downtime every year due to DDoS. Did Your Firewall/IPS Fail Due to DDoS Within Last 12 13% 38% 49% No Yes Largest Attack in 150 Gbps Source: Arbor Worldwide Infrastructure Security Report Rent a botnet for as little as $50 per day 8

9 The Broad Impact of DDoS Attacks Modern DDoS Attacks are Complex & Diverse IPS Load Balancer DATA CENTER Attack Traffic Good Traffic (1) saturation upstream, (2) state exhaustion, or (3) service outages critical services are no longer available! 9

10 Today s Defenses Are Not Designed for DDoS Existing perimeter security devices focus on integrity and confidentiality but not on availability Firewalls including WAFs help enforce confidentiality or that information and functions can be accessed only by properly authorized parties Information Security Triangle IPS Intrusion Prevention Systems (IPS) help enforce integrity or that information can be added, altered, or removed only by authorized persons All firewalls and IPS are stateful devices which are targeted by state-based DoS attacks from botnets! DATA CENTER IPS Load Balancer 10 10

11 IPS choke during DDoS attack - IPS does not offer protection from DDoS. - IPS one of the prime targets of DDoS attack - weakest link in chain. - IPS blocks traffic but does not mitigate DDoS attacks. 11

12 DDoS Attacks in India - News

13 DDoS Attacks on BFSI segment in India - Many banks, mutual funds, credit rating agencies, etc. have faced multiple DDoS attacks in last 1 year - Most DDoS attacks have been on website which have direct impact on revenue or reputation of the organization - Cert-in and RBI have issued guidelines for banks to take DDoS protection - Many leading private sector banks in India have already taken DDoS services from Tata Communications 13

14 Our Customers Leading Mutual Fund Company in India - Customer s website got DDoS attack at 6:00 pm on a Friday. The attack size was multiples times bigger than Internet port size - Website went down immediately. End users could not access the website - Within a couple of hours Tata Communications implemented DDoS protection in the cloud - Customer website was up and running again Protecting Formula 1 Service turned up in ~24 hours! Tata-protected F1 Bahrain assets, withstood DDoS attacks throughout the race weekend. "Their rapid response and technology solution were most impressive. In an incredibly short time Tata Communications had the service up and running and within 24hrs we were protected - Eddie Baker, CIO, Formula 1 14

15 Enterprise Services under DDoS Attacks DNS, HTTP attacked : Ports cannot be blocked. DDoS Preferred Choice of attack for hackers ANY WHERE ANY TIME ANY TYPE ANY NUMBER OF TIMES 15

16 Global Network Largest ISP DDoS Service TGN-Northern Europe TGN-Pacific TGN-Atlantic TGN-Western Europe TGN-EurAsia* TGN-Pacific TIC TGN-Intra Asia Largest ISP DDoS Deployment 16

17 DDoS : Advantages of Cloud Mitigation DDoS Attacks DDoS Attacks DDoS Mitigation in the Cloud 17

18 Comprehensive DDoS protection CPE + Cloud Internet SCRUBBING CENTER Peakflow SP/TMS Cloud Signalin g DATA CENTER Cloud-based DDoS Protection ISP Firewall IPS Load Balancer Internet CPE-based DDoS Protection Target Applications & Services 18

19 DDoS Detection & Mitigation Process Customer Premise Customer Server DDoS Attack Normal Traffic Internet End Users NetFlow Remove attack in the Internet Cloud DDoS Scrubbing Farm Advanced Protection No CAPEX or software in customer premise 19

20 Our DDoS Detection & Mitigation Service Features World s largest deployment of detection and mitigation capabilities Network-based service addresses distributed threats at the network edge Scrutinizes traffic in real-time to identify anomalies Only malicious traffic is blocked legitimate traffic continues to flow so network and applications remain available Benefits Improves traditional fault resolution procedures with real-time monitoring and alerting Lower Cost of Ownership (TCO) and greater efficacy than premise-based solutions Protect Internet application availability without costly over-provisioning of IP 20

21 Tata and the Arbor Networks Advantage Tier-1 ISP with Cloud DDoS Service Globally Distributed DDoS Scrubbing Capabilities Extensive Experience in DDoS Attack Management Securing online business availability with SLA Assurance Global 24x7 Security Operations Centers with Arbor Security Intelligence Botnet Attack Fingerprints Updated Threat Descriptions Country -> IP Updates ASERT Attack Risk Settings Inbound HTTP Botnet Attacks ASERT Severity Levels IP Location Data Cloud and CPE DDoS Comprehensive & Seamless DDoS protection 21

