Data Centers Protection from DoS attacks. Trends and solutions. Michael Soukonnik, Radware Ltd Riga. Baltic IT&T
|
|
- Wesley Piers Shepherd
- 8 years ago
- Views:
Transcription
1 Data Centers Protection from DoS attacks. Trends and solutions Michael Soukonnik, Radware Ltd Riga. Baltic IT&T
2 Cybercrime Trends Page 2
3 Types of DoS attacks and classical ways of mitigation DoS attacks Non-legitimate usage Of applications (DDoS) DoS attacking vulnerabilities Abnormal network behavior => Rate limiting Static Signatures (IPS) Slide 3
4 Hackers Change in Motivation Vandalism and publicity Hacktivism Financially motivated Attack Risk CodeRed (Defacing IIS web servers) 2001 Nimda (Installed Trojan) 2001 Blaster (Attacking Microsoft web site) 2003 Slammer (Attacking SQL websites) 2003 Agobot (DoS Botnet) Republican website DoS 2004 Storm (Botnet) 2007 Srizbi (Botnet) Rustock 2007 (Botnet) 2007 Estonia s Web Sites DoS 2007 Kracken (Botnet) 2008 Georgia Web sites DoS 2008 July 2009 Cyber Attacks US & Korea Time Slide Page 4 4
5 Cyber Crime Organizational Chart Criminal Boss Botnet Crimeware Operator Campaign Managers Flooder Spammer Data Theft Extortion Activism Phishing Stock Scams Advertisers Dump Resellers Slide Page 5 5
6 Data Center Security Trends Hackers motivation change From vandalism to financially-motivated Botnets are the main tool against businesses Organized crime manages cybercrime activities, targeting: Extortion of online businesses Financial fraud Emerging network attacks Attacks that misuse applications and services: Non-vulnerability based attacks Uses legitimate application services for malicious activity Each attack session behaves like a legitimate user transaction Cannot be detected through a static signature because the attack does not exploit a vulnerability in the application Examples: DDoS, HTTP page floods, brute force, application vulnerability scanning Slide Page 6 6
7 SPOF Resiliency Single Point Of Failure Res vs. Blend In Excellent Vacuum! P2P Botnets StormConficker D,E (2007) (2009) Turbot NG Botnets Is it possible? PathBot (2004) Karaken (2008) Conficker A,B,C (2008) Trin00 (1999) Early Botnets Agobot (2004) Black Energy 1.7 (2007) Rustock (2006) Twitter Botnet (2008) HTTP Botnets Poor Blending in common traffic Excellent Slide Page 7 7
8 Your IPS is Vulnerable Page 8
9 Zero-Minute Attacks Vulnerability-Based Threat Lifecycle Attack Spread Velocity & Risk Zero-minute Threats Newly discovered vulnerabilities - Signature does not exist. Another approach is required Known Threats Most accurate protection & reporting technology Old Attacks Threat Retired attacks which are removed from default signature profiles due to performance considerations Another approach is required Exposure period Signature Detection Technology Exposure period days 6-12 Months 2-4 Years Time Attack outbreak Vendor fix Very low and steady spread (*) Random Constant Spread (RCS) Model Slide Page 9 9
10 IPS Standard Feature Set Signature Detection Protects against known Application vulnerabilities Examples: Worms, Trojans, mail & web vulnerabilities, VoIP, etc. Periodic Signature Updates Against newly discovered vulnerabilities Internet Access Router IPS Firewall L2/L3 Switch Web Servers In-line Operation Overload Mechanism Against high load conditions Slide Page 10 10
11 Bot-enabled Attack Scenario Typical DDoS Flood Attack Scenario BOT Command Command & Control DoS Bot (Infected host) Attack Characteristics: High Packets-Per-Second (PPS) rate High Connections-Per-Second (CPS) rate Small packets DoS Bot (Infected host) Internet Attacker Public Server DoS Bot (Infected host) DoS Bot (Infected host) Legitimate User Slide Page 11 11
12 Why Your IPS is Vulnerable DDoS Traffic Max PPS Capacity [PPS] CPU CPU 10%-50% 100% Access Router Network Security IPS Device Firewall L2/L3 Switch Web Servers Your IPS is Vulnerable Any Botnet can paralyze your network protections! Max throughput capacity [Gbps] Slide Page 12 12
13 IPS Vulnerability Threat: Blocking Users IPS overload condition: Device DROPS packets randomly Increased latency Sessions blocked CPU 100% Access Router Network Security IPS Device Firewall L2/L3 Switch Web Servers Your IPS Blocks Users Slide Page 13 13
