TEST METHODOLOGY. Distributed Denial-of-Service (DDoS) Prevention. v2.0

Size: px
Start display at page:

Download "TEST METHODOLOGY. Distributed Denial-of-Service (DDoS) Prevention. v2.0"

Transcription

1 TEST METHODOLOGY Distributed Denial-of-Service (DDoS) Prevention v2.0

2 Table of Contents 1 Introduction The Need for Distributed Denial-of-Service Prevention About This Test Methodology and Report Inclusion Criteria Product Guidance Recommended Neutral Caution Security Effectiveness DDoS Prevention Enforcement Inline Protection DDoS Attack Categories Volumetric Protocol Application Layered Attacks Performance HTTP Capacity with No Transaction Delays KB HTTP Response Size 40 Connections per Second KB HTTP Response Size 150 Connections per Second KB HTTP Response Size 600 Connections per Second KB HTTP Response Size 2500 Connections per Second KB HTTP Response Size 5000 Connections per Second KB HTTP Response Size 10,000 Connections per Second KB HTTP Response Size 40,000 Connections per Second Application Average Response Time: HTTP Real-World Traffic Real-World Protocol Mix (Data Center Virtualization Hub) Real-World Protocol Mix (Data Center Financial) Real-World Protocol Mix (Data Center Mobile Users and Applications) Real-World Protocol Mix (Data Center Web-Based Applications and Services) Real-World Protocol Mix (Data Center Internet Service Provider (ISP) Mix) Stability and Reliability Mitigating Under Extended Attack Passing Legitimate Traffic Under Extended Attack Protocol Fuzzing and Mutation Protocol Fuzzing and Mutation Detection Ports

3 5.4 Power Fail Persistence of Data Total Cost of Ownership and Value Appendix A: Test Environment Appendix B: Change Log Contact Information

4 1 Introduction 1.1 The Need for Distributed Denial-of-Service Prevention Over the past decade, the threat landscape has changed as more enterprises and large organizations have moved their mission-critical services online. Competing in global markets driven by just-in-time demand, these enterprises rely on continuous uptime to perform business transactions on a 24/7/365 model. This shift in the business model has, however, engendered a new breed of cyberattacks designed to limit access to these resources. Although distributed denial-of-service (DDoS) attacks are not new, they are more effective today than ever before. The relative ease with which DDoS attacks can be launched, the diverse methods by which such attacks can be executed, and the amount of damage that can be caused by a single attack make DDoS attacks a challenge to defend against. Such attacks have proved an effective way to wreak havoc, causing high-profile outages and interruptions to transaction processing. They can be motivated by a wide range of factors, and taking down websites or blocking transactions remain effective ways to make statements or cause visible and potentially far-reaching business disruptions. As enterprises look to defend against DDoS attacks, they are turning to DDoS prevention solutions, which offer protection against the different categories of DDoS attacks, and which can take the form of on-premises devices or managed services. Many vendors have entered the DDoS prevention market in recent years, and their solutions should be evaluated carefully. 1.2 About This Test Methodology and Report NSS Labs test reports are designed to address the challenges faced by IT professionals in selecting and managing security products. The scope of this particular report includes: Security effectiveness Performance Stability and reliability Management and configuration Total cost of ownership (TCO) In order to prevent downtime to mission-critical systems, DDoS prevention solutions must be able to be deployed without impacting legitimate user access. These solutions should improve the security stance of an enterprise by limiting potential threats attackers may use. Also, these solutions must function properly without requiring network infrastructure or network security redesign when being added to existing security architecture. The following capabilities are considered essential as part of a DDoS prevention solution: Detect and mitigate all categories of DDoS attacks Resistant to known evasion techniques Provide reasonable legitimate access to protected resources while under DDoS attack Be highly resilient and stable 4

5 1.3 Inclusion Criteria In order to encourage the greatest participation, and allay any potential concerns of bias, NSS invites all leading DDoS prevention vendors to submit their products at no cost. Vendors with major market share, as well as challengers with new technology, will be included. DDoS prevention solutions should be implemented as in-line devices (whether routing or transparent). Solutions should be supplied with the appropriate number of physical interfaces capable of achieving the required level of connectivity and performance (i.e., a minimum of one port pair per Gigabit of throughput or one port pair per 10 Gbps of throughput). Solutions are subject to a minimum of one port pair per Gigabit of throughput. Thus, an 8 Gbps device with only four port pairs will be limited to 4 Gbps. The minimum number of port pairs will be connected to support the claimed maximum bandwidth of the solution being tested (thus an 8 Gbps system under test (SUT) with ten port pairs will have eight 1Gbps connections tested). 5

6 2 Product Guidance NSS Labs issues summary product guidance based on evaluation criteria that are important to information security professionals. Key evaluation criteria are as follows: Security effectiveness Resistance to evasion Stability Performance Management Value Products are listed in rank order according to their guidance rating. 2.1 Recommended A Recommended rating from NSS indicates that a product has performed well and deserves strong consideration. Only the top technical products earn a Recommended rating from NSS regardless of market share, company size, or brand recognition. 2.2 Neutral A Neutral rating from NSS indicates that a product has performed reasonably well and should continue to be used if it is the incumbent within an organization. Products that earn a Neutral rating from NSS deserve consideration during the purchasing process. 2.3 Caution A Caution rating from NSS indicates that a product has performed poorly. Organizations using one of these products should review their security posture and other threat mitigation factors, including possible alternative configurations and replacement. Products that earn a Caution rating from NSS should not be short-listed or renewed. 6

