DNS and Infrastracture DDoS Protection

•Transferir como PPTX, PDF•

0 gostou•1,591 visualizações

DNS Protection safeguards Incapsula clients’ DNS servers, while also accelerating DNS responses. Infrastructure Protection, enabled by the addition of a GRE tunneling onboarding option, widen Incapsula's security perimeter - allowing it to protect entire subnets, secure all network elements and inspect all TCP/UDP communication.

Tecnologia

Eldad Chai, VP Product
Preparing for the Terabit Scale DDoS Attack

Agenda
• Network DDoS trends
• Is a Terabit DDoS imminent?
• A DDoS resilient network
• Infrastructure and DNS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.2

Where do we stand today?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.3
59%
28%
13%
<20Gbps
20-40Gbps
>40Gbps
Attacks bandwidth is showing
exponential growth
One third of attacks exceed 20Gbps
More than 13% exceed 40Gbps

Its not all bandwidth
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.4
More than 25% of attacks exceed 10Mpps
Most IPS/IDS will crash at 5Mpps

Recent campaigns / SaaS applications
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.5

Recent campaigns / DNS providers
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.6

How are they reaching these numbers?
• Are botnets becoming bigger?
> No, according to www.shadowserver.org
• Are there more open DNS resolvers?
> No, the number is actually declining according to
www.openresolverproject.org
• Are there more open NTP servers?
> Probably not
• So what is it then?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.7

How are they reaching these numbers?
• They are using bigger guns
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.8
Example of a 4Mpps attack
Less than 30 IPs are generating more than 99% of the traffic

What can we learn from all this?
• The stronger the internet is becoming, the stronger the attacks
• The largest attacks use a small set of super resources rather
than a large set of weak resources
• Attacks will far exceed a single network capacity
• Should we expect a 1Tbps+ attack within the next 12-36
months?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.9

A DDoS resilient network
• Can scale its capacity on demand
> Cloud solution are built to scale efficiently
> Cloud provides the most cost effective way to scale capacity
• Can protect any service from any attack
> Both layer 3&4 and layer 7 mitigation is required
> Web servers and DNS servers are a target for sophisticated attacks
• Provides real time visibility
> You cannot mitigate what you cannot see
• Can respond rapidly to changes
> DDoS mitigation is a delicate balance between false positives and
false negatives
> You need to react quickly to any change that disrupts this balance
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.10

Incapsula DDoS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.
11
DNS
Web
SSH, FTP, Telnet
SIP
SMTP
UDP, TCP
Network services

Incapsula DDoS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.
12
DNS
Web
SSH, FTP, Telnet
SIP
SMTP
Incapsula
Application
Protection
Incapsula DNS
Protection
Incapsula
Infrastructure
Protection
UDP, TCP

Incapsula Application Protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.13
Protect HTTP/S Applications
Layer 3&4 and also Layer 7
Always On / On Demand

Incapsula DNS Protection - NEW
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.14
Protect DNS servers
Prevent Blacklisting
Always On Service

Incapsula Infrastructure Protection - NEW
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.15
Protect all services and protocols
Protect entire IP ranges
Layer 3&4 (Network)
On Demand Service

BGP and Cloud
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.16
LAX
80Gbps
IAD
60Gbps
FRA
80Gbps
+1
23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24
23.5.6.0/
24
IP ranges are announced in Anycast
Traffic is forwarded to origin
over the same GRE tunnel

The “Behemoth”
• We still need to filter DDoS traffic…
• Our requirements
> Filter 100Gbps+ of traffic per POP
> Manage BGP for announcing
> Manage GRE for origin forwarding
> Software defined network (SDN) capabilities
• The solution
> An appliance that can deal with 170Gbps
> Advanced implementations of DDoS filtering algorithms
> Anomaly detection
> Proprietary implementation of BGP and GRE
> C&C for internal networking devices
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.17

Please send follow up questions to info@incapsula.com
Thank you

Mais conteúdo relacionado

Mais procurados

Joomla Security Simplified — Seven Easy Steps For a More Secure Website

Imperva Incapsula

Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic. This is an introductory guide of how to get set up and monitor the benefits of Argo. Please do note that Argo is an add-on feature.

