SlideShare uma empresa Scribd logo
1 de 12
Baixar para ler offline
50 Years of Growth, Innovation and Leadership
A Frost & Sullivan
White Paper
www.frost.com
Why Anti-DDoS Products and Services are Critical
for Today’s Business Environment
Protecting Against Modern DDoS Threats
Frost & Sullivan
CONTENTS
Executive Summary................................................................................................................	3
Introduction.............................................................................................................................	4
What is DDoS?........................................................................................................................	4
Volumetric Attacks.................................................................................................................	5
TCP State-Exhaustion Attacks.............................................................................................	6
Application-Layer Attacks....................................................................................................	6
The Growing DDoS Problem.................................................................................................	7
Broader Spread of Attack Motivations andTargets............................................................	8
Volunteer Botnets..................................................................................................................	9
Increased Impact on Organizations.....................................................................................	9
ComplexThreats Need a Full-Spectrum Solution..............................................................	9
Integrity and Confidentiality vs.Availability.......................................................................	9
Protect Your Business from the DDoSThreat......................................................................	10
Cloud-Based DDoS Protection.............................................................................................	10
Perimeter-Based DDoS Protection......................................................................................	10
Out-of-the-Box Protection...................................................................................................	10
Advanced DDoS Blocking.....................................................................................................	11
BotnetThreat Mitigation......................................................................................................	11
Cloud Signaling......................................................................................................................	11
The Final Word........................................................................................................................	11
Why Anti-DDoS Products and Services are Critical for Today’s Business Environment
3Frost.com
EXECUTIVE SUMMARY
The perception of distributed denial of service (DDoS) attacks has changed dramatically in the
past 24 months.A series of successful, high-profile attacks against enterprises, institutions and
governments around the world has driven home the importance of availability and the need
for layered defenses.These attacks have also driven home how quickly the pace of innovation
has accelerated on the side of the hackers.
In today’s environment, any enterprise operating online—which means just about any type
and size of organization—can become a target because of who they are, what they sell, who
they partner with or for any other real or perceived affiliations. The widespread availability
of inexpensive attack tools enables anyone to carry out DDoS attacks. This has profound
implications for the threat landscape, risk profile, network architecture and security
deployments of Internet operators and Internet-connected enterprises.
The methods hackers use to carry out DDoS attacks have evolved from the traditional high-
bandwidth/volumetric attacks to more stealthy application-layer attacks, with a combination of
both being used in some cases.Whether used for the sole purpose of shutting down a network,
or as a means of distraction to obtain sensitive data, DDoS attacks continue to become more
complex and sophisticated.While some DDoS attacks have reached levels of 100Gbps, low-
bandwidth application-layer attacks have become more prominent as attackers exploit the
difficulties in detecting these“low-and-slow” attacks before they impact services.The methods
botnets use to carry out these attacks have also shifted. Botnets used to be made up of
compromised PCs,unwitting participants controlled by a botmaster.In the age of the hacktivist,
people are opting-in to botnets and even renting botnets for the purpose of launching attacks.
Network administrators are finding that traditional security products, such as Firewalls and
Intrusion Prevention Systems (IPS), are not designed for today’s complex DDoS threat.These
products focus on the integrity and confidentiality of a network. However, DDoS targets the
availability of the network and services it provides.
In today’s complex and rapidly changing threat landscape, enterprises need to take control
of their DDoS risk mitigation strategy by proactively architecting a layered defense strategy
that addresses availability threats.The issue of availability is taken into account as part of risk
planning for site selection, power failures and natural disasters. Given today’s threat landscape,
DDoS planning should now be part of any enterprise risk mitigation strategy.
Arbor Networks’ Pravail Availability Protection System (APS) is the first security product
focused on securing the network perimeter from threats against availability—specifically,
protection against application-layer DDoS attacks. Purpose-built for the enterprise, it delivers
out-of-the-box, proven DDoS attack identification and mitigation capabilities that can be
rapidly deployed with little configuration, even during an attack.
Frost & Sullivan
4 Frost.com
An added benefit for customers is Arbor’s unique visibility into DDoS botnets because of
its ATLAS infrastructure, which combines a darknet sensor network with traffic data from
more than 100 service provider customers around the world. The ATLAS Intelligence Feed
delivers DDoS signatures in real time to keep the enterprise data center edge protected
against hundreds of botnet-fueled DDoS attack toolsets and their variants.
Overall, the Arbor Pravail APS provides what other perimeter-based security devices cannot,
and that is the ability to detect and mitigate DDoS attacks proactively.
INTRODUCTION
Black Friday brings to mind the vision of hundreds of shoppers lined up at stores, ready to
pounce on deals and do business.A more recent holiday shopping addition—Cyber Monday—
brings to mind a different vision of a global audience armed with a computer andWeb browser,
clicking away at the best deals at their favorite online retailer.While these two visions may
seem very different, the need to enable customers to make purchases is critically important.
The concept of business continuity is not new. Organizations have worked on business
continuity planning for a long time. Unfortunately, in today’s always-on environment, the
challenge of business continuity is greater than ever before. Consider the ease with which
criminals can conduct a crippling attack on an organization.With attackers having the ability to
generate significant amounts of traffic from the botnets they control, and sophisticated attack
tools at their disposal, even an organization with a high-capacity Internet connection can have
its Internet services, and business, disrupted.
This paper will look at DDoS attacks in detail.It will illustrate the attack vectors being used and
describe why the threat to organizations is greater than ever before.This paper will then detail
why traditional firewall and IPS solutions fall short in protecting organizations against today’s
sophisticated DDoS attacks. Finally, this paper will present the Arbor solution—a complete,
purpose-built solution that Frost & Sullivan believes can provide protection against the wide
range of DDoS attacks that can target the corporate data center.
