[Restricted] ONLY for designated groups and individuals. 2014 Check Point Software Technologies Ltd.

Similar documents
Check Point DDoS Protector

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

SHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper

Introducing Radware Attack Mitigation System. Presenter: Werner Thalmeier September 2013

Radware s Attack Mitigation Solution On-line Business Protection

SecurityDAM On-demand, Cloud-based DDoS Mitigation

DDoS Overview and Incident Response Guide. July 2014

Security Intelligenece: tracking obfuscated and unrecognized attacks Check Point Software Technologies Ltd.

CHAPTER 4 : CASE STUDY WEB APPLICATION DDOS ATTACK GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

TDC s perspective on DDoS threats

VALIDATING DDoS THREAT PROTECTION

FortiDDoS. DDoS Attack Mitigation Appliances. Copyright Fortinet Inc. All rights reserved.

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Introduction to DDoS Attacks. Chris Beal Chief Security Architect on Twitter

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd

Availability Digest. Prolexic a DDoS Mitigation Service Provider April 2013

SHARE THIS WHITEPAPER

DDoS Protection on the Security Gateway

FortiDDos Size isn t everything

DDoS Attacks - Peeling the Onion on One of the Most Sophisticated Ever Seen. Eldad Chai, VP Product

DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS

Complete Protection against Evolving DDoS Threats

Business Case for a DDoS Consolidated Solution

How To Block A Ddos Attack On A Network With A Firewall

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Acquia Cloud Edge Protect Powered by CloudFlare

How Cisco IT Protects Against Distributed Denial of Service Attacks

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

How To Protect Yourself From A Dos/Ddos Attack

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

Corero Network Security plc

This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons

How valuable DDoS mitigation hardware is for Layer 7 Sophisticated attacks

Protect your network: planning for (DDoS), Distributed Denial of Service attacks

CloudFlare advanced DDoS protection

Automated Mitigation of the Largest and Smartest DDoS Attacks

Stop DDoS Attacks in Minutes

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

DDoS DETECTING. DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. [ Executive Brief ] Your data isn t safe. And neither is your website or your business.

On-Premises DDoS Mitigation for the Enterprise

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT

Arbor s Solution for ISP

Network attack and defense

CSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks

HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT

JUNOS DDoS SECURE. Advanced DDoS Mitigation Technology

Understanding and Defending Against the Modern DDoS Threat

DoS/DDoS Attacks and Protection on VoIP/UC

Are you safe from DDoS attacks?

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper

/ Staminus Communications

Why Is DDoS Prevention a Challenge?

Security. 26 November 2012 Vol.18 No11

DDoS Attacks Can Take Down Your Online Services

Stop DDoS Attacks in Minutes

First Line of Defense

DefensePro Whitepaper Fighting Cybercrime: Rethinking Application Security By Ron Meyran

This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

How To Mitigate A Ddos Attack

An Elastic and Adaptive Anti-DDoS Architecture Based on Big Data Analysis and SDN for Operators

Stop DDoS Attacks in Minutes

Customer Cases. Andreas Nordenadler, Sales Manager

Automated Mitigation of the Largest and Smartest DDoS Attacks

Corero Network Security First Line of Defense Executive Overview

Security Solutions for the New Threads

Introduction about DDoS. Security Functional Requirements

Stress Testing and Distributed Denial of Service Testing of Network Infrastructures

Ihr Standort bleibt erreichbar. Ihre Applikationen bleiben erreichbar!

WHITE PAPER Hybrid Approach to DDoS Mitigation

4 Delivers over 20,000 SSL connections per second (cps), which

KASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks

Business Case for Data Center Network Consolidation

Data Centers Protection from DoS attacks. Trends and solutions. Michael Soukonnik, Radware Ltd Riga. Baltic IT&T

Distributed Denial of Service protection

JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE

Data Sheet. DPtech Anti-DDoS Series. Overview

What to Look for When Choosing a CDN for DDoS Protection Written by Bizety

Radware s Behavioral Server Cracking Protection

FortiWeb for ISP. Web Application Firewall. Copyright Fortinet Inc. All rights reserved.