Cloudflare Argo - Overview

Vu Long Tran

The latest version of the transport layer security (TLS) protocol was launched at the end of 2017, and version 1.3 proposes the largest change with improvements to performance and security. However, there has not been widespread adoption of this protocol which leaves many users exposed to data and privacy breaches. In this webinar, we will look at the new developments in TLS and SSL, why the internet needs better security and the technical challenges of good encryption.

Why Many Websites are still Insecure (and How to Fix Them)

Cloudflare

Alerting is a critical component of the ThousandEyes platform to inform operations teams of performance deviations or problems. From DNS availability to BGP reachability to layer 3 network metrics, ThousandEyes has a wide array of alert triggers. Learn how to use the alerting framework to your advantage by selecting the best alerts, customizing rules and receiving notifications. In this presentation, we share how to match alerts to your most important monitoring use case, customize modular alert rules, configure notifications and alert integrations. https://www.thousandeyes.com/webinars/alerting

ThousandEyes Alerting Essentials for Your Network

ThousandEyes

Gwava gwava6

GWAVA

The Internet is inherently unreliable, a collection of networks connected to each other where things break all the time; cables get cut, bogus routes get advertised, routers crash. Today, to fix all of this, Cloudflare launched Argo, a “virtual backbone” for the modern Internet. Just as Waze can tell you which route to take to avoid congested or blocked roads, Argo can route connections across the Internet efficiently by avoiding packet loss, congestion, and outages.

How to Reduce Latency with Cloudflare Argo Smart Routing

Cloudflare

Two to four seconds. That’s about as long as many consumers will wait for web pages to load before abandoning your page, research shows. Content Delivery Networks (CDN) can help dramatically improve your site’s load times and performance. But what can they do to improve the performance of mobile applications? This is especially problematic when users are connecting from subpar or congested cellular networks which are often beyond the reach of traditional CDN provider POPs. In this webinar, learn how traditional CDN providers operate, and the challenges with delivering to mobile users.

How CDNs Can improve Mobile Application Performance

Cloudflare

Using a secured, cloud-delivered SD-WAN to transform your business network

Netpluz Asia Pte Ltd

Join Cloudflare and CoinGecko, a Singapore-based cryptocurrency ranking chart platform that serves over 100 million pages views per month, for an educational webinar. Learn about the steps CoinGecko took to improve the user experience of its cryptocurrency platform, and how Cloudflare’s Argo Smart Routing routed over 1.2 billion website requests per month to improve performance on average by 65%, while using caching to save CoinGecko up to 88% on bandwidth.

65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...

Cloudflare

Hear the talk on YouTube: https://www.youtube.com/watch?v=lp4dQTSH130 Web Application Firewall security is evolving. Join John Graham-Cumming, CTO of CloudFlare, as he shares the latest trends and changes in Web Application Security. This talk will give details of the big trends in web application security seen in 2015, and how to defend against these threats and talk about the evolving web application security landscape.

Latest Trends in Web Application Security

Cloudflare

Last month, the world’s largest-ever distributed denial of service (DDOS) attack — 1.35 Tbps — hit GitHub and raised the stakes for every commercial website. These increasingly larger and more distributed attacks challenge security practitioners to better anticipate potential attacks on their own applications and infrastructure. In this live webinar, Cloudflare security experts will discuss the new DDoS landscape and mitigation techniques.

What You Should Know Before The Next DDoS Attack

Cloudflare

Cisco IT and ThousandEyes

ThousandEyes

Enterprise Agents: Deployment Best Practices

ThousandEyes

New Products Overview: Use Cases and Demos

Caitlin Magat

What’s New at Cloudflare: New Product Launches

Cloudflare

Securing internal applications for remote employees and contractors is cumbersome to deploy and maintain, missing granular access controls, and slow for users on mobile devices. Join this live webinar to learn how Cloudflare Access protects internal resources by securing, authenticating and monitoring access per-user and by application. With Cloudflare Access, only authenticated users with the required permissions are able to access specific resources behind the Cloudflare edge. Support for existing identity providers such as GSuite and Okta ensures the right users have easy and instant access regardless of physical location. By enforcing access rules at the edge, Cloudflare reduces latency for users.