WHAT IS DDOS?
A DDoS attack is simply an attempt by an attacker to exhaust the resources available to a
network, application or service such that genuine users cannot gain access. It is an attack
formulated by a group of malware-infected or volunteered client computers that attempt
to overwhelm a given network, site or service with their combined actions. However, not all
DDoS attacks operate in the same way. DDoS attacks come in many different forms.These
forms include flood attacks, which rely on high volumes of traffic/sessions to overwhelm a
target, e.g.,TCP SYN, ICMP and UDP floods, and more sophisticated application-layer attack
vectors/tools, such as Slowloris, KillApache, etc.
Why Anti-DDoS Products and Services are Critical for Today’s Business Environment
5Frost.com
1
	http://www.securelist.com/en/analysis/204792189/DDoS_attacks_in_Q2_2011
DDoS attacks can be classified as volumetric attacks, TCP State-Exhaustion attacks or
application-layer attacks. In Kapersky’s DDoS attacks in Q2 2011 report, HTTP flooding
was the most common DDoS vector, which is an example of an application-layer attack.1
The dominance of application-layer attacks illustrates the rapid evolution of DDoS away from
traditional volumetric attacks.
88%
5.4%
2.6%
1.7%
1.2%
0.2%
HTTP Flood
SYN Flood
UDP Flood
ICMP Flood
TCP Data Flood
DDoS on DNS
Attacked Vectors¹
Volumetric Attacks
Volumetric attacks flood a network with massive amounts of traffic that saturate and consume a
network’s bandwidth and infrastructure.Once the traffic exceeds the capabilities of a network,
or its connectivity to the rest of the Internet, the network becomes inaccessible, as shown in
Figure 1. Examples of volumetric attacks include ICMP, Fragment and UDP floods.
Frost & Sullivan
6 Frost.com
Regular
Traffic
Malicious
Traffic
Malicious
Traffic
Regular
Traffic
Regular
Traffic
Malicious
Traffic
Malicious
Traffic
Malicious
Traffic
ISP
1
ISP
2
ISP
3
Saturation
Router
Firewall
Target Applications
and Services
Volumetric Attacks
TCP State-Exhaustion Attacks
TCP State-Exhaustion attacks attempt to consume the connection state tables that are present
in many infrastructure components,such as load balancers,firewalls and the application servers
themselves.For instance,firewalls must analyze every packet to determine whether the packet
is a discrete connection, the continuation of an existing connection, or the completion of an
existing connection. Similarly, an intrusion prevention system must track state to carry out
signature-based detection of packets and stateful protocol analysis.These and other stateful
devices—including load balancers—are frequently compromised by large session flood or
connection attacks.
The Sockstress attack, for example, can quickly overwhelm a firewall’s state table by opening
sockets to fill the connection table.
Application-Layer Attacks
Application-layer attacks use far more sophisticated mechanisms to achieve the goals of the
hacker. Rather than flooding a network with traffic or sessions, application-layer attacks target
specific applications/services and slowly exhaust resources at the application layer.Application-
layer attacks can be very effective at low traffic rates, and the traffic involved in the attacks
Why Anti-DDoS Products and Services are Critical for Today’s Business Environment
7Frost.com
can be legitimate from a protocol perspective. This makes application-layer attacks harder
to detect than other DDoS attack types. HTTP Flood, DNS dictionary, Slowloris, etc., are
examples of application-layer attacks.
Malicious
Traffic
Regular
Traffic
Malicious
Traffic
Regular
Traffic
Malicious
Traffic
Malicious
Traffic
ISP
1
ISP
2
Low
Bandwidth
Requests
Made
Malicious
Requests
Bypass
Security
Applications
Router
Firewall
IPS
Target Applications
and Services
Application-Layer Attacks
Services
Slowly
Exhausted
THE GROWING DDoS PROBLEM
In recent years, DDoS attacks have become more sophisticated.The attack vectors hackers
are using within their attacks are more complex. Hackers now use a combination of
volumetric and application-layer DDoS attacks, as they know this increases their chances of
disrupting availability.
Volumetric attacks are also getting larger, with a larger base of either malware-infected
machines or volunteered hosts being used to launch these attacks.
As represented in Figure 4, in a survey conducted by Arbor Networks, the size of volumetric
DDoS attacks has steadily grown.2
However, in 2010, a 100 Gbps attack was reported.That is
more than double the size of the largest attack in 2009.This staggering figure illustrates the
resources hackers are capable of bringing to bear when attacking a network or service.
2
	Arbor Networks — Worldwide Infrastructure Security Report,VolumeVI
Frost & Sullivan
8 Frost.com
0
10
20
30
40
50
60
70
80
90
100
100 Gbps
2005 2006 2007 2008 2009 2010
Bandwidth(Gbps)
DDoS Attacks by Gbps²
As organizations face these new challenges,network administrators have to look for a solution
with the sole purpose of deflecting and mitigating these new hacker tactics.
Broader Spread of Attack Motivations andTargets
The emergence of hacktivism has changed the view of DDoS in the security community. Once
primarily viewed as a method for reputational or financial gain, attack motivations have moved
on. While the attacks motivated by extortion,etc.,still exist,DDoS attacks are now being used
as a form of political activism (“hacktivism”) or to prove how unsecure networks are. Media
organizations, social networks, governments, etc., have been targeted heavily by these types of
DDoS attacks.
Two well-known hacker groups garnering attention are Anonymous and LulzSec.Anonymous
aims to attack organizations it believes are participating in injustices of discouraging Internet
freedom and freedom of speech.LulzSec,on the other hand,has built its reputation on exposing
security flaws in networks and websites.
While LulzSec aims to expose vulnerabilities in networks with no motivation other than
revealing the vulnerabilities, there have been other instances where the reasoning behind
attacks has been less clear.According to Kapersky’s DDoS Attacks in Q2 2011 report, social
networks are targeted because they allow the immediate exchange of information between
tens of thousands of users.In 2011,a Russian virtual community named LiveJournal experienced
a series of attacks.The botnet behind the attacks was named Optima.To this day, no one has
claimed responsibility for the attacks.
Why Anti-DDoS Products and Services are Critical for Today’s Business Environment
9Frost.com
Volunteer Botnets
Hacktivist groups have shown how easy it is to build a botnet of volunteered,rather than malware-
infected,machines.Hacktivist groups are known for their recruitment of members through social
media networks, and it appears than only minimal persuasion is required to recruit participants.
Regardless of computer hacking capabilities,anyone can be part of one of these movements.This
alarming trend poses serious problems for the industry,as highly skilled hackers and novice users
now have access to some of the same sophisticated DDoS attack tools.
Increased Impact on Organizations
The growing dependence of businesses on datacenter and cloud services has resulted in a
renewed focus on the security of these services. Once an afterthought, security in the cloud
has moved to the top of the priority list. Businesses should look at security capabilities as one
of the key factors they evaluate when deciding upon a provider of cloud or datacenter services,
as the business impacts of an attack can be significant.
The business cost to an organization of a DDoS attack is multi-faceted.We should consider
everything from the operational costs of dealing with the attack, to the potential long-term
revenue impact that might arise due to brand damage if an attack is successful.As an example,in
April of 2011, a cybercriminal was sentenced, in Germany, for attempting to blackmail German
bookmakers during the 2010 World Cup.While the ransom request was not significant, the
bookmakers estimated that within the few hours their site was down, they lost between
25,000-40,000 Euros for large offices and 5,000-6,000 Euros for smaller offices.The punishment