14 IPS Vulnerability Threats: No Network Protection I was told that the IPS overload mechanism will resolve cases of high volume traffic But now I understand it simply allows the flux in Data Center manager, SafeHosting.com Ltd. CPU CPU 10%-50% 100% Intrusion Access Router Network Security IPS Device Firewall L2/L3 Switch DDoS Server Cracking Web Servers IPS overload condition: Device falls into L2 BYPASS mode All traffic forwarded! Signature engine bypassed No network protection! Attacks evade into your network without inspection Slide Page 14 14
15 IPS Vulnerability Threat: Summary DDoS attacks threatens the on-line industry: ecommerce Government Critical infrastructure Existing IPS vendors force you to make compromises that are not acceptable When your network is under attack you need to choose between: Block legitimate users Dismantle your network protections Slide Page 15 15
16 Product Announcement APSolute Immunity with Booster Shot Page 16
17 Radware: The Smart Choice APSolute Immunity with Booster Shot Eliminate the compromises the IPS industry forces you to make when your network is under attack Slide Page 17 17
18 Introducing Radware DefensePro Radware DefensePro is a real-time Intrusion Prevention System (IPS) and DoS protection device that protects your application infrastructure against known attacks and emerging zero-minute and non-vulnerability network attacks that cannot be detected by static signature IPS using behavioral based real-time signatures Slide Page 18 18
19 DefensePro APSolute Immunity Client Behavioral Analysis Server Behavioral Analysis Network Behavioral Analysis APSolute Immunity Engine Vulnerability Research Center Automatic Real-time Signatures Static Signatures Protocol Anomaly & Rate Limit Protocol Anomaly & Rate Limit Real-time signature Within 18 sec! Slide Page 19 19
20 Next Generation DefensePro: IPS+DoS Architecture Standard IPS Solution ASIC-Based DoS Mitigator Engines Real-time signature injection APSolute Immunity with Booster Shot Real-time Signatures Engine (Multi CPU Cores) Real-time signature Static Signature Engine (DPI) APSolute Immunity booster: Prevent high volume attacks Up to 10 Million PPS of attack DefensePro On-Demand Switch 3: APSolute Immunity Up to 12Gbps of network Engines traffic inspection 4,000,000 concurrent sessions Latency < 100 micro seconds Slide Page 20 20
21 The Secret Sauce How The Engine Works Inbound Traffic Public Network Inputs - Network - Servers - Clients Real-Time Signature Behavioral Analysis Inspection Module Closed Feedback Abnormal Activity Detection Outbound Traffic Enterprise Network Real-Time Signature Generation Optimize Signature Remove when attack is over Slide Page 21 21
22 Standard Security Tools: HTTP Flood Example BOT Command Attacker Case: HTTP Page Flood Attack IRC Server Static Signatures HTTP Bot Approach (Infected host) - No solution for low-volume attacks as requests are legitimate - Connection limit against high volume attacks Agnostic to the attacked page Blocks legitimate traffic High false-positives HTTP Bot (Infected host) Internet Misuse of Service Resources HTTP Bot (Infected host) Public Web Servers HTTP Bot (Infected host) Slide Page 22 22
23 Real-Time Signatures: Accurate Mitigation Case: HTTP Page Flood Attack Behavioral Pattern Detection (1) IRC Server Based on probability HTTP Bot analysis identify which web page (Infected host) (or pages) has higher than normal hits BOT Command Real Time Signature: Block abnormal users access to the specific page(s) under attack Attacker HTTP Bot (Infected host) Behavioral Pattern Detection (2) Identify abnormal user activity For example: HTTP Bot (Infected host) HTTP Bot (Infected host) Internet - Normal users download few pages per connection - Abnormal users download many pages per connection Misuse of Service Resources Public Web Servers Slide Page 23 23