Securing Internal Applications with Cloudflare Access

Cloudflare

Endpoint Agents monitor application experience and network connectivity of SaaS apps like Salesforce and Office 365. Performance data is collected directly from employee laptops and desktops and aggregated so you can understand real-time performance, long-term trends and individual user issues. In Part 2 of this webinar series, we’ll share: * Metrics you can gather on SaaS performance * How to report on aggregate performance for an app or location * How to troubleshoot both office and remote users

Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere

ThousandEyes

Shanghai Breakout: Access Management with Aruba ClearPass

Aruba, a Hewlett Packard Enterprise company

DDoS Protection System DPS

Alexander Velikiy

Your sales team is in the field, executives are on the road and other employees are often working from home. This means that your help desk and ops teams spend hours validating problems or leave unsolvable tickets open. Endpoint Agent continuously collects performance data about internal or SaaS applications that are used by your remote workers, including metrics about Wi-Fi and VPN connections. This webinar covers how monitoring remote employee connectivity can boost productivity and how Endpoint Agent measures performance through VPNs and on remote networks.

Troubleshooting Remote Workers and VPNs

ThousandEyes

Mais procurados (20)

Joomla Security Simplified — Seven Easy Steps For a More Secure Website

Cloudflare Argo - Overview

Why Many Websites are still Insecure (and How to Fix Them)

ThousandEyes Alerting Essentials for Your Network

Gwava gwava6

How to Reduce Latency with Cloudflare Argo Smart Routing

How CDNs Can improve Mobile Application Performance

Using a secured, cloud-delivered SD-WAN to transform your business network

65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...

Latest Trends in Web Application Security

What You Should Know Before The Next DDoS Attack

Cisco IT and ThousandEyes

Enterprise Agents: Deployment Best Practices

New Products Overview: Use Cases and Demos

What’s New at Cloudflare: New Product Launches

Securing Internal Applications with Cloudflare Access

Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere

Shanghai Breakout: Access Management with Aruba ClearPass

DDoS Protection System DPS

Troubleshooting Remote Workers and VPNs

Semelhante a DNS and Infrastracture DDoS Protection

With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack. Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Learn: - Expected trends in the evolving DDoS landscape over the next 12-36 months - Important considerations when selecting your DDoS protection technology - How to prepare your organization to detect and respond to a DDoS attack

Preparing for the Imminent Terabit DDoS Attack

Imperva

The DNS of Things

Peter Silva

D3TLV17- Advanced DDoS Mitigation Techniques

Imperva Incapsula

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

Marta Pacyga

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

PROIDEA

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

Media Perspectives

IPv6 @ Cloudflare

Internet Society

Big Data for Security

Marco Casassa Mont

IT challenges are growing at exponential rates Most of these challenges are external forces pushing in on IT The challenges are a mix of both apps and infrastructure – mobile apps and BYoD tax both the app and network infrastructure However the solutions are typically siloed, focused on solving very specific issues without addressing the larger problems as a whole These technology shifts, many of which are creating market transitions. Creating a great opportunity for solutions. For example, Users no longer work from the office. Today, they work for anywhere, at any time, one any device, and corporations needs solutions for a mobile work force The rise of the Cloud and Software Define Data Center….means that applications are equally portable and require a new set of solutions to ensure they’re fast, secure and available With such changes, there are new forms or threats…from simple FW solutions, to DDoS (volumetric and application centric), to malware, fraud and much more Lets not forget Software Defined “Everything”, customer want a much more agile infrastructure and orchestration and manageability. At a push of a button they want to orchestrate the whole stack. Clearly, there will be more devices and traffic. Demanding more diameter signaling, security and QoE And last, let not forget the HTTP is the new TCP. HTTP is the web protocol and therefore your network infrastructure needs to be aware of the session flows and messages, which requires intelligence beyond the traditional layer 3 solutions All these solutions are having dramatic implications on applications an the users that access them.