7 3 Security Effectiveness This section verifies that the DDoS prevention solution, or SUT, can detect and mitigate DDoS attacks effectively. NSS analysis is conducted first by testing every category of DDoS attack individually to determine that the SUT can successfully detect and mitigate the attack. Once a baseline of security effectiveness is determined, NSS builds upon this baseline by combining multiple DDoS attacks from different categories in an attempt to overwhelm the SUT and allow attack leakage to occur. At each point during testing, NSS validates that legitimate traffic is still allowed and is not inadvertently mitigated by the SUT. 3.1 DDoS Prevention Enforcement There are two primary approaches that DDoS prevention solutions use to provide mitigation of attacks: in-line protection and out-of-band signaling. This methodology will focus on in-line enterprise systems. Regardless of the approach, the DDoS solution must detect and mitigate the attack or attacks launched against a protected environment. For each attack tested, success will be measured by performance and availability of the protected application along with the efficacy of the mitigation Inline Protection Inline DDoS prevention solutions adopt the traditional network security device posture of mitigating, or dropping, malicious traffic inline, and as such, typically consist of a single appliance (or multiple appliances for high availability scenarios). These solutions are often deployed in front of or behind the perimeter security device. These types of DDoS prevention solutions can either be stand-alone appliances, or they can be integrated into other traditional security products such as intrusion prevention systems (IPS) and next generation firewalls (NGFW). This type of solution generally is deployed in enterprises and small-to-medium data centers; however, it is not limited to these environments, as it can be designed to handle high throughput scenarios. 3.2 DDoS Attack Categories Attackers can target any part of the TCP/IP stack to be successful in their goal of network downtime. As such, NSS engineers test all layers to confirm the SUT can successfully mitigate attacks regardless of where they are located in the stack. DDoS attacks can be broken into three distinct categories. Each category has a unique approach to deny access to the target; however, the goal is the same Volumetric On occasion, the easiest way to prevent access to a target is to consume all of the network bandwidth that the target of the attack has available. This is the goal behind a volumetric DDoS attack. The attacker, through various means, launches an attack designed to cause network congestion between the target and the rest of the Internet. This volume of traffic can be generated through multiple hosts, for example, a botnet, and leaves no available bandwidth for legitimate users of the resource (whether it is an ecommerce website or a financial services group). Volumetric DDoS attacks generally target protocols that are stateless and do not have built-in congestion avoidance. Examples of volumetric DDoS attacks include (but are not limited to): ICMP packet floods (including all ICMP message types) 7

8 Malformed ICMP packet floods UDP packet floods (usually containing no application layer data) Malformed UDP packet floods Spoofed IP packet floods Malformed IP packet floods Protocol Attackers can also prevent access to a target by consuming other types of resources. Protocol DDoS attacks are designed to exhaust resources available on the target or on a specific device between the target and the Internet. The devices can include routers, load balancers, and even some security devices. Once the DDoS attack consumes a resource such as a device s TCP state table, no new connections can be opened because the device is waiting for connections to close or expire. Protocol DDoS attacks need not consume all of the target s available bandwidth to make it inaccessible. Examples of protocol DDoS attacks include (but are not limited to): SYN floods ACK floods RST attacks TCP connection floods Fragmentation attacks TCP window size attacks NTP reflection DNS reflection Application Attackers also attempt to prevent access by exploiting vulnerabilities in the application layer. These vulnerabilities can be within an application layer protocol as well as within the application itself. Attacks on unpatched, vulnerable systems do not require as much bandwidth as either protocol or volumetric DDoS attacks in order to be successful. This style of DDoS attack may require, in some instances, as little as one or two packets to render the target unresponsive. Application DDoS attacks can also consume application layer or application resources by slowly opening up connections and then leaving them open until no new connections can be made. Examples of application DDoS attacks include (but are not limited to): HTTP floods (e.g., various tools such as Low/High Orbit Ion Cannon/Anon Cannon) HTTP resource exhaustion (e.g., Slowloris, slowpost, RUDY) SSL exhaustion attacks (e.g., THC-SSL-DOS) SIP invite floods Layered Attacks These tests attempt to bypass the SUT by layering DDoS attacks from the different categories defined in section 3.2 in an attempt to overwhelm the SUT. While the SUT is successfully mitigating a volumetric DDoS attack, its resources may be exhausted, and an application DDoS attack may bypass the SUT and render the target of the attack inoperable. All layered DDoS attacks will be verified prior to being added to the NSS DDoS attack library. 8

9 4 Performance This section measures the performance of the system using various traffic conditions that provide metrics for realworld performance. Individual implementations will vary based on usage; however, these quantitative metrics provide a gauge as to whether a particular SUT is appropriate for a given environment. The net difference between the baseline (without the SUT) and the measured capacity of the SUT is recorded for each of the following tests. 4.1 HTTP Capacity with No Transaction Delays The aim of these tests is to stress the HTTP detection engine and determine how the SUT copes with network loads of varying average packet size and varying connections per second. By creating genuine session-based traffic with varying session lengths, the SUT is forced to track valid TCP sessions, thus resulting in a higher workload than for simple packet-based background traffic. This provides a test environment that is as close to real world as it is possible to achieve in a lab environment, while ensuring absolute accuracy and repeatability. Each transaction consists of a single HTTP GET request, and there are no transaction delays (i.e., the web server responds immediately to all requests). All packets contain valid payload (a mix of binary and ASCII objects) and address data, and this test provides an excellent representation of a live network (albeit one biased towards HTTP traffic) at various network loads. 9