in Germany for computer sabotage is now up to 10 years in prison.
Another worrying development is the use of DDoS as a means of distraction.In the case of the
Sony breach, a DDoS attack was allegedly used as a distraction so that other criminal activity,
which resulted in the loss of passwords, usernames, and credit card information, could take
place.This potential threat further justifies the need for solutions that mitigate the latest DDoS
attacks and methods.
COMPLEXTHREATS NEED A FULL-SPECTRUM SOLUTION
Given the threat complexity and the business impact of DDoS, a full-spectrum solution is
required.A common response by many administrators to the challenges of DDoS is the belief
that their firewall and IPS infrastructure will protect them from attack. Unfortunately, this is
not true. Firewalls and IPS devices, while critical to network protection, are not adequate to
protect against all DDoS attacks.
Integrity and Confidentiality vs. Availability
Many administrators rely on firewalls and Intrusion Prevention Systems, which have extended
capabilities to deal with DDoS attacks. Firewalls and IPS devices focus on integrity and
confidentiality.These products are built for other security problems (enforcing network policy
and blocking intrusion attempts). These capabilities are not readily extensible to deal with
Frost & Sullivan
10 Frost.com
threats targeting network and service availability—the focus of DDoS attacks. Firewalls and IPS
devices cannot stop widely distributed attacks or attacks using sophisticated application-layer
attack vectors. In fact, it has been found that many DDoS attacks target firewall and IPS devices.
Firewalls and IPS can be targeted by DDoS attacks because they are stateful. Stateful devices
track every packet in a connection that comes through a network to look for malicious activity,
and have a set of built-in mechanisms to protect against known threats. Due to the state-
exhausting nature of many DDoS attacks, firewalls and IPS devices can fail during an attack.
For example, sockstress DDoS attacks, which open sockets to fill the connection table, can
overwhelm both firewalls and IPS devices.
Protect Your Business from the DDoSThreat
A complex threat like DDoS requires a layered security solution. First, enterprises must
protect themselves from volumetric and state-exhaustion DDoS attacks, which can saturate
their Internet connectivity by utilizing the cloud-based protection services offered by some
Internet Service Providers or Managed Security Service Providers; second, they must have
protection from application-layer DDoS attacks using a perimeter-based solution. Moreover,
a perimeter-based solution empowers enterprises by enabling them to take control of their
response to the DDoS threat.
Cloud-Based DDoS Protection
Enterprises must work with upstream ISPs and MSSPs to have protection from large flood
attacks. Because a large percentage of DDoS attacks remain volumetric or flood attacks,
enterprises should demand clean pipes from their providers.
Perimeter-Based DDoS Protection
Arbor Networks’ Pravail Availability Protection System (APS) has been developed to meet the
DDoS threat, protecting other perimeter-based security devices and infrastructure from the
impact of attacks.With the sole purpose of stopping availability threats, Pravail APS provides the
ability to detect and block application-layer,TCP state-exhaustion and volumetric attacks.Utilizing
a combination of mechanisms,including the real-timeATLAS Intelligence Feed,Pravail can protect
and resolve the most complicated DDoS attacks.However,as it is a perimeter solution,it cannot
deal with attacks that saturate Internet connectivity;to deal with these attacks,we need to utilize
cloud-based protection and the Pravail APS can automatically request this using Arbor’s Cloud
Signaling protocol, ensuring complete protection from complex, multi-vector threats.
Out-of-the-Box Protection
In many cases, the deployment of a new security device necessitates tuning and a lengthy
integration process. Pravail APS has been developed to give administrators the ability to install
the product and immediately stop any attacks with minimal configuration.Although protection
for common DoS/DDoS attack types is automated, there are manual configuration options
available for advanced users.The ATLAS Intelligence Feed (AIF) also provides information to
Why Anti-DDoS Products and Services are Critical for Today’s Business Environment
11Frost.com
the device on emerging attack vectors so that they can be dealt with automatically. Pravail APS
provides real-time reports on attacks, blocked hosts and service traffic.Administrators will be
able to better understand the nature of their traffic and any attacks that target their services.
Advanced DDoS Blocking
Pravail APS meets the challenge administrators are increasingly facing in dealing with DDoS
attacks. Using a variety of counter measures, Pravail APS detects and puts a stop to DDoS
attacks, especially those that are difficult to detect in a cloud environment.
BotnetThreat Mitigation
Backed by the Arbor security research team, Pravail APS receives updates of new threats
automatically, without software upgrades.This is done through the AIF.These threats can then
be proactively blocked before they impact services.
Cloud Signaling
Pravail APS provides a comprehensive solution to efficiently detect and stop all DDoS attacks,
as it enables a tight integration between the perimeter and cloud-based services via cloud
signaling.To this end,Arbor has launched the Cloud Signaling Coalition with a long and growing
list of ISPs and MSSPs, who stand ready to receive cloud signals from Pravail APS.
THE FINAL WORD
It is clear that DDoS attacks are continuing to increase in both size and complexity.Furthermore,
the motivations behind attacks have also broadened to include ideological hacktivism and
Internet vandalism.This has put everyone from social networks to governments at risk of attack.
The number of DDoS attacks continues to increase, and DDoS remains a growing threat.
Administrators need to understand that traditional security devices are not enough to protect a
network or the services it provides.Trying to extend the capabilities of these products to defend
against DDoS attacks has proven to be ineffective. It is important to note that these products
are essential for an organization’s defense system, but a product for protection against DDoS
attacks,on-premise and in the cloud,is very different.Enterprises must have the right perimeter-
based product but must also have the right solution in the cloud.The icing on the cake is being
able to unite the perimeter and cloud solutions in a seamless and automated manner.
877.GoFrost • myfrost@frost.com
http://www.frost.com
ABOUT FROST & SULLIVAN
Frost & Sullivan, the Growth Partnership Company, partners with clients to accelerate their growth.The company’s
TEAM Research, Growth Consulting, and GrowthTeam Membership™ empower clients to create a growth-focused
culture that generates,evaluates,and implements effective growth strategies.Frost & Sullivan employs over 50 years of
experience in partnering with Global 1000 companies,emerging businesses,and the investment community from more
than 40 offices on six continents. For more information about Frost & Sullivan’s Growth Partnership Services, visit
http://www.frost.com.
For information regarding permission, write:
Frost & Sullivan
331 E. Evelyn Ave. Suite 100
MountainView, CA 94041
SiliconValley
331 E. Evelyn Ave. Suite 100
MountainView, CA 94041
Tel 650.475.4500
Fax 650.475.1570
San Antonio
7550 West Interstate 10, Suite 400,
San Antonio,Texas 78229-5616
Tel 210.348.1000
Fax 210.348.1003
London
4, Grosvenor Gardens,
London SWIW ODH,UK
Tel 44(0)20 7730 3438
Fax 44(0)20 7730 3343
Auckland
Bangkok
Beijing
Bengaluru
Bogotá
Buenos Aires
Cape Town
Chennai
Colombo
Delhi / NCR
Dhaka
Dubai
Frankfurt
Hong Kong
Istanbul
Jakarta
Kolkata
Kuala Lumpur
London
Mexico City
Milan
Moscow
Mumbai
Manhattan
Oxford
Paris
Rockville Centre
San Antonio
São Paulo
Seoul
Shanghai
SiliconValley
Singapore
Sophia Antipolis
Sydney
Taipei
Tel Aviv
Tokyo
Toronto
Warsaw
Washington, DC