24 Real-Time Signatures: Resistance to False Positive Legitimate User Case: Flash Crowd Access Behavioral Pattern Detection (1) Based on probability analysis identify which web page (or pages) has higher than normal hits APSolute Immunity: Alert on abnormal Web hits No real time signature is generated No Legitimate user will Userbe blocked! Internet Behavioral Pattern Detection (2) No detection of abnormal user activity Legitimate User Public Web Servers Legitimate User Page 24 Slide 24
25 Thank You
DefensePro Whitepaper Fighting Cybercrime: Rethinking Application Security By Ron Meyran
DefensePro Whitepaper Fighting Cybercrime: Rethinking Application Security By Ron Meyran Table of Contents Introduction...3 The Changing Threat Landscape...3 Organized Crime...3 Botnets The Rise Of The
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationSmart Network. Smart Business. APSolute Immunity with DefensePro Brochure
Smart Network. Smart Business. APSolute Immunity with DefensePro Brochure APSolute Immunity: Your Business Clear Choice for Proactive Network Security The Changing Threats Landscape: Non-Vulnerability
More informationRadware s Attack Mitigation Solution On-line Business Protection
Radware s Attack Mitigation Solution On-line Business Protection Table of Contents Attack Mitigation Layers of Defense... 3 Network-Based DDoS Protections... 3 Application Based DoS/DDoS Protection...
More informationProtection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd michaels@radware.com
Protection against DDoS and WEB attacks Michael Soukonnik Radware Ltd michaels@radware.com Landscape Ponemon Research 2012: Cyber security threats Cyber security threats according to risk mitigation priority
More informationProtecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper
Protecting DNS Critical Infrastructure Solution Overview Radware Attack Mitigation System (AMS) - Whitepaper Table of Contents Introduction...3 DNS DDoS Attacks are Growing and Evolving...3 Challenges
More informationIntroducing Radware Attack Mitigation System. Presenter: Werner Thalmeier September 2013
Introducing Radware Attack Mitigation System Presenter: Werner Thalmeier September 2013 Agenda Introducing Radware (quick) Current Attacks Landscape Quick Outlook on Radware Attack Mitigation System (AMS)
More informationSHARE THIS WHITEPAPER
Denial-of-Service (DoS) Secured Virtual Tenant Networks (VTN) Value-added DoS protection as a service for Software Defined Network (SDN) a solution paper by Radware & NEC Corporation of America Whitepaper
More informationAgenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
More informationWhite paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.
TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...
More informationApplication Security Backgrounder
Essential Intrusion Prevention System (IPS) & DoS Protection Knowledge for IT Managers October 2006 North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel: (888) 234-5763 International
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationBOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL
BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious
More informationRadware Solutions for NGDC
Radware Solutions for NGDC Ofir Hatsor, June 2011 Main Drivers for NGDC Eliminate Costs of Downtime Improve Customer Experience & Employee Productivity Cut Application Infrastructure Cost by 20-50% Enhance
More informationCheck Point DDoS Protector
Check Point DDoS Protector June 2012 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. Cybercrime
More informationRadware s Behavioral Server Cracking Protection
Radware s Behavioral Server Cracking Protection A DefensePro Whitepaper By Renaud Bidou Senior Security Specialist,Radware October 2007 www.radware.com Page - 2 - Table of Contents Abstract...3 Information
More informationPromoting Network Security (A Service Provider Perspective)
Promoting Network Security (A Service Provider Perspective) Prevention is the Foundation H S Gupta DGM (Technical) Data Networks, BSNL hsgupta@bsnl.co.in DNW, BSNL 1 Agenda Importance of Network Security
More informationWhite Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation
White Paper Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation Table of Contents Introduction... 3 Common DDoS Mitigation Measures...