10 KB HTTP Response Size 40 Connections per Second Maximum 40 new connections per second per Gigabit of traffic with a 2,880 KB HTTP response. With low connection rates and large packet sizes, all SUTs should be capable of performing well throughout this test KB HTTP Response Size 150 Connections per Second Maximum 150 new connections per second per Gigabit of traffic with a 768 KB HTTP response size. With low connection rates and large packet sizes, all SUTs should be capable of performing well throughout this test KB HTTP Response Size 600 Connections per Second Maximum 600 new connections per second per Gigabit of traffic with a 192 KB HTTP response. With medium packet sizes and increased connection rates, this represents an average production network KB HTTP Response Size 2500 Connections per Second Maximum 2,500 new connections per second per Gigabit of traffic with a 44 KB HTTP response size. With decreased packet sizes and increased connection rates, this may also represent an average production network KB HTTP Response Size 5000 Connections per Second Maximum 5,000 new connections per second per Gigabit of traffic with a 21 KB HTTP response size KB HTTP Response Size 10,000 Connections per Second Maximum 10,000 new connections per second per Gigabit of traffic with a 10 KB HTTP response. With small packet sizes and high connection rates, this is an strenuous test for any SUT KB HTTP Response Size 40,000 Connections per Second Maximum 40,000 new connections per second per Gigabit of traffic with a 1.7 KB HTTP response size. With very small packet sizes and extremely high connection rates, this is an extreme test for any SUT 4.2 Application Average Response Time: HTTP Test traffic is passed across the infrastructure switches and through all port pairs of the SUT simultaneously (the latency of the basic infrastructure is known and is constant throughout the tests). The results are recorded at each HTTP response size (2880 KB, 768 KB, 192 KB, 44 KB, 21 KB, 10 KB, and 1.7 KB) and at 90% of the maximum throughput with zero packet loss, as previously determined in section Real-World Traffic Where previous sections provide a pure HTTP environment with varying connection rates and average packet sizes, the aim of this test is to emulate a real-world environment by introducing additional protocols and real content while still maintaining a precisely repeatable and consistent background traffic load. The result is a background traffic load that is closer to what may be found on a heavily-utilized normal production network Real-World Protocol Mix (Data Center Virtualization Hub) Traffic is generated across the SUT comprising a protocol mix typical of that seen in a large data center, focusing on virtualization traffic (e.g., VMotion, Hyper-V migration). 10

11 4.3.2 Real-World Protocol Mix (Data Center Financial) Traffic is generated across the SUT comprising a protocol mix typical of that seen in a large financial institution data center Real-World Protocol Mix (Data Center Mobile Users and Applications) Traffic is generated across the SUT comprising a protocol mix typical of that seen in a large mobile carrier Real-World Protocol Mix (Data Center Web-Based Applications and Services) Traffic is generated across the SUT comprising a protocol mix typical of that seen in a web hosting data center Real-World Protocol Mix (Data Center Internet Service Provider (ISP) Mix) Traffic is generated across the SUT comprising a protocol mix typical of that seen in a typical ISP installation, covering all types of traffic. 11

12 5 Stability and Reliability Long-term stability is particularly important for an in-line device, where failure can produce network outages. These tests verify the stability of the SUT along with its ability to maintain security effectiveness while under normal load and while passing malicious traffic. Products that are not able to sustain legitimate traffic (or that crash) while under hostile attack will not pass. The system is expected to remain operational and stable throughout this test, and to mitigate recognizable violations, raising an alert for each. 5.1 Mitigating Under Extended Attack The SUT is exposed to a constant stream of DDoS attacks over an extended period of time. The SUT is configured to mitigate and alert, and thus this section provides an indication of the effectiveness of both the mitigating and alert handling mechanisms. A continuous stream of DDoS attacks is mixed with legitimate traffic and transmitted through the SUT for a minimum of 8 hours. This is not intended as a stress test in terms of traffic load (covered in the previous section) but is merely a reliability test in terms of consistency of mitigating performance. The system is expected to remain operational and stable throughout this test, and to mitigate recognizable violations, raising an alert for each. If any DDoS attacks are allowed to pass through the SUT caused by either the volume of traffic or by the SUT failing open for any reason service impact will be rated as a percentage. 5.2 Passing Legitimate Traffic Under Extended Attack This test is identical to section 5.1, where the external interface of the SUT is exposed to a constant stream of DDoS attacks over an extended period of time. The SUT is expected to remain operational and stable throughout this test, and to pass all legitimate traffic. If any amount of legitimate traffic is mitigated during this test caused by either the volume of traffic or by the SUT failing for any reason service impact will be rated as a percentage. 5.3 Protocol Fuzzing and Mutation This test stresses the protocol stacks of the SUT by exposing it to traffic from various protocol randomizer and mutation tools. Several of the tools in this category are based on the ISIC test suite and other well-known test tools/suites. Traffic load is a maximum of 350 Mbps and 60,000 packets per second (average packet size is 690 bytes). Results are presented as a simple PASS/FAIL the device is expected to remain operational and capable of detecting and mitigating attacks throughout the test Protocol Fuzzing and Mutation Detection Ports The SUT is exposed to protocol fuzzing and mutation traffic across its inspection ports. 12

13 5.4 Power Fail Power to the SUT is cut whilst passing a mixture of legitimate and disallowed traffic. The system is expected to maintain connectivity for application availability and should be configured to fail open. 5.5 Persistence of Data The SUT should retain all configuration data, policy data, and locally logged data once restored to operation following power failure. 13

14 6 Total Cost of Ownership and Value Implementation of security solutions can be complex, with several factors affecting the overall cost of deployment, maintenance, and upkeep. All of these should be considered over the course of the useful life of the solution. Product purchase the cost of acquisition Product maintenance the fees paid to the vendor (including software and hardware support, maintenance, and updates) Installation the time required to take the device out of the box, configure it, deploy it in the network, apply updates and patches, perform initial tuning, and set up desired logging and reporting Upkeep the time required to apply periodic updates and patches from vendors, including hardware, software, and firmware updates 14