22 Thank You Sumit Narula Cell Samuel Sathyajith Cell

Arbor s Solution for ISP

Arbor s Solution for ISP Arbor s Solution for ISP Recent Attack Cases DDoS is an Exploding & Evolving Trend More Attack Motivations Geopolitical Burma taken offline by DDOS attack Protests Extortion Visa, PayPal, and MasterCard

More information

Pravail 2.0 Technical Overview. Exclusive Networks

Pravail 2.0 Technical Overview. Exclusive Networks Pravail 2.0 Technical Overview Exclusive Networks Pravail Features and Benefits Arbor Pravail APS is the a CPE-based security appliance focused on stopping availability threats Arbor Pravail APS Arbor

More information

Security Solutions for the New Threads

Security Solutions for the New Threads Security Solutions for the New Threads We see things others can t Pablo Grande Sales Director, SOLA pgrande@arbor.net What a CISO Is Looking For Show Progress on Response Time Measurably improve our incident

More information

Securing data centres: How we are positioned as your ISP provider to prevent online attacks.

Securing data centres: How we are positioned as your ISP provider to prevent online attacks. Securing data centres: How we are positioned as your ISP provider to prevent online attacks. Executive Summary In today s technologically-demanding world, an organisation that experiences any internet

More information

Stop DDoS Attacks in Minutes

Stop DDoS Attacks in Minutes PREVENTIA Forward Thinking Security Solutions Stop DDoS Attacks in Minutes 1 On average there are more than 7,000 DDoS attacks observed daily. You ve seen the headlines. Distributed Denial of Service (DDoS)

More information

SecurityDAM On-demand, Cloud-based DDoS Mitigation

SecurityDAM On-demand, Cloud-based DDoS Mitigation SecurityDAM On-demand, Cloud-based DDoS Mitigation Table of contents Introduction... 3 Why premise-based DDoS solutions are lacking... 3 The problem with ISP-based DDoS solutions... 4 On-demand cloud DDoS

More information

www.prolexic.com Stop DDoS Attacks in Minutes

www.prolexic.com Stop DDoS Attacks in Minutes www.prolexic.com Stop DDoS Attacks in Minutes Prolexic gives us the strong insurance policy against DDoS attacks that we were looking for. Mark Johnson, Chief Financial Officer, RealVision You ve seen

More information

The Risk vs. Cost of Enterprise DDoS Protection

The Risk vs. Cost of Enterprise DDoS Protection WHITE PAPER The Risk vs. Cost of Enterprise DDoS Protection How to Calculate the ROI from a DDoS Defense Solution 1 Every day, we hear more about distributed denial of service (DDoS) attacks. DDoS attacks

More information

Availability Digest. www.availabilitydigest.com. Prolexic a DDoS Mitigation Service Provider April 2013

Availability Digest. www.availabilitydigest.com. Prolexic a DDoS Mitigation Service Provider April 2013 the Availability Digest Prolexic a DDoS Mitigation Service Provider April 2013 Prolexic (www.prolexic.com) is a firm that focuses solely on mitigating Distributed Denial of Service (DDoS) attacks. Headquartered

More information

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation White Paper Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation Table of Contents Introduction... 3 Common DDoS Mitigation Measures...

More information

Belgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve

Belgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention Cloud and Security Bart Callens Product Manager ICT Security 10/17/2013 Slide 2 Agenda 13:30

More information

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4

More information

Being Ready to Face DDoS Challenge. Vodafone Power to you. DDoS

Being Ready to Face DDoS Challenge. Vodafone Power to you. DDoS Being Ready to Face DDoS Challenge Vodafone Power to you DDoS 02 Introduction With competitive pressures intensifying and the pace of innovation accelerating, recognising key trends, understanding their

More information

SHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper

SHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper SHARE THIS WHITEPAPER On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper Table of Contents Overview... 3 Current Attacks Landscape: DDoS is Becoming Mainstream... 3 Attackers Launch

More information

Cloud Security In Your Contingency Plans

Cloud Security In Your Contingency Plans Cloud Security In Your Contingency Plans Jerry Lock Security Sales Lead, Greater China Contingency Plans Avoid data theft and downtime by extending the security perimeter outside the data-center and protect