More informationEvolution of attacks and Intrusion Detection
Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed
More informationERT Attack Report. Attacks on Large US Bank During Operation Ababil. March 2013
Attacks on Large US Bank During Operation Ababil March 2013 Table of Contents Executive Summary... 3 Background: Operation Ababil... 3 Servers Enlisted to Launch the Attack... 3 Attack Vectors... 4 Variations
More informationAttack Mitigation Solution. Technology Overview - Whitepaper
Attack Mitigation Solution Technology Overview - Whitepaper Table of Contents Introduction...3 Market History...3 Recent Attack Trends...3 Technological Requirements of the Marketplace...4 Network-Based
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationSHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper
SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4
More informationWorkshop on Infrastructure Security and Operational Challenges of Service Provider Networks
Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Farnam Jahanian University of Michigan and Arbor Networks IFIP Working Group 10.4 June 29-30, 2006 What s the
More informationCurrent Threat Scenario and Recent Attack Trends
Current Threat Scenario and Recent Attack Trends Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In) Objectives Current Cyber space Nature of cyberspace and associated risks
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationWEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World
Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your
More informationDetecting peer-to-peer botnets
Detecting peer-to-peer botnets Reinier Schoof & Ralph Koning System and Network Engineering University of Amsterdam mail: reinier.schoof@os3.nl, ralph.koning@os3.nl February 4, 2007 1 Introduction Spam,
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationDDoS Attacks & Mitigation
DDoS Attacks & Mitigation Sang Young Security Consultant ws.young@stshk.com 1 DoS Attack DoS & DDoS an attack render a target unusable by legitimate users DDoS Attack launch the DoS attacks from various
More informationSHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper
SHARE THIS WHITEPAPER On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper Table of Contents Overview... 3 Current Attacks Landscape: DDoS is Becoming Mainstream... 3 Attackers Launch
More informationSpyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
More informationSECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning
SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor
More informationTDC s perspective on DDoS threats
TDC s perspective on DDoS threats DDoS Dagen Stockholm March 2013 Lars Højberg, Technical Security Manager, TDC TDC in Sweden TDC in the Nordics 9 300 employees (2012) Turnover: 26,1 billion DKK (2012)
More informationAttacks from the Inside
Attacks from the Inside Eddy Willems, G Data Righard J. Zwienenberg, Norman Attacks from the Inside. Agenda - Social Networking / Engineering - Where are the threats coming from - Infection vectors - The
More informationProtecting against DoS Attacks
Protecting against DoS Attacks Glen Salomon Regional Account Manager 1 The need for DoS Protection 2 DDoS Attacks DDoS attacks were the second-most expensive cyber crime in 03/ 04 (CSI/FBI 2004 Computer
More informationOn-Premises DDoS Mitigation for the Enterprise
On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationOtas%serumquis%es%explibu%sanimet%et%aut%omnisse Otas%serumquis%es%explibu%sanimet%et%aut%omnisse%nimpore%rendae% nonecerum% NUCLEUS BVBA MATTIAS GENIAR SENIOR SYSTEM ENGINEER dolorem.% MATTIAS@NUCLEUS.BE
More information[Restricted] ONLY for designated groups and individuals. 2014 Check Point Software Technologies Ltd.