15 Appendix A: Test Environment The aim of this methodology is to provide a thorough test of all of the main components of the SUT in a controlled and repeatable manner and in the most real-world environment that can be emulated in a test lab. The Test Environment The NSS test network is a multi-gigabit infrastructure that can accommodate Gigabit (copper or fiber), and 10 Gigabit fiber SFP+ interfaces. The SUT is configured for its use-case deployment (see section 3.1). Figure 1 In-Line Prevention Test equipment, such as the hosts generating DDoS attack traffic and other traffic generation tools, is connected to the external network to transmit emulated traffic. Test equipment, such as the vulnerable targets susceptible to attack or exploitation and test generation equipment emulating hosted services, is connected to the internal network. The SUT, depending on its deployment scenario (see section 3.1), is connected in line via an aggregation switch. All normal network traffic, background load traffic, and DDoS attack traffic is transmitted through the environment containing the SUT, from external to internal (responses will flow in the opposite direction). The management interface is used to connect the appliance to the management console on a private subnet. This ensures that the SUT and console can communicate even when the target subnet is subjected to heavy loads, in addition to preventing attacks on the console itself. 15

16 Appendix B: Change Log Version October 2014 Original Document Changes added for review to October 2015 Correction (reinserted 21 KB test in Section 4.1) 16

17 Contact Information NSS Labs, Inc. 206 Wild Basin Rd, Building A, Suite 200 Austin, TX USA This and other related documents available at: To receive a licensed copy or report misuse, please contact NSS Labs NSS Labs, Inc. All rights reserved. No part of this publication may be reproduced, copied/scanned, stored on a retrieval system, ed or otherwise disseminated or transmitted without the express written consent of NSS Labs, Inc. ( us or we ). Please read the disclaimer in this box because it contains important information that binds you. If you do not agree to these conditions, you should not read the rest of this report but should instead return the report immediately to us. You or your means the person who accesses this report and any entity on whose behalf he/she has obtained this report. 1. The information in this report is subject to change by us without notice, and we disclaim any obligation to update it. 2. The information in this report is believed by us to be accurate and reliable at the time of publication, but is not guaranteed. All use of and reliance on this report are at your sole risk. We are not liable or responsible for any damages, losses, or expenses of any nature whatsoever arising from any error or omission in this report. 3. NO WARRANTIES, EXPRESS OR IMPLIED ARE GIVEN BY US. ALL IMPLIED WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT, ARE HEREBY DISCLAIMED AND EXCLUDED BY US. IN NO EVENT SHALL WE BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL, PUNITIVE, EXEMPLARY, OR INDIRECT DAMAGES, OR FOR ANY LOSS OF PROFIT, REVENUE, DATA, COMPUTER PROGRAMS, OR OTHER ASSETS, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. 4. This report does not constitute an endorsement, recommendation, or guarantee of any of the products (hardware or software) tested or the hardware and/or software used in testing the products. The testing does not guarantee that there are no errors or defects in the products or that the products will meet your expectations, requirements, needs, or specifications, or that they will operate without interruption. 5. This report does not imply any endorsement, sponsorship, affiliation, or verification by or with any organizations mentioned in this report. 6. All trademarks, service marks, and trade names used in this report are the trademarks, service marks, and trade names of their respective owners. 17

TEST METHODOLOGY. SSL/TLS Performance. v1.0

TEST METHODOLOGY. SSL/TLS Performance. v1.0 TEST METHODOLOGY SSL/TLS Performance v1.0 Table of Contents 1 Introduction... 3 1.1 The Need for SSL/TLS Performance Testing... 3 1.2 About This Test Methodology... 3 1.3 Inclusion Criteria... 3 2 SSL/TLS

More information

TEST METHODOLOGY. Distributed Denial- of- Service (DDoS) Prevention. v1.0

TEST METHODOLOGY. Distributed Denial- of- Service (DDoS) Prevention. v1.0 TEST METHODOLOGY Distributed Denial- of- Service (DDoS) Prevention v1.0 Table of Contents 1 Introduction... 5 1.1 The Need for Distributed Denial- of- Service Prevention... 5 1.2 About This Test Methodology

More information

TEST METHODOLOGY. Data Center Firewall. v2.0

TEST METHODOLOGY. Data Center Firewall. v2.0 TEST METHODOLOGY Data Center Firewall v2.0 Table of Contents 1 Introduction... 4 1.1 The Need for Firewalls in the Data Center... 4 1.2 About This Test Methodology and Report... 4 1.3 Inclusion Criteria...

More information

Why Is DDoS Prevention a Challenge?

Why Is DDoS Prevention a Challenge? ANALYST BRIEF Why Is DDoS Prevention a Challenge? PROTECTING AGAINST DISTRIBUTED DENIAL-OF-SERVICE ATTACKS Authors Andrew Braunberg, Mike Spanbauer Overview Over the past decade, the threat landscape has

More information

TEST METHODOLOGY. Hypervisors For x86 Virtualization. v1.0

TEST METHODOLOGY. Hypervisors For x86 Virtualization. v1.0 TEST METHODOLOGY Hypervisors For x86 Virtualization v1.0 Table of Contents 1 Introduction... 4 1.1 The Need For Virtualization... 4 1.2 About This Test Methodology And Report... 4 1.3 Inclusion Criteria...