Mais conteúdo relacionado

Mais procurados

Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the  private cloud? [WHITEPAPER]Are you ready for the  private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?Gabe Akisanmi
 
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKS
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKSMAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKS
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKSIJCNCJournal
 
With-All-Due-Diligence20150330
With-All-Due-Diligence20150330With-All-Due-Diligence20150330
With-All-Due-Diligence20150330Jim Kramer
 
Nexusguard Selected Entrepreneurial Company 2016
Nexusguard Selected Entrepreneurial Company 2016Nexusguard Selected Entrepreneurial Company 2016
Nexusguard Selected Entrepreneurial Company 2016Hope Frank
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paperRenny Shen
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET Journal
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecuritydrewz lin
 
Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Brian K. Dickard
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)ClubHack
 
Risk management for cloud computing hb final
Risk management for cloud computing hb finalRisk management for cloud computing hb final
Risk management for cloud computing hb finalChristophe Monnier
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! EMC
 
V mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperV mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperEMC
 

Mais procurados (20)

Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the  private cloud? [WHITEPAPER]Are you ready for the  private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]
 
DDoS
DDoSDDoS
DDoS
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?
 
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKS
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKSMAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKS
MAINTAINING CLOUD PERFORMANCE UNDER DDOS ATTACKS
 
With-All-Due-Diligence20150330
With-All-Due-Diligence20150330With-All-Due-Diligence20150330
With-All-Due-Diligence20150330
 
Nexusguard Selected Entrepreneurial Company 2016
Nexusguard Selected Entrepreneurial Company 2016Nexusguard Selected Entrepreneurial Company 2016
Nexusguard Selected Entrepreneurial Company 2016
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecurity
 
Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
 
Risk management for cloud computing hb final
Risk management for cloud computing hb finalRisk management for cloud computing hb final
Risk management for cloud computing hb final
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud Data
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore!
 
V mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperV mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paper
 
Myths About Cloud Computing
Myths About Cloud ComputingMyths About Cloud Computing
Myths About Cloud Computing
 

Destaque

Choosing the correct cable for CCTV Applications
Choosing the correct cable for CCTV ApplicationsChoosing the correct cable for CCTV Applications
Choosing the correct cable for CCTV ApplicationsPedro Espinosa
 
5 Consejos Tecnologicos - VMWare
5 Consejos Tecnologicos - VMWare5 Consejos Tecnologicos - VMWare
5 Consejos Tecnologicos - VMWarePedro Espinosa
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
Guía para realizar y enviar trabajos Blackboard Tecmilenio
Guía para realizar y enviar trabajos Blackboard TecmilenioGuía para realizar y enviar trabajos Blackboard Tecmilenio
Guía para realizar y enviar trabajos Blackboard TecmilenioPedro Espinosa
 
What components make up a cctv system
What components make up a cctv systemWhat components make up a cctv system
What components make up a cctv systemAaronTAYLOR05
 
Administración y Control de Proyectos Informáticos ITIL v2.5
Administración y Control de Proyectos Informáticos ITIL v2.5Administración y Control de Proyectos Informáticos ITIL v2.5
Administración y Control de Proyectos Informáticos ITIL v2.5Pedro Espinosa
 
