This document discusses DDoS protection and trends seen in North America during the COVID-19 pandemic. It notes that L7 DDoS attacks increased 70% after US lockdowns, and the top 5 most attacked US data center cities saw over 1,000 attacks daily on average in April 2020. Cloudflare mitigated over 5.4 petabytes of attack traffic that month, and presents data showing attacks have increased globally as more countries implement lockdowns. The document promotes Cloudflare's DDoS protection solutions and how they compare favorably to competitors in areas like scrubbing capacity, response times, and network coverage.
4. Cloudflare’s Global Anycast Network 26M
Internet properties
35 Tbps
Network capacity
200
Cities and 90+ countries
50B
Cyber threats blocked each day in
Q4’19
99%
Of the Internet-connected
population in the developed
world is located within 100
milliseconds of our network
Note: Data as of June 28, 2019.
4
5. Every Product Runs On Every Server In Every
Datacenter Around The World
5
8. What Is A DDoS Attack?
Classic definition
• DDoS Attack: Malicious actor targets traffic to an internet property with the intent
of causing an outage or service disruption.
Modern definitions
• Self-DDoS Attack: Faulty client applications calling home too frequently
• Friendly DDoS Attack: Overly excited good bots flooding with requests
8
10. 10
US Lockdown
L7 DDoS Attacks Increased By 70% After US Lockdown
Based on a sample from March 2020
11. L3/4 Attacks on North America Data Centers
11
● Each DC was targeted with 1,118 attacks every day on average
● Top attacked locations
Data Center City
Max Bit
Rate
Max Packet
Rate
# of Attacks -
Daily Average
# of Attacks -
Total for April
Los Angeles, CA 102 Gbps 28 Mpps 3,499 108,477
San Jose, CA 145 Gbps 16 Mpps 3,175 98,420
Ashburn, VA 151 Gbps 20 Mpps 3,054 94,687
Newark, NJ 96 Gbps 24 Mpps 2,755 85,412
Chicago, IL 77 Gbps 19 Mpps 2,745 85,101
Based on a sample from April 2020
12. L3/4 Attacks on North America Data Centers
12
Cloudflare mitigated over 5.4 Petabytes of attack traffic in April 2020
Based on a sample from April 2020
Easter
WA Gov.
extends
lockdown
US Senate Passes covid
relief package, Trump
halts green cards
California
14. Cost of Attacks
● Gartner: The average cost of downtime
is estimated at $5,600 per minute.
● Attacks are commonly used as a way to
distract security teams during an
attempted breach.
● Even after 3 years, breached companies
underperformed the market by -13.27%
T-Mobile US
TJX Companies
Huntsworth
Adobe
Global Payments
Royal Bank of
Scotland Group
Monster Worldwide
Vodafone Group
Apple
Source: https://www.comparitech.com/blog/information-security/data-breach-share-price-analysis/
24. Scrubbing
Industry Legacy Scrubbing Cloudflare DDoS
• Network Scale can absorb any
DDoS attack.
• Share Intelligence constantly
learns and applies intel to ID
new attacks.
• Ease of use -- it’s just on!
A Fully Differentiated DDoS Solution
Unmetered DDoS Protection = Trust
Fast and Safe -- Better than distant ‘scrubbing centers’
25. Application Layer 7
Session Layer 5
Presentation Layer 6
Transport Layer
Network Layer
Datalink Layer 2
Physical Layer 1
Cloudflare DDoS
Protection
DDoS Protection— At Every Layer Of The OSI Stack
25
WAF/CDN
L7 Proxy
Spectrum
L4 Proxy
Magic Transit
L3 Routing
27. Our Story — L3 DDoS Protection With Magic Transit
Built for Cloudflare. Now available for our customers
Cloudflare Data Center
200 Cities in 90+ countries
35 Tbps DDoS mitigation capacity
DDoS protection
Near-instant TTM
Network firewall
Granular Allow/Deny rules
for IP ranges
Customer Data Center
LAYER 3 - IP
(MAGIC TRANSIT)
28. Feature
No. of data centers for DDoS mitigation
DDoS scrubbing capacity
Time-to-mitigation (TTM7
)
MAGIC
TRANSIT
IMPERVA6
NEUSTAR5
AKAMAI
PROLEXIC4
RADWARE3
11
5 Tbps
‘seconds’
19
8 Tbps
< 5 min
14
12 Tbps
5-15 min
45
6 Tbps
< 3 sec
200+
35+ Tbps
< 10 sec
How Cloudflare Magic Transit Compares To Other Vendors
Cloudflare received the most ‘High’ ratings in Gartner’s recent report
“Solution Comparison for DDoS Cloud Scrubbing Centers” (ID G00467346)
as compared to the 6 other DDoS vendors across 23 assessment criteria.
29. For a limited time:
Replace your legacy provider with Cloudflare Magic Transit and pay
nothing until your existing contract expires*
● Get Magic Transit service at no charge until the expiration of your
current contract with Akamai Prolexic, Neustar, Imperva, or
Radware for up to 12 months.
● We will aim to beat the price you are paying your legacy provider,
for the paid period.
● For more information, go to www.cloudflare.com/lp/better-2020
*Terms and conditions apply
Network DDoS Protection You’ll Love. We’ll Prove It.
31. The Internet Was #BuiltForThis
Now more than ever, the Internet is critical — to
share data, to solve challenges, and to stay
connected.
But as it increases in importance, we’re all
confronting greater network demands. We need
the Internet to continue to be secure, fast and
reliable.
This is what Cloudflare does.
Cloudflare is built for this.
31
33. Thank You!
For more information, scan below:
Cloudflare received the
greatest number of
‘High’ ratings in Gartner
Cloudflare’s DDoS
Systems & Recent
DDoS Trends
Impact of COVID-19 on
Global Internet Traffic