More information

TEST METHODOLOGY. Network Firewall Data Center. v1.0

TEST METHODOLOGY. Network Firewall Data Center. v1.0 TEST METHODOLOGY Network Firewall Data Center v1.0 Table of Contents 1 Introduction... 4 1.1 The Need for Firewalls In The Data Center... 4 1.2 About This Test Methodology and Report... 4 1.3 Inclusion

More information

NETWORK FIREWALL PRODUCT ANALYSIS

NETWORK FIREWALL PRODUCT ANALYSIS NETWORK FIREWALL PRODUCT ANALYSIS Cyberoam CR2500iNG CyberoamOS v10.04 2013 Ryan Liles, Joseph Pearce, Bhaarath Venkateswaran Overview NSS Labs performed an independent test of the Cyberoam CR2500iNG CyberoamOS

More information

WEB APPLICATION FIREWALL PRODUCT ANALYSIS

WEB APPLICATION FIREWALL PRODUCT ANALYSIS WEB APPLICATION FIREWALL PRODUCT ANALYSIS F5 Big-IP ASM 10200 v11.4.0 Authors Ryan Liles, Orlando Barrera Overview NSS Labs performed an independent test of the F5 Big-IP ASM 10200. The product was subjected

More information

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda F800b Check Point 13500 Cisco ASA 5525-X Cisco ASA 5585-X SSP60 Cisco FirePOWER

More information

ENTERPRISE EPP COMPARATIVE REPORT

ENTERPRISE EPP COMPARATIVE REPORT ENTERPRISE EPP COMPARATIVE REPORT Security Stack: Socially Engineered Malware Authors Bhaarath Venkateswaran, Randy Abrams, Thomas Skybakmoen Tested Products Bitdefender Endpoint Security v5.3.15.539 ESET

More information

TEST METHODOLOGY. Web Application Firewall. v6.2

TEST METHODOLOGY. Web Application Firewall. v6.2 TEST METHODOLOGY Web Application Firewall v6.2 Table of Contents 1 Introduction... 4 1.1 The Need for Web Application Firewalls... 4 1.2 About This Test Methodology and Report... 4 1.3 Inclusion Criteria...

More information

WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS

WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda Networks Web Application Firewall 960 Citrix NetScaler AppFirewall MPX 11520 Fortinet

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Security 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Data Center Overview

More information

NETWORK FIREWALL TEST METHODOLOGY 3.0. To receive a licensed copy or report misuse, Please contact NSS Labs at: +1 512-961-5300 or advisor@nsslabs.

NETWORK FIREWALL TEST METHODOLOGY 3.0. To receive a licensed copy or report misuse, Please contact NSS Labs at: +1 512-961-5300 or advisor@nsslabs. NETWORK FIREWALL TEST METHODOLOGY 3.0 To receive a licensed copy or report misuse, Please contact NSS Labs at: +1 512-961-5300 or advisor@nsslabs.com 2011 NSS Labs, Inc. All rights reserved. No part of

More information

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles FIREWALL COMPARATIVE ANALYSIS Performance 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested Products Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL NSA 4500,

More information

NEXT GENERATION FIREWALL COMPARATIVE REPORT

NEXT GENERATION FIREWALL COMPARATIVE REPORT NEXT GENERATION FIREWALL COMPARATIVE REPORT Security Value Map (SVM) Authors Thomas Skybakmoen, Christopher Conrad Tested Products Barracuda Networks F600.E20 v6.1.1-071 Check Point Software Technologies

More information

TEST METHODOLOGY. Secure Web Gateway (SWG) v1.5.1

TEST METHODOLOGY. Secure Web Gateway (SWG) v1.5.1 TEST METHODOLOGY Secure Web Gateway (SWG) v1.5.1 Table of Contents 1 Introduction... 4 1.1 The Need for Secure Web Gateways... 4 1.2 About This Test Methodology... 4 1.3 Inclusion Criteria... 5 1.4 Deployment...

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Security Value Map (SVM) 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Total Cost of Ownership () 2014 Thomas Skybakmoen, Jason Pappalexis Tested s Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview

More information

CYBER ADVANCED WARNING SYSTEM USER GUIDE. Version 2.1

CYBER ADVANCED WARNING SYSTEM USER GUIDE. Version 2.1 CYBER ADVANCED WARNING SYSTEM USER GUIDE Version 2.1 Version 2.1, 11/3/2016 NSS Labs, Inc. 206 Wild Basin Road Building A, Suite 200 Austin, TX 78746 US info@nsslabs.com www.nsslabs.com 2016 NSS Labs,

More information

Market Segment Definitions

Market Segment Definitions Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that

More information

SSL Performance Problems

SSL Performance Problems ANALYST BRIEF SSL Performance Problems SIGNIFICANT SSL PERFORMANCE LOSS LEAVES MUCH ROOM FOR IMPROVEMENT Author John W. Pirc Overview In early 2013, NSS Labs released the results of its Next Generation

More information

ACHILLES CERTIFICATION. SIS Module SLS 1508

ACHILLES CERTIFICATION. SIS Module SLS 1508 ACHILLES CERTIFICATION PUBLIC REPORT Final DeltaV Report SIS Module SLS 1508 Disclaimer Wurldtech Security Inc. retains the right to change information in this report without notice. Wurldtech Security

More information

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles FIREWALL COMPARATIVE ANALYSIS Total Cost of Ownership (TCO) 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested s Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL

More information

Breach Found. Did It Hurt?

Breach Found. Did It Hurt? ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many

More information

TEST METHODOLOGY. Web Application Firewall (WAF) v2.0

TEST METHODOLOGY. Web Application Firewall (WAF) v2.0 TEST METHODOLOGY Web Application Firewall (WAF) v2.0 Contents 1 Introduction... 4 1.1 The Need for Web Application Firewalls... 4 1.2 About This Test Methodology... 4 1.3 Inclusion Criteria... 5 1.4 Deployment...