Metricas de los Servicios de TI (ITIL)
Metricas de los Servicios de TI (ITIL)Metricas de los Servicios de TI (ITIL)
Metricas de los Servicios de TI (ITIL)Pedro Espinosa
 
Presentacion APA - Maestria - Tecmilenio
Presentacion APA - Maestria - TecmilenioPresentacion APA - Maestria - Tecmilenio
Presentacion APA - Maestria - TecmilenioPedro Espinosa
 

Destaque (8)

Choosing the correct cable for CCTV Applications
Choosing the correct cable for CCTV ApplicationsChoosing the correct cable for CCTV Applications
Choosing the correct cable for CCTV Applications
 
5 Consejos Tecnologicos - VMWare
5 Consejos Tecnologicos - VMWare5 Consejos Tecnologicos - VMWare
5 Consejos Tecnologicos - VMWare
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
Guía para realizar y enviar trabajos Blackboard Tecmilenio
Guía para realizar y enviar trabajos Blackboard TecmilenioGuía para realizar y enviar trabajos Blackboard Tecmilenio
Guía para realizar y enviar trabajos Blackboard Tecmilenio
 
What components make up a cctv system
What components make up a cctv systemWhat components make up a cctv system
What components make up a cctv system
 
Administración y Control de Proyectos Informáticos ITIL v2.5
Administración y Control de Proyectos Informáticos ITIL v2.5Administración y Control de Proyectos Informáticos ITIL v2.5
Administración y Control de Proyectos Informáticos ITIL v2.5
 
Metricas de los Servicios de TI (ITIL)
Metricas de los Servicios de TI (ITIL)Metricas de los Servicios de TI (ITIL)
Metricas de los Servicios de TI (ITIL)
 
Presentacion APA - Maestria - Tecmilenio
Presentacion APA - Maestria - TecmilenioPresentacion APA - Maestria - Tecmilenio
Presentacion APA - Maestria - Tecmilenio
 

Semelhante a Protecting against modern ddos threats

The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationR. Blake Martin
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks
 
a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2Mike Revell
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Things to Consider While Choosing DDoS Protection | DDoS VPS Hosting
Things to Consider While Choosing DDoS Protection | DDoS VPS HostingThings to Consider While Choosing DDoS Protection | DDoS VPS Hosting
Things to Consider While Choosing DDoS Protection | DDoS VPS HostingHostSailor
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdfSolution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdfمنیزہ ہاشمی
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER:  The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER:  The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksSymantec
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalCheryl Goldberg
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFDominik Suter
 
4 critical criteria DDos
4 critical criteria DDos4 critical criteria DDos
4 critical criteria DDosGCC Computers
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyNetwork Intelligence India
 
DDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersDDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersStephanie Weagle
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
Comparative Study of Mod Security (Autosaved)
Comparative Study of Mod Security (Autosaved)Comparative Study of Mod Security (Autosaved)
Comparative Study of Mod Security (Autosaved)Dashti Abdullah
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyMazeBolt Technologies
 

Semelhante a Protecting against modern ddos threats (20)

DDoS Report.docx
DDoS Report.docxDDoS Report.docx
DDoS Report.docx
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_Mitigation
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
 
a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
Things to Consider While Choosing DDoS Protection | DDoS VPS Hosting
Things to Consider While Choosing DDoS Protection | DDoS VPS HostingThings to Consider While Choosing DDoS Protection | DDoS VPS Hosting
Things to Consider While Choosing DDoS Protection | DDoS VPS Hosting
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
 
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdfSolution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdf
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER:  The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER:  The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection Solution
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_Final
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDF
 
4 critical criteria DDos
4 critical criteria DDos4 critical criteria DDos
4 critical criteria DDos
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
 
DDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersDDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customers
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacks
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
 
Comparative Study of Mod Security (Autosaved)
Comparative Study of Mod Security (Autosaved)Comparative Study of Mod Security (Autosaved)
Comparative Study of Mod Security (Autosaved)
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
 

Último

GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 

Último (20)

GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 

Protecting against modern ddos threats

  • 1. 50 Years of Growth, Innovation and Leadership A Frost & Sullivan White Paper www.frost.com Why Anti-DDoS Products and Services are Critical for Today’s Business Environment Protecting Against Modern DDoS Threats
  • 2. Frost & Sullivan CONTENTS Executive Summary................................................................................................................ 3 Introduction............................................................................................................................. 4 What is DDoS?........................................................................................................................ 4 Volumetric Attacks................................................................................................................. 5 TCP State-Exhaustion Attacks............................................................................................. 6 Application-Layer Attacks.................................................................................................... 6 The Growing DDoS Problem................................................................................................. 7 Broader Spread of Attack Motivations andTargets............................................................ 8 Volunteer Botnets.................................................................................................................. 9 Increased Impact on Organizations..................................................................................... 9 ComplexThreats Need a Full-Spectrum Solution.............................................................. 9 Integrity and Confidentiality vs.Availability....................................................................... 9 Protect Your Business from the DDoSThreat...................................................................... 10 Cloud-Based DDoS Protection............................................................................................. 10 Perimeter-Based DDoS Protection...................................................................................... 10 Out-of-the-Box Protection................................................................................................... 10 Advanced DDoS Blocking..................................................................................................... 11 BotnetThreat Mitigation...................................................................................................... 11 Cloud Signaling...................................................................................................................... 11 The Final Word........................................................................................................................ 11
  • 3. Why Anti-DDoS Products and Services are Critical for Today’s Business Environment 3Frost.com EXECUTIVE SUMMARY The perception of distributed denial of service (DDoS) attacks has changed dramatically in the past 24 months.A series of successful, high-profile attacks against enterprises, institutions and governments around the world has driven home the importance of availability and the need for layered defenses.These attacks have also driven home how quickly the pace of innovation has accelerated on the side of the hackers. In today’s environment, any enterprise operating online—which means just about any type and size of organization—can become a target because of who they are, what they sell, who they partner with or for any other real or perceived affiliations. The widespread availability of inexpensive attack tools enables anyone to carry out DDoS attacks. This has profound implications for the threat landscape, risk profile, network architecture and security deployments of Internet operators and Internet-connected enterprises. The methods hackers use to carry out DDoS attacks have evolved from the traditional high- bandwidth/volumetric attacks to more stealthy application-layer attacks, with a combination of both being used in some cases.Whether used for the sole purpose of shutting down a network, or as a means of distraction to obtain sensitive data, DDoS attacks continue to become more complex and sophisticated.While some DDoS attacks have reached levels of 100Gbps, low- bandwidth application-layer attacks have become more prominent as attackers exploit the difficulties in detecting these“low-and-slow” attacks before they impact services.The methods botnets use to carry out these attacks have also shifted. Botnets used to be made up of compromised PCs,unwitting participants controlled by a botmaster.In the age of the hacktivist, people are opting-in to botnets and even renting botnets for the purpose of launching attacks. Network administrators are finding that traditional security products, such as Firewalls and Intrusion Prevention Systems (IPS), are not designed for today’s complex DDoS threat.These products focus on the integrity and confidentiality of a network. However, DDoS targets the availability of the network and services it provides. In today’s complex and rapidly changing threat landscape, enterprises need to take control of their DDoS risk mitigation strategy by proactively architecting a layered defense strategy that addresses availability threats.The issue of availability is taken into account as part of risk planning for site selection, power failures and natural disasters. Given today’s threat landscape, DDoS planning should now be part of any enterprise risk mitigation strategy. Arbor Networks’ Pravail Availability Protection System (APS) is the first security product focused on securing the network perimeter from threats against availability—specifically, protection against application-layer DDoS attacks. Purpose-built for the enterprise, it delivers out-of-the-box, proven DDoS attack identification and mitigation capabilities that can be rapidly deployed with little configuration, even during an attack.
  • 4. Frost & Sullivan 4 Frost.com An added benefit for customers is Arbor’s unique visibility into DDoS botnets because of its ATLAS infrastructure, which combines a darknet sensor network with traffic data from more than 100 service provider customers around the world. The ATLAS Intelligence Feed delivers DDoS signatures in real time to keep the enterprise data center edge protected against hundreds of botnet-fueled DDoS attack toolsets and their variants. Overall, the Arbor Pravail APS provides what other perimeter-based security devices cannot, and that is the ability to detect and mitigate DDoS attacks proactively. INTRODUCTION Black Friday brings to mind the vision of hundreds of shoppers lined up at stores, ready to pounce on deals and do business.A more recent holiday shopping addition—Cyber Monday— brings to mind a different vision of a global audience armed with a computer andWeb browser, clicking away at the best deals at their favorite online retailer.While these two visions may seem very different, the need to enable customers to make purchases is critically important. The concept of business continuity is not new. Organizations have worked on business continuity planning for a long time. Unfortunately, in today’s always-on environment, the challenge of business continuity is greater than ever before. Consider the ease with which criminals can conduct a crippling attack on an organization.With attackers having the ability to generate significant amounts of traffic from the botnets they control, and sophisticated attack tools at their disposal, even an organization with a high-capacity Internet connection can have its Internet services, and business, disrupted. This paper will look at DDoS attacks in detail.It will illustrate the attack vectors being used and describe why the threat to organizations is greater than ever before.This paper will then detail why traditional firewall and IPS solutions fall short in protecting organizations against today’s sophisticated DDoS attacks. Finally, this paper will present the Arbor solution—a complete, purpose-built solution that Frost & Sullivan believes can provide protection against the wide range of DDoS attacks that can target the corporate data center. WHAT IS DDOS? A DDoS attack is simply an attempt by an attacker to exhaust the resources available to a network, application or service such that genuine users cannot gain access. It is an attack formulated by a group of malware-infected or volunteered client computers that attempt to overwhelm a given network, site or service with their combined actions. However, not all DDoS attacks operate in the same way. DDoS attacks come in many different forms.These forms include flood attacks, which rely on high volumes of traffic/sessions to overwhelm a target, e.g.,TCP SYN, ICMP and UDP floods, and more sophisticated application-layer attack vectors/tools, such as Slowloris, KillApache, etc.