The DNS of Things

F5 Networks

Adam Obszyński – pracuje w Infoblox jako Senior Systems Engineer odpowiedzialny za CEE. Wcześniej pracował w Cisco, u kilku integratorów (NXO, MCX, ATM) i operatorów (ATMAN, Polbox, Multinet). Posiada doświadczenie w projektowaniu i wdrażaniu rozwiązań sieciowych i aplikacyjnych. W branży od 20 lat. Certyfikowany inżynier CCIE #8557 oraz CISSP. Prowadził prezentacje i warsztaty na wielu konferencjach w kraju i za granicą (m.in. Cisco Live US & EU, Cisco Forum, Cisco Expo, PLNOG). Temat prezentacji:Case Study – Infoblox Advanced DNS Protection Język prezentacji: Polski Abstrakt: Słyszałeś o typach ataków wymienionych poniżej? A może doświadczyłeś ich w swojej sieci? Phantom domain attack NXDomain attack DNS reflection/DrDoS attacks DNS amplification DNS cache poisoning Protocol anomalies DNS tunneling DNS hijacking Na poprzednim PLNOG mówiłem o unikalnej ochronie DNS za pomocą Infoblox ADP. Tym razem opowiem o tym co nowego zrobiliśmy w ramach ochrony DNS oraz zaprezentuje przypadki ze środowisk sieciowych naszych klientów. Opowiem co się działo w sieci klientów i jak uporaliśmy się z problemami ataków na DNS. Rozwiązanie Advanced DNS Protection od Infoblox dostarcza kompleksowe rozwiązanie do ochrony przed wieloma atakami na usługi DNS. System w inteligentny sposób odróżnia poprawny ruch DNS od złośliwego ruchu DDoS generowanego przez atakujących, takich jak DNS, exploity i słabości. Automatycznie usuwa ruch atakujący podczas gdy z pełną wydajnością odpowiada na poprawny ruch DNS. Ponadto, Advanced DNS Protection otrzymuje automatyczne aktualizacje swoich polityk/reguł, zapewniając stałą ochronę przed wszelkimi nowościami w tej dziedzinie. Infoblox jest pierwszym i jedynym producentem, który oferuje tak wyjątkowe i unkalne rozwiązanie dla najwyższej ochrony krytycznych usług DNS. Więcej szczegółów o rozwiązaniach dla operatorów: www.infoblox.com/sp

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

PROIDEA

RedisConf18 - The Versatility of Redis - Powering our critical business using...

Redis Labs

[Redis conf18] The Versatility of Redis

Eiti Kimura

Data centers move exabytes of data through their networks. This explosive growth in network traffic has put demands on data centers to adapt and add new technologies and standards to keep pace and make information easily accessible. Our personal information, company IP assets and sensitive data run across these networks that are constantly under persistent and malicious cyber attacks to look for vulnerabilities in their networks. IT security teams have to protect complex networks that are growing in size and complexity. They call for a new approach to gaining full – rather than partial – visibility into network behavior to stop downtime losses and data leaks. By providing 1 to 1 NetFlow generation then collecting the data and analyzing the flow records is essential in time-to-resolution (TTR). To help you take full advantage of valuable NetFlow data for use in network security management, Emulex and Lancope have created a best-in-class network and security solution that allows you to quickly and continuously monitor the makeup of the traffic traversing your network. In this webinar, we’ll explore why network security management is crucial in managing functionality and visibility of an organization’s network infrastructure and how Emulex helps address these deployment requirements. We'll also explore what matters most when network security is breached, and share some best practice insights gleaned from working with customers that run some of the largest and most critical data networks on the planet.

Using NetFlow to Streamline Security Analysis and Response to Cyber Threats

Emulex Corporation

The past few months have seen significant changes in global DDoS tactics. We can observe these changes in detail by analyzing traffic patterns from Cloudflare’s global network, which protects more than 27 million Internet properties and blocks 45 billion cyber threats every day. What approaches are DDoS attackers using right now, and what are forward-thinking organizations doing in response? Cloudflare DDoS product experts Omer Yoachimik, and Vivek Ganti will explore new data on DDoS trends and discuss ways to counter these tactics.