More information

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT TESTED PRODUCTS: AVG Internet Security Network Edition v8.0 Kaspersky Total Space Security v6.0 McAfee Total Protection for Endpoint Sophos

More information

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security

More information

NEXT GENERATION FIREWALL TEST REPORT

NEXT GENERATION FIREWALL TEST REPORT NEXT GENERATION FIREWALL TEST REPORT Check Point Software Technologies, Ltd. 13800 Next Generation Firewall Appliance vr77.20 Author Timothy Otto Overview NSS Labs performed an independent test of the

More information

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS Security Author Thomas Skybakmoen Tested Products Barracuda F800b Check Point 13500 Cisco ASA 5525-X Cisco ASA 5585-X SSP60 Cisco FirePOWER 8350 Cyberoam CR2500iNG-XP

More information

A Layperson s Guide To DoS Attacks

A Layperson s Guide To DoS Attacks A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4

More information

Achieve Deeper Network Security

Achieve Deeper Network Security Achieve Deeper Network Security Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have taken the world by storm, revolutionizing network security as we once knew it. Yet in order

More information

Bold Move Further Builds Blue Coat Portfolio

Bold Move Further Builds Blue Coat Portfolio ANALYST BRIEF Bold Move Further Builds Blue Coat Portfolio SOLERA ACQUISITION PROVIDES BLUE COAT ABILITY TO LEVERAGE BIG DATA ANALYTICS Author John W. Pirc Overview On May 23, 2013, security vendor Blue

More information

NETWORK FIREWALL PRODUCT ANALYSIS

NETWORK FIREWALL PRODUCT ANALYSIS NETWORK FIREWALL PRODUCT ANALYSIS Fortinet 800c FortiOS v4.3.8 build632 2012 1 Introduction Firewall technology is one of the largest and most mature security markets. Firewalls have undergone several

More information

Imperva Incapsula DDoS Protection

Imperva Incapsula DDoS Protection Imperva Incapsula DDoS Protection DATASHEET Automated Mitigation of the Largest and Smartest DDoS Attacks What You Get Powerful backbone across globally distributed data centers Specialized support of

More information

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial

More information

Siemens PLC Vulnerabilities

Siemens PLC Vulnerabilities ANALYST BRIEF Siemens PLC Vulnerabilities Author Bob Walder Overview Supervisory Control Automation and Data Acquisition (SCADA) systems are cornerstones of modern industrial society. Via the use of Programmable

More information

VALIDATING DDoS THREAT PROTECTION

VALIDATING DDoS THREAT PROTECTION VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to

More information

Mitigating the DoS/DDoS Threat. Why You Need On-Premises Security Solution in Conjunction with Anti-DoS Managed Service - Whitepaper

Mitigating the DoS/DDoS Threat. Why You Need On-Premises Security Solution in Conjunction with Anti-DoS Managed Service - Whitepaper Mitigating the DoS/DDoS Threat Why You Need On-Premises Security Solution in Conjunction with Anti-DoS Managed Service - Whitepaper Table of Contents Abstract...3 DDoS is Growing and Evolving...3 DDoS

More information

ENTERPRISE EPP COMPARATIVE ANALYSIS

ENTERPRISE EPP COMPARATIVE ANALYSIS ENTERPRISE EPP COMPARATIVE ANALYSIS Socially Engineered Malware Randy Abrams, Jayendra Pathak, Ahmed Garhy Tested Products Fortinet Fortigate 100D Management station Forticlient- 5.0.7.333 McAfee VirusScan

More information

Host Anti-Malware Performance COMPARATIVE TEST REPORT

Host Anti-Malware Performance COMPARATIVE TEST REPORT Host Anti-Malware Performance COMPARATIVE TEST REPORT HOST MALWARE PROTECTION METHODOLOGY VERSION: 2 JANUARY 16, 2009 Published by NSS Labs. 2009 NSS Labs CONTACT: 5115 Avenida Encinas Suite H Carlsbad,

More information

Automated Mitigation of the Largest and Smartest DDoS Attacks

Automated Mitigation of the Largest and Smartest DDoS Attacks Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application

More information

The CISO s Guide to the Importance of Testing Security Devices

The CISO s Guide to the Importance of Testing Security Devices ANALYST BRIEF The CISO s Guide to the Importance of Testing Security Devices Author Bob Walder Overview Selecting security products is a complex process that carries significant risks if not executed correctly;

More information

On-Premises DDoS Mitigation for the Enterprise

On-Premises DDoS Mitigation for the Enterprise On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has

More information

Architecture Overview

Architecture Overview Architecture Overview Design Fundamentals The networks discussed in this paper have some common design fundamentals, including segmentation into modules, which enables network traffic to be isolated and

More information

Part 3: Performance Testing

Part 3: Performance Testing ENTERPRISE SECURITY PRODUCT TESTING: BEST PRACTICES Part 3: Performance Testing Author Bob Walder Overview Security vendors marketing claims are often exaggerated and frequently do not reflect real-world

More information

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding? Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against

More information

Lab Testing Summary Report

Lab Testing Summary Report Key findings and conclusions: On the ASA 5515-X and 5525-X, EMIX traffic was better by 99% or more when compared to their counterparts Lab Testing Summary Report July 212 Report SR12514 Product Category:

More information

Acquia Cloud Edge Protect Powered by CloudFlare

Acquia Cloud Edge Protect Powered by CloudFlare Acquia Cloud Edge Protect Powered by CloudFlare Denial-of-service (DoS) Attacks Are on the Rise and Have Evolved into Complex and Overwhelming Security Challenges TECHNICAL GUIDE TABLE OF CONTENTS Introduction....

More information

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..