More information

TDC s perspective on DDoS threats

TDC s perspective on DDoS threats TDC s perspective on DDoS threats DDoS Dagen Stockholm March 2013 Lars Højberg, Technical Security Manager, TDC TDC in Sweden TDC in the Nordics 9 300 employees (2012) Turnover: 26,1 billion DKK (2012)

More information

DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS

DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS : DDOS ATTACKS DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS 1 DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS NTT is one of the largest Internet providers in the world, with a significant share of the world s

More information

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers How to Protect Your from Hackers Web attacks are the greatest threat facing organizations today. In the last year, Web attacks have brought down businesses of all sizes and resulted in massive-scale data

More information

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad

More information

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd michaels@radware.com

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd michaels@radware.com Protection against DDoS and WEB attacks Michael Soukonnik Radware Ltd michaels@radware.com Landscape Ponemon Research 2012: Cyber security threats Cyber security threats according to risk mitigation priority

More information

Four Considerations for Addressing the DDoS Risk for Carrier and Cloud Hosting Providers

Four Considerations for Addressing the DDoS Risk for Carrier and Cloud Hosting Providers Four Considerations for Addressing the DDoS Risk for Carrier and Cloud Hosting Providers Whitepaper SHARE THIS WHITEPAPER Table of Contents The Rising Threat of Cyber-Attack Downtime...3 Four Key Considerations

More information

Distributed Denial of Service protection

Distributed Denial of Service protection Distributed Denial of Service protection The cost in terms of lost business caused by a successful DDoS attacks can be significant. Our solution recognises when a DDoS attack is happening and identifies

More information

WHITE PAPER Hybrid Approach to DDoS Mitigation

WHITE PAPER Hybrid Approach to DDoS Mitigation WHITE PAPER Hybrid Approach to DDoS Mitigation FIRST LINE OF DEFENSE Executive Summary As organizations consider options for DDoS mitigation, it is important to realize that the optimal solution is a hybrid

More information

Mitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy

Mitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy Mitigating Denial of Service Attacks Why Crossing Fingers is Not a Strategy Introduction Mark Baldwin - Owner of Tectonic Security MSSP and Security Consulting Primarily Work With SMBs DDoS Mitigation

More information

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015 Arrow ECS University 2015 Radware Hybrid Cloud WAF Service 9 Ottobre 2015 Get to Know Radware 2 Our Track Record Company Growth Over 10,000 Customers USD Millions 200.00 150.00 32% 144.1 16% 167.0 15%

More information

Protect your network: planning for (DDoS), Distributed Denial of Service attacks

Protect your network: planning for (DDoS), Distributed Denial of Service attacks Protect your network: planning for (DDoS), Distributed Denial of Service attacks Nov 19, 2015 2015 CenturyLink. All Rights Reserved. The CenturyLink mark, pathways logo and certain CenturyLink product

More information

Securing Your Business with DNS Servers That Protect Themselves

Securing Your Business with DNS Servers That Protect Themselves Product Summary: The Infoblox Secure DNS Solution mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate queries.

More information

Ferramentas de Ataques de DDoS e a Evolução de ameaças a disponibilidade contra serviços Internet. Julio Arruda Gerente America Latina Engenharia

Ferramentas de Ataques de DDoS e a Evolução de ameaças a disponibilidade contra serviços Internet. Julio Arruda Gerente America Latina Engenharia Ferramentas de Ataques de DDoS e a Evolução de ameaças a disponibilidade contra serviços Internet Julio Arruda Gerente America Latina Engenharia Agenda The Affect of DDoS on Business DDoS Statistics, Motivations

More information

2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer

2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer 2012 Infrastructure Security Report 8th Annual Edition Kleber Carriello Consulting Engineer Key Findings in the Survey* Advanced Persistent Threats (APT) a top concern for service providers and enterprises

More information

FortiDDos Size isn t everything

FortiDDos Size isn t everything FortiDDos Size isn t everything Martijn Duijm Director Sales Engineering April - 2015 Copyright Fortinet Inc. All rights reserved. Agenda 1. DDoS In The News 2. Drawing the Demarcation Line - Does One

More information

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial

More information

Introducing Radware Attack Mitigation System. Presenter: Werner Thalmeier September 2013

Introducing Radware Attack Mitigation System. Presenter: Werner Thalmeier September 2013 Introducing Radware Attack Mitigation System Presenter: Werner Thalmeier September 2013 Agenda Introducing Radware (quick) Current Attacks Landscape Quick Outlook on Radware Attack Mitigation System (AMS)