Don t get DDoSed and Confused. Patrick Sullivan, CISSP, GSLC, GWAPT, GCIH Managed, Security Services

2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer

Transcription:

[Restricted] ONLY for designated groups and individuals

Contents 1 2 3 4 Industry Trends DDoS Attack Types Solutions to DDoS Attacks Summary 2

Cybercrime Landscape DNS Hijacking Malware 3% 3% Targeted attack (Various tools) 7% iframe Injection 1% Other 7% DDoS 28% Account Hijacking 11% Defacement 17% SQLi 23% Source: 2014 Cyber Attacks Trends, Hackmagedon 28% of all cyber attacks in 2014 involved a DoS/DDoS attck 3

What is DoS? Denial-of-Service attack (DoS attack) an attempt to make a machine or network resource unavailable to its intended users. Distributed Denial-of-service attack (DDoS) is coordinated and simultaneously launched from multiple sources 4

DDoS Attack Examples Volumetric Attacks Fill the pipe DNS Amplification Attacks Using critical applications as attack source SYN Attacks Simple way to use resources Application Attack Renegotiate SSL Key 5

Volumetric Attacks Mixture of Valid Traffic and Spoofed Traffic Limited Pipe Attack Target Victim 6

DNS Amplification Attack Example Attacker Open DNS Server Attack Target Simple DNS Request Able to amplify DNS request to victim Victim 7

SYN Attacks Spoofed Traffic, Random Sources Random SYN Packets Attack Target Utilize State Table on Firewalls and Servers Victim 8

Application Layer DDoS Attacks Application Attacks Are Stealthier Exploit application weakness with Low&Slow attacks Utilize relatively low volume and fewer connections Used in conjunction with volume-based attacks Undetectable by threshold or volume-based solutions 9

Application Attacks Examples SSL Login Attack Really Simple Thousands of login requests to web login page, consuming web and database resources Network and Server Resource Consumption Repeated PDF Get Attack Find a large PDF and download it thousands of times 10

Amaze your friends & colleagues (not) 11

Cost of Damage Per Attack IT equipment failure Cyber crime (DDoS) UPS system failure Water, heat or CRAC failure 2010 2013 Generator failure Weather related $0 $200 $400 $600 $800 $1,000 $1,200 K Source: 2013 Cost of Data Center Outages, Ponemon Institute, Dec. 2013 $822,000 cost of a single DoS/DDoS attack that causes unplanned outage 12

Victims of Recent DDoS Attacks 13

DDoS Attack Results Amazon.com s 40 minute outage = $5 million in lost sales. (VentureBeat, August 2013) 1 second delay in page loading 3.5% decrease in conversion rate 2.1% decrease in shopping cart size 9.4% decrease in page views 8.4% increase in bounce rate Source: Strangeloop Networks, Case Study: The impact of HTML delay on mobile business metrics. 14

Today s Attacks Are More Sophisticated A More DDoS attacks today than ever before B More damage with application attacks C No need to flood network bandwidth 15

Diversity of Attacks Vectors Distribution of attack vectors More than 50% of 2013 DDoS attacks had more than 5 attack vectors. Source: Radware ERT Report, Jan. 27, 2014 Over 50% of attacks use more than 5 attacks vectors 16

The Right DDoS Solution Should Have Network Layer Protection Adaptable Application Layer Protection Fast Response Time 17

Check Point DDoS Protector Block Denial of Service Attacks Within Seconds! 18

Multi-Layered Protections Network Flood Server Flood Application Low & Slow Attacks Network High volume of behavioral packets analysis High rate Connection of new verification sessions Web / DNS Behavioral connectionbased HTTP and DNS attacks Advanced Signature attack protections techniques DoS Mitigation Engine (DME) blocking up to 25M PPS Preventing misuse of resources User auth through advanced challengeresponse String Match Engine (SME) L7 RegEx acceleration 20

Multi-Layer Protections Application HTTP Flood Protection Server SYN Protection DDoS Protector Network Behavioral DoS Anti-Scanning Available Service DNS Protection Connection Limit Out-Of-State Signature Protection Connection PPS Limit BL/WL 21

DDoS Protector Detect Patented behavioral detection Network floods Application attacks: HTTP GET / POST, Low & Slow Mitigate Immediate, Automatic, no need to divert traffic Generates real-time signature Distinguish between attackers and legitimate users Best quality of experience even under attack Powerful using dedicated hardware up to 25M PPS Analyze Denial of Service Event Analysis Historical reports Forensics Trend analysis 25