More information

Fail-Safe IPS Integration with Bypass Technology

Fail-Safe IPS Integration with Bypass Technology Summary Threats that require the installation, redeployment or upgrade of in-line IPS appliances often affect uptime on business critical links. Organizations are demanding solutions that prevent disruptive

More information

Achieve Deeper Network Security and Application Control

Achieve Deeper Network Security and Application Control Achieve Deeper Network Security and Application Control Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have emerged to revolutionize network security as we once knew it. Yet

More information

CloudFlare advanced DDoS protection

CloudFlare advanced DDoS protection CloudFlare advanced DDoS protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com

More information

Denial of Service Attacks, What They are and How to Combat Them

Denial of Service Attacks, What They are and How to Combat Them Denial of Service Attacks, What They are and How to Combat Them John P. Pironti, CISSP Genuity, Inc. Principal Enterprise Solutions Architect Principal Security Consultant Version 1.0 November 12, 2001

More information

Automated Mitigation of the Largest and Smartest DDoS Attacks

Automated Mitigation of the Largest and Smartest DDoS Attacks Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application

More information

NEXT GENERATION FIREWALL PRODUCT ANALYSIS

NEXT GENERATION FIREWALL PRODUCT ANALYSIS NEXT GENERATION FIREWALL PRODUCT ANALYSIS Palo Alto Networks PA- 3020 v6.0.5- h3 Authors Christopher Conrad, Joseph Pearce Overview NSS Labs performed an independent test of the Palo Alto Networks PA-

More information

Baseline IPv6 Performance Testing with IxChariot IxChariot

Baseline IPv6 Performance Testing with IxChariot IxChariot TEST PLAN Baseline IPv6 Performance Testing with IxChariot IxChariot www.ixiacom.com 915-6659-01, 2005 Contents Overview 1 Setup 2 1. Dual Stack IPv4/IPv6 Performance Verification 2 1.1 Objective 2 1.2

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 3, ISSUE 2 2ND QUARTER 2016 CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q2 2016 4 DDoS Attacks Become More Sophisticated

More information

Evolutions in Browser Security

Evolutions in Browser Security ANALYST BRIEF Evolutions in Browser Security TRENDS IN BROWSER SECURITY PERFORMANCE Author Randy Abrams Overview This analyst brief aggregates results from NSS Labs tests conducted between 2009 and 2013

More information

DDoS Protection Technology White Paper

DDoS Protection Technology White Paper DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of

More information

Arbor s Solution for ISP

Arbor s Solution for ISP Arbor s Solution for ISP Recent Attack Cases DDoS is an Exploding & Evolving Trend More Attack Motivations Geopolitical Burma taken offline by DDOS attack Protests Extortion Visa, PayPal, and MasterCard

More information

An Oracle White Paper June 2011. Oracle Database Firewall 5.0 Sizing Best Practices

An Oracle White Paper June 2011. Oracle Database Firewall 5.0 Sizing Best Practices An Oracle White Paper June 2011 Oracle Database Firewall 5.0 Sizing Best Practices Introduction... 1 Component Overview... 1 Database Firewall Deployment Modes... 2 Sizing Hardware Requirements... 2 Database

More information

Cyberoam Multi link Implementation Guide Version 9

Cyberoam Multi link Implementation Guide Version 9 Cyberoam Multi link Implementation Guide Version 9 Document version 96-1.0-12/05/2009 IMPORTANT NOTICE Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing,

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc. TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...

More information

VMware AirWatch VMware AirWatch Deployment Guide

VMware AirWatch VMware AirWatch Deployment Guide VMware AirWatch Deployment Guide VERSION: 1.0 UPDATED: APRIL 2016 Copyright 2002-2016 KEMP Technologies, Inc. All Rights Reserved. 1 Copyright Notices Copyright 2002-2016 KEMP Technologies, Inc.. All rights

More information

JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE

JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE WE ARE NOT FOR EVERYONE JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME Don t let a DDoS attack bring your online business to a halt we can protect any server in any location DON T GET STUCK ON THE ROAD OF

More information

An Old Dog Had Better Learn Some New Tricks

An Old Dog Had Better Learn Some New Tricks ANALYST BRIEF An Old Dog Had Better Learn Some New Tricks PART 2: ANTIVIRUS EVOLUTION AND TECHNOLOGY ADOPTION Author Randy Abrams Overview Endpoint protection (EPP) products are ineffective against many

More information

TOPIC understanding VoIP vulnerabilities

TOPIC understanding VoIP vulnerabilities How Fragile is your VoIP Implementation? For a long time, telecommunications networks and telephony services have been a part of the critical information infrastructure. They have always had high requirements

More information

4 Delivers over 20,000 SSL connections per second (cps), which

4 Delivers over 20,000 SSL connections per second (cps), which April 21 Commissioned by Radware, Ltd Radware AppDirector x8 and x16 Application Switches Performance Evaluation versus F5 Networks BIG-IP 16 and 36 Premise & Introduction Test Highlights 1 Next-generation

More information

NEXT GENERATION FIREWALL PRODUCT ANALYSIS

NEXT GENERATION FIREWALL PRODUCT ANALYSIS NEXT GENERATION FIREWALL PRODUCT ANALYSIS Cisco ASA 5585- X SSP60 v5.3.1 Authors Joseph Pearce, Christopher Conrad Overview NSS Labs performed an independent test of the Cisco ASA 5585- X SSP60 v5.3.1.

More information

TEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0

TEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0 TEST METHODOLOGY Endpoint Protection Evasion and Exploit v4.0 Table of Contents 1 Introduction... 3 1.1 Inclusion Criteria... 3 2 Product Guidance... 5 2.1 Recommended... 5 2.2 Neutral... 5 2.3 Caution...