Recent DDoS attack trends, and how you should respond

Cloudflare

DNS Made Easy Sales Brochure

DNS Made Easy

9534715

Pavel Odintsov

Scaling service provider business with DDoS-mitigation-as-a-service

Cloudflare

Spider & F5 Round Table - Application Centric Security

Tzoori Tamam

DNS is a mission-critical component for any online business. Yet this component is often overlooked and forgotten until something breaks. As DNS attacks become more prevalent, businesses are starting to realize that the lack of a resilient DNS creates a weak link in their security strategy. Also, adopting the right DNS posture is important for achieving 100% uptime and ensuring uninterrupted superior performance. This becomes even more important during this crisis environment as your online presence is the only bridge connecting your business to customers and prospects. Join this webinar to learn more about: Risks posed by a weak DNS strategy, Different ways to accomplish a redundant DNS setup, How Cloudflare makes it easy to deploy a secure and resilient DNS.

Building Resilient Applications with Cloudflare DNS

DevOps.com

Infoblox - turning DNS from security target to security tool

Jisc

Semelhante a DNS and Infrastracture DDoS Protection (20)

Preparing for the Imminent Terabit DDoS Attack

The DNS of Things

D3TLV17- Advanced DDoS Mitigation Techniques

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

IPv6 @ Cloudflare

Big Data for Security

The DNS of Things

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

RedisConf18 - The Versatility of Redis - Powering our critical business using...

[Redis conf18] The Versatility of Redis

Using NetFlow to Streamline Security Analysis and Response to Cyber Threats

Recent DDoS attack trends, and how you should respond

DNS Made Easy Sales Brochure

9534715

Scaling service provider business with DDoS-mitigation-as-a-service

Spider & F5 Round Table - Application Centric Security

Building Resilient Applications with Cloudflare DNS

Infoblox - turning DNS from security target to security tool

Mais de Imperva Incapsula

D3TLV17- You have Incapsula...now what?

Imperva Incapsula

D3TLV17- Keeping it Safe

Imperva Incapsula

D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...

Imperva Incapsula

D3LDN17 - Recruiting the Browser

Imperva Incapsula

D3LDN17 - A Pragmatists Guide to DDoS Mitigation

Imperva Incapsula

D3LDN17 - Keynote

Imperva Incapsula

D3NY17- Customizing Incapsula to Accommodate Single Sign-On

Imperva Incapsula

D3NY17 - Migrating to the Cloud

Imperva Incapsula

IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Jeff Serota, Technical Account Manager, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.

D3NY17- Using IncapRules to Customize Security

Imperva Incapsula

IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Peter Klimek, Principal Security Engineer, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.

D3SF17- Using Incap Rules to Customize Your Security and Access Control

Imperva Incapsula

D3SF17- Boost Your Website Performance with Application Delivery Rules

Imperva Incapsula

D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...

Imperva Incapsula

D3SF17- Improving Our China Clients Performance

Imperva Incapsula

Moving your critical applications from on-premises servers to the cloud can be a daunting prospect — but it doesn't need to be. Drawing on over 5 years of experience bringing some of the largest CMS sites on the Web into the cloud, Vasken Hauri, VP of Engineering at 10up, covers the key aspects you'll need to consider to ensure a smooth and successful migration. He also touches on some best practices you can apply post-migration to keep your sites secure, performant, and worry-free in an era where our toasters can launch DDoS attacks.

D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned

Imperva Incapsula

D3SF17 -Keynote - Staying Ahead of the Curve

Imperva Incapsula

Understanding Web Bots and How They Hurt Your Business

Imperva Incapsula

Mondrian, MySQL, Mongo, Casandra, Lucene. You name it, we tried it. As a startup looking for cost-efficient and scalable solutions to power our event processing and statistics backend, we gave almost every Big Data technology out there a go. What we learned from these experiences is that doing it yourself is better than using plug-and-play black box solutions. This presentation details the building of Incapsula’s Big Data system as a case study, examining the requirements and the different evolutionary phases it went through before becoming what it is today.

From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...

Imperva Incapsula

Load Balancing from the Cloud - Layer 7 Aware Solution

Imperva Incapsula

Humans Are Now A Minority On The Internet

Imperva Incapsula

Under DDoS: Instant Access to Live Information

Imperva Incapsula

Mais de Imperva Incapsula (20)

D3TLV17- You have Incapsula...now what?