[Restricted] ONLY for designated groups and individuals Contents 1 2 3 4 Industry Trends DDoS Attack Types Solutions to DDoS Attacks Summary 2 Cybercrime Landscape DNS Hijacking Malware 3% 3% Targeted
More informationSecurity workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013
Security workshop Belnet Aris Adamantiadis Brussels 18 th April 2013 Agenda What is a botnet? Symptoms How does it work? Life cycle How to fight against botnets? Proactive and reactive NIDS 2 What is a
More informationCountry Case Study on Incident Management Capabilities CERT-TCC, Tunisia
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework
More informationEnabling PCI Compliance with Radware APSolute Solutions Solution Paper
Enabling PCI Compliance with Radware APSolute Solutions Solution Paper Table of Contents PCI Compliance Overview...3 Introduction...3 The Importance of PCI DSS...3 PCI DSS Requirements...4 Enabling PCI
More informationDenial of Service Attacks and Resilient Overlay Networks
Denial of Service Attacks and Resilient Overlay Networks Angelos D. Keromytis Network Security Lab Computer Science Department, Columbia University Motivation: Network Service Availability Motivation:
More informationDescription: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
More informationProtecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall
Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall A FORTINET WHITE PAPER www.fortinet.com Introduction Denial of Service attacks are rapidly becoming a popular attack vector used
More informationNetwork Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000
Network Security Protective and Dependable With the growth of the Internet threats, network security becomes the fundamental concerns of family network and enterprise network. To enhance your business
More informationwww.prolexic.com Stop DDoS Attacks in Minutes
www.prolexic.com Stop DDoS Attacks in Minutes Prolexic gives us the strong insurance policy against DDoS attacks that we were looking for. Mark Johnson, Chief Financial Officer, RealVision You ve seen
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationContemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited
Contemporary Web Application Attacks Ivan Pang Senior Consultant Edvance Limited Agenda How Web Application Attack impact to your business? What are the common attacks? What is Web Application Firewall
More informationFortiDDos Size isn t everything
FortiDDos Size isn t everything Martijn Duijm Director Sales Engineering April - 2015 Copyright Fortinet Inc. All rights reserved. Agenda 1. DDoS In The News 2. Drawing the Demarcation Line - Does One
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationThe Critical Importance of Three Dimensional Protection (3DP) in an Intrusion Prevention System
The Critical Importance of Three Dimensional Protection (3DP) in an Intrusion Prevention System Top Layer Networks, Inc. Enterprises without a sound intrusion prevention strategy across the three threat
More informationWhy a Network-based Security Solution is Better than Using Point Solutions Architectures
Why a Network-based Security Solution is Better than Using Point Solutions Architectures In This Paper Many threats today rely on newly discovered vulnerabilities or exploits CPE-based solutions alone
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More informationWeb Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
More informationDebunking Myths About DDoS Attacks: Radware 2011 Global Security Report.
Debunking Myths About DDoS Attacks: Radware 2011 Global Security Report. Mick Stephens, General Manager - Australia & New Zealand, Radware Ltd. March 2012 AGENDA About 2011 Global Security Report Key Findings:
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationMulti-Layered VoIP Security. A DefensePro White Paper - Avi Chesla, VP Security
Multi-Layered VoIP Security A DefensePro White Paper - Avi Chesla, VP Security Table of Content Abstract...3 What is VoIP...3 VoIP Protocols...4 VoIP Architecture...4 The VoIP Market & Standards...6 The
More informationWhy Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation www.lumeta.
Why Leaks Matter Leak Detection and Mitigation as a Critical Element of Network Assurance A publication of Lumeta Corporation www.lumeta.com Table of Contents Executive Summary Defining a Leak How Leaks
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More information1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?
Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationStop DDoS Attacks in Minutes
PREVENTIA Forward Thinking Security Solutions Stop DDoS Attacks in Minutes 1 On average there are more than 7,000 DDoS attacks observed daily. You ve seen the headlines. Distributed Denial of Service (DDoS)
More informationThe Evolution of Computer Security Attacks and Defenses. Angelos D. Keromytis Columbia University angelos@cs.columbia.edu
The Evolution of Computer Security Attacks and Defenses Angelos D. Keromytis Columbia University angelos@cs.columbia.edu This talk A look at the evolution of: nature of attackers and their goals cyber
More informationWEB APPLICATION FIREWALLS: DO WE NEED THEM?
DISTRIBUTING EMERGING TECHNOLOGIES, REGION-WIDE WEB APPLICATION FIREWALLS: DO WE NEED THEM? SHAIKH SURMED Sr. Solutions Engineer info@fvc.com www.fvc.com HAVE YOU BEEN HACKED????? WHAT IS THE PROBLEM?
More informationMcAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier
Application Note TrustedSource in McAfee Firewall Enterprise McAfee version 8.1.0 and earlier Firewall Enterprise This document uses a question and answer format to explain the TrustedSource reputation
More informationSecurity Solutions for the New Threads
Security Solutions for the New Threads We see things others can t Pablo Grande Sales Director, SOLA pgrande@arbor.net What a CISO Is Looking For Show Progress on Response Time Measurably improve our incident
More informationDDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest
DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service
More informationREAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity
More informationDetecting P2P-Controlled Bots on the Host
Detecting P2P-Controlled Bots on the Host Antti Nummipuro Helsinki University of Technology anummipu # cc.hut.fi Abstract Storm Worm is a trojan that uses a Peer-to-Peer (P2P) protocol as a command and
More information4 Delivers over 20,000 SSL connections per second (cps), which
April 21 Commissioned by Radware, Ltd Radware AppDirector x8 and x16 Application Switches Performance Evaluation versus F5 Networks BIG-IP 16 and 36 Premise & Introduction Test Highlights 1 Next-generation
More informationINCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS
WHITE PAPER INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS Network administrators and security teams can gain valuable insight into network health in real-time by
More informationIBM Protocol Analysis Module
IBM Protocol Analysis Module The protection engine inside the IBM Security Intrusion Prevention System technologies. Highlights Stops threats before they impact your network and the assets on your network
More informationWhitePaper. Mitigation and Detection with FortiDDoS Fortinet. Introduction
WhitePaper DDoS Attack Mitigation Technologies Demystified The evolution of protections: From inclusion on border devices to dedicated hardware+behavior-based detection. Introduction Distributed Denial
More informationPART D NETWORK SERVICES
CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC
More informationArrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015
Arrow ECS University 2015 Radware Hybrid Cloud WAF Service 9 Ottobre 2015 Get to Know Radware 2 Our Track Record Company Growth Over 10,000 Customers USD Millions 200.00 150.00 32% 144.1 16% 167.0 15%
More informationThe HoneyNet Project Scan Of The Month Scan 27
The HoneyNet Project Scan Of The Month Scan 27 23 rd April 2003 Shomiron Das Gupta shomiron@lycos.co.uk 1.0 Scope This month's challenge is a Windows challenge suitable for both beginning and intermediate
More informationCSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks
CSE 3482 Introduction to Computer Security Denial of Service (DoS) Attacks Instructor: N. Vlajic, Winter 2015 Learning Objectives Upon completion of this material, you should be able to: Explain the basic
More informationIs Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems. Presenter: Matt Harkrider. Founder, Alert Logic
Is Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems Presenter: Matt Harkrider Founder, Alert Logic Who We Are: Corporate Fact Sheet Founded: 2002 Sample Customers: HQ: Houston,
More informationArbor s Solution for ISP
Arbor s Solution for ISP Recent Attack Cases DDoS is an Exploding & Evolving Trend More Attack Motivations Geopolitical Burma taken offline by DDOS attack Protests Extortion Visa, PayPal, and MasterCard
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationGlobal Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team
Global Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team The Internet is in the midst of a global network pandemic. Millions of computers
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationTowards End-to-End Security
Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationNEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT
Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationA Critical Investigation of Botnet
Global Journal of Computer Science and Technology Network, Web & Security Volume 13 Issue 9 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationExecutive Suite Series A Prolexic White Paper
A Prolexic White Paper DDoS Denial of Service Protection and the Cloud Introduction Cloud computing ( the cloud ) has transformed the way that the world s businesses deploy and share applications and IT
More informationCyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in
Cyber Security & Role of CERT-In Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in Web Evolution Web Sites (WWW) 1993 Web Invented and implemented 130 Nos. web sites 1994 2738 Nos.
More informationDDoS Attacks Can Take Down Your Online Services
DDoS Attacks Can Take Down Your Online Services Dr. Bill Highleyman Managing Editor, Availability Digest Continuity Insights New York 2014 October 8, 2014 editor@availabilitydigest.com Who Am I? Dr. Bill
More informationSymantec Advanced Threat Protection: Network
Symantec Advanced Threat Protection: Network DR150218C April 2015 Miercom www.miercom.com Contents 1.0 Executive Summary... 3 2.0 Overview... 4 2.1 Products Tested... 4 2.2. Malware Samples... 5 3.0 How
More informationFour Steps to Defeat a DDoS Attack
hite Paper Four Steps to Defeat a DDoS Attack Millions of computers around the world are controlled by cybercriminals. These computers have been infected with software robots, or bots, that automatically
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More information