More information

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency. Optimize your defense, resilience, and efficiency. Table of Contents Need Stronger Network Defense? Network Concerns Security Concerns Cost of Ownership Manageability Application and User Awareness High

More information

NEXT GENERATION INTRUSION PREVENTION SYSTEM (NGIPS) TEST REPORT

NEXT GENERATION INTRUSION PREVENTION SYSTEM (NGIPS) TEST REPORT NEXT GENERATION INTRUSION PREVENTION SYSTEM (NGIPS) TEST REPORT Fortinet FortiGate-1500D FortiOS v5.2.2 build 642 Author Ty Smith Overview NSS Labs performed an independent test of the Fortinet FortiGate-1500D

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin 2008 Course Technology Learning Objectives Describe packets and packet filtering

More information

The Fundamentals of Intrusion Prevention System Testing

The Fundamentals of Intrusion Prevention System Testing The Fundamentals of Intrusion Prevention System Testing New network-based Intrusion Prevention Systems (IPS) complement traditional security products to provide enterprises with unparalleled protection

More information

NETWORK INTRUSION PREVENTION SYSTEM PRODUCT ANALYSIS

NETWORK INTRUSION PREVENTION SYSTEM PRODUCT ANALYSIS NETWORK INTRUSION PREVENTION SYSTEM PRODUCT ANALYSIS McAfee Network Security Platform NS9200 v7.1.5 2013 Ryan Liles, Joseph Pearce Overview NSS Labs performed an independent test of the McAfee NS9200 v7.1.5.

More information

axsguard Gatekeeper Internet Redundancy How To v1.2

axsguard Gatekeeper Internet Redundancy How To v1.2 axsguard Gatekeeper Internet Redundancy How To v1.2 axsguard Gatekeeper Internet Redundancy How To v1.2 Legal Notice VASCO Products VASCO data Security, Inc. and/or VASCO data Security International GmbH

More information

SURE 5 Zone DDoS PROTECTION SERVICE

SURE 5 Zone DDoS PROTECTION SERVICE SURE 5 Zone DDoS PROTECTION SERVICE Sure 5 Zone DDoS Protection ( the Service ) provides a solution to protect our customer s sites against Distributed Denial of Service (DDoS) attacks by analysing incoming

More information

Voice Over IP (VoIP) Denial of Service (DoS)

Voice Over IP (VoIP) Denial of Service (DoS) Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based

More information

TDC s perspective on DDoS threats

TDC s perspective on DDoS threats TDC s perspective on DDoS threats DDoS Dagen Stockholm March 2013 Lars Højberg, Technical Security Manager, TDC TDC in Sweden TDC in the Nordics 9 300 employees (2012) Turnover: 26,1 billion DKK (2012)

More information

COM Port Data Emulator

COM Port Data Emulator COM Port Data Emulator COM Port Data Emulator All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording,

More information

Firewalls and Intrusion Detection

Firewalls and Intrusion Detection Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall

More information

Is Your Browser Putting You at Risk?

Is Your Browser Putting You at Risk? ANALYST BRIEF Is Your Browser Putting You at Risk? PART 2: CLICK FRAUD Authors Francisco Artes, Stefan Frei, Ken Baylor, Jayendra Pathak, Bob Walder Overview The US online advertising market in 2011 was

More information

CMPT 471 Networking II

CMPT 471 Networking II CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access

More information

10 Configuring Packet Filtering and Routing Rules

10 Configuring Packet Filtering and Routing Rules Blind Folio 10:1 10 Configuring Packet Filtering and Routing Rules CERTIFICATION OBJECTIVES 10.01 Understanding Packet Filtering and Routing 10.02 Creating and Managing Packet Filtering 10.03 Configuring

More information

Enterprise Buyer Guide

Enterprise Buyer Guide Enterprise Buyer Guide Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Evaluating usability, performance and efficacy to ensure that IT teams and end users will be happy. Lightweight

More information

DDoS Attack Types: Glossary of Terms

DDoS Attack Types: Glossary of Terms DDoS Attack Types: Glossary of Terms This Distributed Denial of Service (DDoS) attack glossary is intended to provide a high level overview of the various DDoS attack types and typical DDoS attack characteristics.

More information

ICSA Labs Web Application Firewall Certification Testing Report Web Application Firewall - Version 2.1 (Corrected) Radware Inc. AppWall V5.6.4.

ICSA Labs Web Application Firewall Certification Testing Report Web Application Firewall - Version 2.1 (Corrected) Radware Inc. AppWall V5.6.4. ICSA Labs Web Application Firewall Certification Testing Report Radware Inc. V5.6.4.1 May 30, 2013 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.com WAFX RADWAREINC-2013-0530-01

More information

Availability Digest. www.availabilitydigest.com. @availabilitydig. Surviving DNS DDoS Attacks November 2013

Availability Digest. www.availabilitydigest.com. @availabilitydig. Surviving DNS DDoS Attacks November 2013 the Availability Digest @availabilitydig Surviving DNS DDoS Attacks November 2013 DDoS attacks are on the rise. A DDoS attack launches a massive amount of traffic to a website to overwhelm it to the point

More information

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud Deploying and Managing Private Clouds The Essentials Series Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud sponsored by Managing for the Long Term: Keys to

More information

Security Technology White Paper

Security Technology White Paper Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without

More information

Complete Protection against Evolving DDoS Threats

Complete Protection against Evolving DDoS Threats Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion

More information

Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008

Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008 Best Practices Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008 Installation and Configuration Guide 2010 LSI Corporation August 13, 2010

More information

CORPORATE AV / EPP COMPARATIVE ANALYSIS

CORPORATE AV / EPP COMPARATIVE ANALYSIS CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Evasion Defenses 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos,

More information

First Line of Defense to Protect Critical Infrastructure

First Line of Defense to Protect Critical Infrastructure RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B

More information

WHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems

WHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems WHITE PAPER FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems Abstract: Denial of Service (DoS) attacks have been a part of the internet landscape for

More information

Spotlight Management Pack for SCOM

Spotlight Management Pack for SCOM Spotlight Management Pack for SCOM User Guide January 2015 The is used to display data from alarms raised by Spotlight on SQL Server Enterprise in SCOM (System Center Operations Manager). About System

More information