More information

Securing Your Business with DNS Servers That Protect Themselves

Securing Your Business with DNS Servers That Protect Themselves Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate

More information

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Why a Network-based Security Solution is Better than Using Point Solutions Architectures Why a Network-based Security Solution is Better than Using Point Solutions Architectures In This Paper Many threats today rely on newly discovered vulnerabilities or exploits CPE-based solutions alone

More information

CHECKLIST: ONLINE SECURITY STRATEGY KEY CONSIDERATIONS MELBOURNE IT ENTERPRISE SERVICES

CHECKLIST: ONLINE SECURITY STRATEGY KEY CONSIDERATIONS MELBOURNE IT ENTERPRISE SERVICES ONLINE SECURITY STRATEGY KEY CONSIDERATIONS MELBOURNE IT ENTERPRISE SERVICES Cyber threats continue to rapidly evolve in frequency and sophistication, posing a constant and serious threat to business organisations

More information

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App

More information

A Layperson s Guide To DoS Attacks

A Layperson s Guide To DoS Attacks A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4

More information

On-Premises DDoS Mitigation for the Enterprise

On-Premises DDoS Mitigation for the Enterprise On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has

More information

MANAGED SECURITY SERVICES : IP AGNOSTIC DDOS AN IP AGNOSTIC APPROACH TO DISTRIBUTED DENIAL OF SERVICE DETECTION AND MITIGATION

MANAGED SECURITY SERVICES : IP AGNOSTIC DDOS AN IP AGNOSTIC APPROACH TO DISTRIBUTED DENIAL OF SERVICE DETECTION AND MITIGATION AN IP AGNOSTIC APPROACH TO DISTRIBUTED DENIAL OF SERVICE DETECTION AND MITIGATION Overview Distributed Denial of Service (DDoS) attacks saturate target networks with service requests that consume the capacity

More information

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. Threat > The number and size of cyberattacks are increasing rapidly Website availability and rapid performance are critical factors in determining the success

More information

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION Stephen Gates Chief Security Evangelist Corero Network Security Session ID: SEC-W04 Session Classification: Intermediate Recent Headlines Are Denial of

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT ISSUE 3 3RD QUARTER 2014

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT ISSUE 3 3RD QUARTER 2014 VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT ISSUE 3 3RD QUARTER 2014 CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS 4 Mitigations by Attack Size 4 Mitigations by Industry 5

More information

CALNET 3 Category 7 Network Based Management Security. Table of Contents

CALNET 3 Category 7 Network Based Management Security. Table of Contents State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2

More information

Service Description DDoS Mitigation Service

Service Description DDoS Mitigation Service Service Description DDoS Mitigation Service Interoute, Walbrook Building, 195 Marsh Wall, London, E14 9SG, UK Tel: +800 4683 7681 Email: info@interoute.com Contents Contents 1 Introduction...3 2 An Overview...3

More information

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013 Security workshop Belnet Aris Adamantiadis Brussels 18 th April 2013 Agenda What is a botnet? Symptoms How does it work? Life cycle How to fight against botnets? Proactive and reactive NIDS 2 What is a

More information

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business

More information

DDoS Attacks in the United Kingdom

DDoS Attacks in the United Kingdom Neustar Insights DDoS Attacks in the United Kingdom 2012 Annual Trends and Impact Survey Contents Survey Findings, 2012 2011 Survey Methodology 3 Frequency of Attacks 3 Introduction In both 2011 and 2012,

More information

Complete Protection against Evolving DDoS Threats

Complete Protection against Evolving DDoS Threats Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion

More information

Web Application Defence. Architecture Paper

Web Application Defence. Architecture Paper Web Application Defence Architecture Paper June 2014 Glossary BGP Botnet DDoS DMZ DoS HTTP HTTPS IDS IP IPS LOIC NFV NGFW SDN SQL SSL TCP TLS UTM WAF XSS Border Gateway Protocol A group of compromised

More information

Availability Digest. www.availabilitydigest.com. @availabilitydig. Surviving DNS DDoS Attacks November 2013

Availability Digest. www.availabilitydigest.com. @availabilitydig. Surviving DNS DDoS Attacks November 2013 the Availability Digest @availabilitydig Surviving DNS DDoS Attacks November 2013 DDoS attacks are on the rise. A DDoS attack launches a massive amount of traffic to a website to overwhelm it to the point