  • 5. Why Anti-DDoS Products and Services are Critical for Today’s Business Environment 5Frost.com 1 http://www.securelist.com/en/analysis/204792189/DDoS_attacks_in_Q2_2011 DDoS attacks can be classified as volumetric attacks, TCP State-Exhaustion attacks or application-layer attacks. In Kapersky’s DDoS attacks in Q2 2011 report, HTTP flooding was the most common DDoS vector, which is an example of an application-layer attack.1 The dominance of application-layer attacks illustrates the rapid evolution of DDoS away from traditional volumetric attacks. 88% 5.4% 2.6% 1.7% 1.2% 0.2% HTTP Flood SYN Flood UDP Flood ICMP Flood TCP Data Flood DDoS on DNS Attacked Vectors¹ Volumetric Attacks Volumetric attacks flood a network with massive amounts of traffic that saturate and consume a network’s bandwidth and infrastructure.Once the traffic exceeds the capabilities of a network, or its connectivity to the rest of the Internet, the network becomes inaccessible, as shown in Figure 1. Examples of volumetric attacks include ICMP, Fragment and UDP floods.
  • 6. Frost & Sullivan 6 Frost.com Regular Traffic Malicious Traffic Malicious Traffic Regular Traffic Regular Traffic Malicious Traffic Malicious Traffic Malicious Traffic ISP 1 ISP 2 ISP 3 Saturation Router Firewall Target Applications and Services Volumetric Attacks TCP State-Exhaustion Attacks TCP State-Exhaustion attacks attempt to consume the connection state tables that are present in many infrastructure components,such as load balancers,firewalls and the application servers themselves.For instance,firewalls must analyze every packet to determine whether the packet is a discrete connection, the continuation of an existing connection, or the completion of an existing connection. Similarly, an intrusion prevention system must track state to carry out signature-based detection of packets and stateful protocol analysis.These and other stateful devices—including load balancers—are frequently compromised by large session flood or connection attacks. The Sockstress attack, for example, can quickly overwhelm a firewall’s state table by opening sockets to fill the connection table. Application-Layer Attacks Application-layer attacks use far more sophisticated mechanisms to achieve the goals of the hacker. Rather than flooding a network with traffic or sessions, application-layer attacks target specific applications/services and slowly exhaust resources at the application layer.Application- layer attacks can be very effective at low traffic rates, and the traffic involved in the attacks
  • 7. Why Anti-DDoS Products and Services are Critical for Today’s Business Environment 7Frost.com can be legitimate from a protocol perspective. This makes application-layer attacks harder to detect than other DDoS attack types. HTTP Flood, DNS dictionary, Slowloris, etc., are examples of application-layer attacks. Malicious Traffic Regular Traffic Malicious Traffic Regular Traffic Malicious Traffic Malicious Traffic ISP 1 ISP 2 Low Bandwidth Requests Made Malicious Requests Bypass Security Applications Router Firewall IPS Target Applications and Services Application-Layer Attacks Services Slowly Exhausted THE GROWING DDoS PROBLEM In recent years, DDoS attacks have become more sophisticated.The attack vectors hackers are using within their attacks are more complex. Hackers now use a combination of volumetric and application-layer DDoS attacks, as they know this increases their chances of disrupting availability. Volumetric attacks are also getting larger, with a larger base of either malware-infected machines or volunteered hosts being used to launch these attacks. As represented in Figure 4, in a survey conducted by Arbor Networks, the size of volumetric DDoS attacks has steadily grown.2 However, in 2010, a 100 Gbps attack was reported.That is more than double the size of the largest attack in 2009.This staggering figure illustrates the resources hackers are capable of bringing to bear when attacking a network or service. 2 Arbor Networks — Worldwide Infrastructure Security Report,VolumeVI
  • 8. Frost & Sullivan 8 Frost.com 0 10 20 30 40 50 60 70 80 90 100 100 Gbps 2005 2006 2007 2008 2009 2010 Bandwidth(Gbps) DDoS Attacks by Gbps² As organizations face these new challenges,network administrators have to look for a solution with the sole purpose of deflecting and mitigating these new hacker tactics. Broader Spread of Attack Motivations andTargets The emergence of hacktivism has changed the view of DDoS in the security community. Once primarily viewed as a method for reputational or financial gain, attack motivations have moved on. While the attacks motivated by extortion,etc.,still exist,DDoS attacks are now being used as a form of political activism (“hacktivism”) or to prove how unsecure networks are. Media organizations, social networks, governments, etc., have been targeted heavily by these types of DDoS attacks. Two well-known hacker groups garnering attention are Anonymous and LulzSec.Anonymous aims to attack organizations it believes are participating in injustices of discouraging Internet freedom and freedom of speech.LulzSec,on the other hand,has built its reputation on exposing security flaws in networks and websites. While LulzSec aims to expose vulnerabilities in networks with no motivation other than revealing the vulnerabilities, there have been other instances where the reasoning behind attacks has been less clear.According to Kapersky’s DDoS Attacks in Q2 2011 report, social networks are targeted because they allow the immediate exchange of information between tens of thousands of users.In 2011,a Russian virtual community named LiveJournal experienced a series of attacks.The botnet behind the attacks was named Optima.To this day, no one has claimed responsibility for the attacks.
  • 9. Why Anti-DDoS Products and Services are Critical for Today’s Business Environment 9Frost.com Volunteer Botnets Hacktivist groups have shown how easy it is to build a botnet of volunteered,rather than malware- infected,machines.Hacktivist groups are known for their recruitment of members through social media networks, and it appears than only minimal persuasion is required to recruit participants. Regardless of computer hacking capabilities,anyone can be part of one of these movements.This alarming trend poses serious problems for the industry,as highly skilled hackers and novice users now have access to some of the same sophisticated DDoS attack tools. Increased Impact on Organizations The growing dependence of businesses on datacenter and cloud services has resulted in a renewed focus on the security of these services. Once an afterthought, security in the cloud has moved to the top of the priority list. Businesses should look at security capabilities as one of the key factors they evaluate when deciding upon a provider of cloud or datacenter services, as the business impacts of an attack can be significant. The business cost to an organization of a DDoS attack is multi-faceted.We should consider everything from the operational costs of dealing with the attack, to the potential long-term revenue impact that might arise due to brand damage if an attack is successful.As an example,in April of 2011, a cybercriminal was sentenced, in Germany, for attempting to blackmail German bookmakers during the 2010 World Cup.While the ransom request was not significant, the bookmakers estimated that within the few hours their site was down, they lost between 25,000-40,000 Euros for large offices