D3TLV17- Keeping it Safe

D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...

D3LDN17 - Recruiting the Browser

D3LDN17 - A Pragmatists Guide to DDoS Mitigation

D3LDN17 - Keynote

D3NY17- Customizing Incapsula to Accommodate Single Sign-On

D3NY17 - Migrating to the Cloud

D3NY17- Using IncapRules to Customize Security

D3SF17- Using Incap Rules to Customize Your Security and Access Control

D3SF17- Boost Your Website Performance with Application Delivery Rules

D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...

D3SF17- Improving Our China Clients Performance

D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned

D3SF17 -Keynote - Staying Ahead of the Curve

Understanding Web Bots and How They Hurt Your Business

From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...

Load Balancing from the Cloud - Layer 7 Aware Solution

Humans Are Now A Minority On The Internet

Under DDoS: Instant Access to Live Information

Último

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

JohnPollard-hybrid-app-RailsConf2024.pptx

JohnPollard37

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)

Samir Dash

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

DNS and Infrastracture DDoS Protection

1. Eldad Chai, VP Product Preparing for the Terabit Scale DDoS Attack

3. Where do we stand today? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.3 59% 28% 13% <20Gbps 20-40Gbps >40Gbps Attacks bandwidth is showing exponential growth One third of attacks exceed 20Gbps More than 13% exceed 40Gbps

7. How are they reaching these numbers? • Are botnets becoming bigger? > No, according to www.shadowserver.org • Are there more open DNS resolvers? > No, the number is actually declining according to www.openresolverproject.org • Are there more open NTP servers? > Probably not • So what is it then? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.7

8. How are they reaching these numbers? • They are using bigger guns Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.8 Example of a 4Mpps attack Less than 30 IPs are generating more than 99% of the traffic

9. What can we learn from all this? • The stronger the internet is becoming, the stronger the attacks • The largest attacks use a small set of super resources rather than a large set of weak resources • Attacks will far exceed a single network capacity • Should we expect a 1Tbps+ attack within the next 12-36 months? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.9

10. A DDoS resilient network • Can scale its capacity on demand > Cloud solution are built to scale efficiently > Cloud provides the most cost effective way to scale capacity • Can protect any service from any attack > Both layer 3&4 and layer 7 mitigation is required > Web servers and DNS servers are a target for sophisticated attacks • Provides real time visibility > You cannot mitigate what you cannot see • Can respond rapidly to changes > DDoS mitigation is a delicate balance between false positives and false negatives > You need to react quickly to any change that disrupts this balance Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.10

12. Incapsula DDoS protection Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved. 12 DNS Web SSH, FTP, Telnet SIP SMTP Incapsula Application Protection Incapsula DNS Protection Incapsula Infrastructure Protection UDP, TCP

15. Incapsula Infrastructure Protection - NEW Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.15 Protect all services and protocols Protect entire IP ranges Layer 3&4 (Network) On Demand Service

16. BGP and Cloud Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.16 LAX 80Gbps IAD 60Gbps FRA 80Gbps +1 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/ 24 IP ranges are announced in Anycast Traffic is forwarded to origin over the same GRE tunnel

17. The “Behemoth” • We still need to filter DDoS traffic… • Our requirements > Filter 100Gbps+ of traffic per POP > Manage BGP for announcing > Manage GRE for origin forwarding > Software defined network (SDN) capabilities • The solution > An appliance that can deal with 170Gbps > Advanced implementations of DDoS filtering algorithms > Anomaly detection > Proprietary implementation of BGP and GRE > C&C for internal networking devices Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.17

18. Please send follow up questions to info@incapsula.com Thank you

Notas do Editor

Click to edit Master text styles Second level Third level Fourth level Fifth level

DNS and Infrastracture DDoS Protection

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a DNS and Infrastracture DDoS Protection

Semelhante a DNS and Infrastracture DDoS Protection (20)

Mais de Imperva Incapsula

Mais de Imperva Incapsula (20)

Último

Último (20)

DNS and Infrastracture DDoS Protection

Notas do Editor