More information

DENIAL-OF-SERVICE ATTACKS

DENIAL-OF-SERVICE ATTACKS DENIAL-OF-SERVICE ATTACKS 40 years old & more present then ever Robert Dürr, Brühl, 16./17.09.2015 Axians Networks & Solutions GmbH email: robert.duerr@axians.de 1 WHO IS AXIANS?! Axians is the new brand

More information

Technology Blueprint. Defend Against Denial of Service Attacks. Protect each IT service layer against exploitation and abuse

Technology Blueprint. Defend Against Denial of Service Attacks. Protect each IT service layer against exploitation and abuse Technology Blueprint Defend Against Denial of Service (DOS and DDOS) Attacks Protect each IT service layer against exploitation and abuse LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

DDoS Overview and Incident Response Guide. July 2014

DDoS Overview and Incident Response Guide. July 2014 DDoS Overview and Incident Response Guide July 2014 Contents 1. Target Audience... 2 2. Introduction... 2 3. The Growing DDoS Problem... 2 4. DDoS Attack Categories... 4 5. DDoS Mitigation... 5 1 1. Target

More information

Arbor Networks DDoS Solutions. Alex Lopez alopez@arbor.net +34 676995439

Arbor Networks DDoS Solutions. Alex Lopez alopez@arbor.net +34 676995439 Arbor Networks DDoS Solutions Alex Lopez alopez@arbor.net +34 676995439 Agenda The Problem The Business Risk Smart. Secure. Available. The Arbor Solution Company Overview 2 Agenda Company The Problem Overview

More information

FortiDDoS. DDoS Attack Mitigation Appliances. Copyright Fortinet Inc. All rights reserved.

FortiDDoS. DDoS Attack Mitigation Appliances. Copyright Fortinet Inc. All rights reserved. FortiDDoS DDoS Attack Mitigation Appliances Copyright Fortinet Inc. All rights reserved. What is a DDoS Attack? Flooding attack from compromised PCs run by a Botmaster The Botmaster s motivations may be

More information

www.prolexic.com Stop DDoS Attacks in Minutes

www.prolexic.com Stop DDoS Attacks in Minutes www.prolexic.com Stop DDoS Attacks in Minutes The Prolexic DDoS mitigation package had a lot of things that the other companies just couldn t do. Ryan McElrath, Chief Technology Officer, Americaneagle.com

More information

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation Singtel Business Product Factsheet Brochure Managed Defense DDoS Protection Services Services Safeguard Your Internet Presence with Sophisticated DDoS Mitigation The Internet age has made every company

More information

Man, Machine and DDoS Mitigation

Man, Machine and DDoS Mitigation Man, Machine and DDoS Mitigation The case for human cyber security expertise Automated DDoS mitigation poses risks Distributed denial of service (DDoS) attacks can overwhelm DDoS appliances Today s DDoS

More information

Automated Mitigation of the Largest and Smartest DDoS Attacks

Automated Mitigation of the Largest and Smartest DDoS Attacks Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application

More information

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering

More information

First Line of Defense to Protect Critical Infrastructure

First Line of Defense to Protect Critical Infrastructure RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B

More information

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

WEB APPLICATION FIREWALLS: DO WE NEED THEM? DISTRIBUTING EMERGING TECHNOLOGIES, REGION-WIDE WEB APPLICATION FIREWALLS: DO WE NEED THEM? SHAIKH SURMED Sr. Solutions Engineer info@fvc.com www.fvc.com HAVE YOU BEEN HACKED????? WHAT IS THE PROBLEM?

More information

Securing Your Business with DNS Servers That Protect Themselves

Securing Your Business with DNS Servers That Protect Themselves Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to

More information

How Cisco IT Protects Against Distributed Denial of Service Attacks

How Cisco IT Protects Against Distributed Denial of Service Attacks How Cisco IT Protects Against Distributed Denial of Service Attacks Cisco Guard provides added layer of protection for server properties with high business value. Cisco IT Case Study / < Security and VPN

More information

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc. TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...