and 5,000-6,000 Euros for smaller offices.The punishment in Germany for computer sabotage is now up to 10 years in prison. Another worrying development is the use of DDoS as a means of distraction.In the case of the Sony breach, a DDoS attack was allegedly used as a distraction so that other criminal activity, which resulted in the loss of passwords, usernames, and credit card information, could take place.This potential threat further justifies the need for solutions that mitigate the latest DDoS attacks and methods. COMPLEXTHREATS NEED A FULL-SPECTRUM SOLUTION Given the threat complexity and the business impact of DDoS, a full-spectrum solution is required.A common response by many administrators to the challenges of DDoS is the belief that their firewall and IPS infrastructure will protect them from attack. Unfortunately, this is not true. Firewalls and IPS devices, while critical to network protection, are not adequate to protect against all DDoS attacks. Integrity and Confidentiality vs. Availability Many administrators rely on firewalls and Intrusion Prevention Systems, which have extended capabilities to deal with DDoS attacks. Firewalls and IPS devices focus on integrity and confidentiality.These products are built for other security problems (enforcing network policy and blocking intrusion attempts). These capabilities are not readily extensible to deal with
  • 10. Frost & Sullivan 10 Frost.com threats targeting network and service availability—the focus of DDoS attacks. Firewalls and IPS devices cannot stop widely distributed attacks or attacks using sophisticated application-layer attack vectors. In fact, it has been found that many DDoS attacks target firewall and IPS devices. Firewalls and IPS can be targeted by DDoS attacks because they are stateful. Stateful devices track every packet in a connection that comes through a network to look for malicious activity, and have a set of built-in mechanisms to protect against known threats. Due to the state- exhausting nature of many DDoS attacks, firewalls and IPS devices can fail during an attack. For example, sockstress DDoS attacks, which open sockets to fill the connection table, can overwhelm both firewalls and IPS devices. Protect Your Business from the DDoSThreat A complex threat like DDoS requires a layered security solution. First, enterprises must protect themselves from volumetric and state-exhaustion DDoS attacks, which can saturate their Internet connectivity by utilizing the cloud-based protection services offered by some Internet Service Providers or Managed Security Service Providers; second, they must have protection from application-layer DDoS attacks using a perimeter-based solution. Moreover, a perimeter-based solution empowers enterprises by enabling them to take control of their response to the DDoS threat. Cloud-Based DDoS Protection Enterprises must work with upstream ISPs and MSSPs to have protection from large flood attacks. Because a large percentage of DDoS attacks remain volumetric or flood attacks, enterprises should demand clean pipes from their providers. Perimeter-Based DDoS Protection Arbor Networks’ Pravail Availability Protection System (APS) has been developed to meet the DDoS threat, protecting other perimeter-based security devices and infrastructure from the impact of attacks.With the sole purpose of stopping availability threats, Pravail APS provides the ability to detect and block application-layer,TCP state-exhaustion and volumetric attacks.Utilizing a combination of mechanisms,including the real-timeATLAS Intelligence Feed,Pravail can protect and resolve the most complicated DDoS attacks.However,as it is a perimeter solution,it cannot deal with attacks that saturate Internet connectivity;to deal with these attacks,we need to utilize cloud-based protection and the Pravail APS can automatically request this using Arbor’s Cloud Signaling protocol, ensuring complete protection from complex, multi-vector threats. Out-of-the-Box Protection In many cases, the deployment of a new security device necessitates tuning and a lengthy integration process. Pravail APS has been developed to give administrators the ability to install the product and immediately stop any attacks with minimal configuration.Although protection for common DoS/DDoS attack types is automated, there are manual configuration options available for advanced users.The ATLAS Intelligence Feed (AIF) also provides information to
  • 11. Why Anti-DDoS Products and Services are Critical for Today’s Business Environment 11Frost.com the device on emerging attack vectors so that they can be dealt with automatically. Pravail APS provides real-time reports on attacks, blocked hosts and service traffic.Administrators will be able to better understand the nature of their traffic and any attacks that target their services. Advanced DDoS Blocking Pravail APS meets the challenge administrators are increasingly facing in dealing with DDoS attacks. Using a variety of counter measures, Pravail APS detects and puts a stop to DDoS attacks, especially those that are difficult to detect in a cloud environment. BotnetThreat Mitigation Backed by the Arbor security research team, Pravail APS receives updates of new threats automatically, without software upgrades.This is done through the AIF.These threats can then be proactively blocked before they impact services. Cloud Signaling Pravail APS provides a comprehensive solution to efficiently detect and stop all DDoS attacks, as it enables a tight integration between the perimeter and cloud-based services via cloud signaling.To this end,Arbor has launched the Cloud Signaling Coalition with a long and growing list of ISPs and MSSPs, who stand ready to receive cloud signals from Pravail APS. THE FINAL WORD It is clear that DDoS attacks are continuing to increase in both size and complexity.Furthermore, the motivations behind attacks have also broadened to include ideological hacktivism and Internet vandalism.This has put everyone from social networks to governments at risk of attack. The number of DDoS attacks continues to increase, and DDoS remains a growing threat. Administrators need to understand that traditional security devices are not enough to protect a network or the services it provides.Trying to extend the capabilities of these products to defend against DDoS attacks has proven to be ineffective. It is important to note that these products are essential for an organization’s defense system, but a product for protection against DDoS attacks,on-premise and in the cloud,is very different.Enterprises must have the right perimeter- based product but must also have the right solution in the cloud.The icing on the cake is being able to unite the perimeter and cloud solutions in a seamless and automated manner.
  • 12. 877.GoFrost • myfrost@frost.com http://www.frost.com ABOUT FROST & SULLIVAN Frost & Sullivan, the Growth Partnership Company, partners with clients to accelerate their growth.The company’s TEAM Research, Growth Consulting, and GrowthTeam Membership™ empower clients to create a growth-focused culture that generates,evaluates,and implements effective growth strategies.Frost & Sullivan employs over 50 years of experience in partnering with Global 1000 companies,emerging businesses,and the investment community from more than 40 offices on six continents. For more information about Frost & Sullivan’s Growth Partnership Services, visit http://www.frost.com. For information regarding permission, write: Frost & Sullivan 331 E. Evelyn Ave. Suite 100 MountainView, CA 94041 SiliconValley 331 E. Evelyn Ave. Suite 100 MountainView, CA 94041 Tel 650.475.4500 Fax 650.475.1570 San Antonio 7550 West Interstate 10, Suite 400, San Antonio,Texas 78229-5616 Tel 210.348.1000 Fax 210.348.1003 London 4, Grosvenor Gardens, London SWIW ODH,UK Tel 44(0)20 7730 3438 Fax 44(0)20 7730 3343 Auckland Bangkok Beijing Bengaluru Bogotá Buenos Aires Cape Town Chennai Colombo Delhi / NCR Dhaka Dubai Frankfurt Hong Kong Istanbul Jakarta Kolkata Kuala Lumpur London Mexico City Milan Moscow Mumbai Manhattan Oxford Paris Rockville Centre San Antonio São Paulo Seoul Shanghai SiliconValley Singapore Sophia Antipolis Sydney Taipei Tel Aviv Tokyo Toronto Warsaw Washington, DC