DDoS Protector Platforms DP X420 Family: Up to 40 Gbps throughput 6M concurrent sessions 25 Mpps max DDoS flood attack rate DP X412 Family: Up to 12 Gbps throughput 4M concurrent sessions 10 Mpps max DDoS flood attack rate DP X06 Family: Up to 2 Gbps throughput 2M concurrent sessions 1 Mpps max DDoS flood attack rate String Match Engine (SME) Improved protection from known DDoS attack tools for superior continuity of service Accelerated Layer7 signature protection to quickly mitigate advanced attacks Simplified Adaptable Application Layer Protections - custom protections made easier 26

Appliance Specifications X06 and X412 Model DP 506 DP 1006 DP 2006 DP 4412 DP 8412 DP 12412 Capacity 0.5Gbps 1Gbps 2Gbps 4GBps 8Gbps 12Gbps Max Concurrent Sessions Max DDoS Flood Attack Protection Rate Latency 2 Million 4 Million 1 Million packets per second 10 Million packets per second <60 micro seconds Real-Time Signatures Detect and protect against attacks in less than 18 seconds 27

Appliance Specifications X420 Model DP 10420 DP 20420 DP 30420 DP 40420 Capacity 10Gbps 20Gbps 30Gbps 40Gbps Max Concurrent Sessions 6 Million Max DDoS Flood Attack Protection Rate 25 Million packets per second Latency <60 micro seconds Real-Time Signatures Detect and protect against attacks in less than 18 seconds 28

Flexible Deployment Options Ready to Protect in Minutes Fits to Existing Network Topology Optional Learning Mode Deployment Low Maintenance and Support 29

Where to Protect Against DDoS Scenarios: 1 2 3 On-Premise Deployment DDoS Protector Appliance + Off-Site Deployment DDoS Protector Appliance 30

But what about those Volumetric Attacks 31

On Premise Mitigation ISP On-premise DDOS Protector mitigates the attack X On Premise Mitigation Fastest Time To Protection Protect against advanced attacks (low and slow) Detailed forensics and visibility DDOS Protector Protected Online Services Protected Organization Any on-premise solution cannot handle pipe saturation 32

Cloud Based Mitigation Cloud Scrubbing Center ISP X Protected Online Services Protected Organization Cloud Based Mitigation Routes all traffic to Cloud service when under attack. Protects against high volume DDOS attacks Longer Time to Mitigation: Identify, Divert, Mitigate Only protects against high volume DDOS attacks 33

DefensePipe in action 1 On Premise DDoS Protector protects in seconds and profiles the attack traffic Scrubbing Center DDOS Protector Protected Online Services Protected Organization 34

X DefensePipe in action 1 On Premise DDoS Protector protects in seconds and profiles the attack traffic 2 Attack profile sent to cloud for seamless protection handover Attack volume grows Scrubbing Center Defense Messaging DDOS Protector Protected Online Services Protected Organization 35

X DefensePipe in action 1 On Premise DDoS Protector protects in seconds and profiles the attack traffic 2 Attack profile sent to cloud for seamless protection handover Scrubbing Center 3 Traffic is routed to DefensePipe scrubbing center DDOS Protector Protected Online Services Protected Organization 36

DefensePipe in action 1 On Premise DDoS Protector protects in seconds and profiles the attack traffic 2 Attack profile sent to cloud for seamless protection handover Scrubbing Center 3 Traffic is routed to DefensePipe scrubbing center 4 Legitimate traffic forwarded to customer site and service restored Protected Online Services DDOS Protector Protected Organization 37

DefensePipe Activation When an Attack Starts On Premise DDOS Protector mitigates attacks in real-time Defense Messaging DDOS Protector sends attack profile Defense Messages to DefensePipe Once diverted, the attack is immediately mitigated accurately no learning curve Traffic Diversion BGP or DNS Customer approves traffic divert to the cloud Attack is handled with the customer from inception 38

Look for Help Check Point DDoS Solutions include access to DDoS Specialists when under attack! This is included in the support contract You are not alone Check Point can help you [Restricted] ONLY for designated groups and individuals 39

Check Point Can Help you Check Point Incident Response Team [Restricted] ONLY for designated groups and individuals 40

Integrated Security Management Unified Logs and Monitoring and Unified Reporting Leverage SmartView Tracker, SmartLog and SmartEvent for historic and real-time security status 41

Summary Blocks DDoS Attacks Within Seconds Customized multi-layered DDoS protection Ready to protect in minutes Integrated with Check Point Security Management [Restricted] ONLY for designated groups and individuals 42

THANK YOU [Restricted] ONLY for designated groups and individuals

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information