More information

Don t get DDoSed and Confused. Patrick Sullivan, CISSP, GSLC, GWAPT, GCIH Managed, Security Services

Don t get DDoSed and Confused. Patrick Sullivan, CISSP, GSLC, GWAPT, GCIH Managed, Security Services Don t get DDoSed and Confused Patrick Sullivan, CISSP, GSLC, GWAPT, GCIH Managed, Security Services Agenda Intro/Data Collection DDoS Basics Trends and Statistics Adversarial Groups/Motivations Defense

More information

HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT

HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest

More information

Business Case for a DDoS Consolidated Solution

Business Case for a DDoS Consolidated Solution Business Case for a DDoS Consolidated Solution Executive Summary Distributed denial-of-service (DDoS) attacks are becoming more serious and sophisticated. Attack motivations are increasingly financial

More information

Glasnost or Tyranny? You Can Have Secure and Open Networks!

Glasnost or Tyranny? You Can Have Secure and Open Networks! AT&T is a proud sponsor of StaySafe Online Glasnost or Tyranny? You Can Have Secure and Open Networks! Steven Hurst CISSP Director - AT&T Security Services and Technology AT&T Chief Security Office 2009

More information

2014 Foley & Lardner LLP Attorney Advertising Prior results do not guarantee a similar outcome Models used are not clients but may be representative

2014 Foley & Lardner LLP Attorney Advertising Prior results do not guarantee a similar outcome Models used are not clients but may be representative 2014 Foley & Lardner LLP Attorney Advertising Prior results do not guarantee a similar outcome Models used are not clients but may be representative of clients 321 N. Clark Street, Suite 2800, Chicago,

More information

McAfee Network Security Platform

McAfee Network Security Platform McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking

More information

This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons

This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons Attribution-ShareAlike 4.0 International license. As a provider

More information

DDoS Attacks Advancing and Enduring: A SANS Survey

DDoS Attacks Advancing and Enduring: A SANS Survey DDoS Attacks Advancing and Enduring: A SANS Survey A SANS Analyst Survey Written by John Pescatore February 2014 Sponsored by Corero Network Security 2014 SANS Institute Executive Summary Distributed denial

More information

Securing Your Business with DNS Servers That Protect Themselves

Securing Your Business with DNS Servers That Protect Themselves Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate

More information

KASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks

KASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks KASPERSKY DDOS PROTECTION Discover how Kaspersky Lab defends businesses against DDoS attacks CYBERCRIMINALS ARE TARGETING BUSINESSES If your business has ever suffered a Distributed Denial of Service (DDoS)

More information

Executive Suite Series A Prolexic White Paper

Executive Suite Series A Prolexic White Paper A Prolexic White Paper DDoS Denial of Service Protection and the Cloud Introduction Cloud computing ( the cloud ) has transformed the way that the world s businesses deploy and share applications and IT

More information

[Restricted] ONLY for designated groups and individuals. 2014 Check Point Software Technologies Ltd.

[Restricted] ONLY for designated groups and individuals. 2014 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Contents 1 2 3 4 Industry Trends DDoS Attack Types Solutions to DDoS Attacks Summary 2 Cybercrime Landscape DNS Hijacking Malware 3% 3% Targeted

More information

IndusGuard Web Application Firewall Test Drive User Registration

IndusGuard Web Application Firewall Test Drive User Registration IndusGuard Web Application Firewall Test Drive User Registration Document Version 1.0 24/06/2015 Confidentiality INDUSFACE HAS PREPARED THIS DOCUMENT FOR INTERNAL PURPOSE. NEITHER THIS DOCUMENT NOR ITS

More information

VALIDATING DDoS THREAT PROTECTION

VALIDATING DDoS THREAT PROTECTION VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to

More information

ERT Attack Report. Attacks on Large US Bank During Operation Ababil. March 2013

ERT Attack Report. Attacks on Large US Bank During Operation Ababil. March 2013 Attacks on Large US Bank During Operation Ababil March 2013 Table of Contents Executive Summary... 3 Background: Operation Ababil... 3 Servers Enlisted to Launch the Attack... 3 Attack Vectors... 4 Variations

More information

WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD

WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD CONTENTS EXECUTIVE SUMMARY 3 THE LIFEBLOOD OF MANY BUSINESSES IS UNDER ATTACK 3 IT LEADERS FACE A DIFFICULT BALANCING ACT 3 Companies

More information

Protection Solution. Strategic White Paper

Protection Solution. Strategic White Paper Alcatel-Lucent Integrated DDoS Protection Solution Strategic White Paper Table of contents 1. DDoS Attacks Increasing in Sophistication and Scale / 1 2. DDoS Threat Landscape & Impacts / 2 2.2 Impact on

More information

Advantages of Managed Security Services

Advantages of Managed Security Services Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network

More information