SlideShare a Scribd company logo

Service Provider Deployment of DDoS Mitigation

Download as PPTX, PDF
Corero Network Security
Corero Network Security

Distributed denial of service (DDoS) attacks routinely capture mainstream attention, and for years high-bandwidth mitigation fell into the domain of the largest Tier 1 carriers and highly-specialized DDoS mitigation service providers. The evolution of high-bandwidth inline DDoS mitigation solutions has now opened up the opportunity for service providers of all sizes to build out their own mitigation capability, helping to better combat attacks and enable new DDoS mitigation services. This slide deck examines DDoS best practices and new security solutions available for the service provider environment.

Technology
1 of 35
Service Provider Deployment of DDoS Mitigation An IHS Infonetics Webinar #DDoS
© 2015 IHS Today’s Speakers Service Provider Deployment of DDoS Mitigation 2 Dave Larson Chief Operating Officer Corero Network Security Stephen Clark Director, IP Networks Telesystem Allen Tatara Manager, Webinar Events (Moderator) IHS Jeff Wilson Senior Research Director Cybersecurity Technology IHS #DDoS
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS 20 Years of DDoS Attacks 4 First Hacktivist event: Zapatista National Liberation Army Packeting for bragging rights MafiaBoy DDoS: Yahoo!, Amazon, Dell, CNN, Ebay, Etrade Spammers discover botnets Organized crime: Extortion Estonia: Parliament, banks, media, Estonia Reform Party Spamhaus attack: Reported to reach 310 Gbps 1993 20131995 1997 1999 2001 2003 2005 2007 2009 2011 DDoS Timeline Anon hits Church of Scientology Panix.net hit with first major DDoS 2015 Coordinated bank attacks: Attack sized to 170 Gbps, continues today 500 Gbps attack in Hong Kong France swarmed after terror attack PlayStation & Xbox hit at Christmas ProtonMail attack
© 2015 IHS Solution Evolution 5 Primary focus: Tier 1 service providers 2003 2009 2013 2001 2007 2011 2015 Commercial products Cloud scrubbing De-facto standard solution Massive increase in attack volume Massive increase in attack complexity Demand for on-prem New on-prem solutions
© 2015 IHS The Dirty Secret: Tier 2/3 Peering Connections 6 Source: peeringdb.com
© 2015 IHS Long-Term Deployment Strategies 7 ‣ We surveyed 25 tier 1 and 2 operators around the globe ‣ On-prem is a no-brainer for tier 1, and becoming a viable option for tier 2 ‣ Even those who won’t deploy 100% on prem plan hybrid deployments 12% 38% 50% 0% 20% 40% 60% Partner for or purchase a hosted DDoS mitigation service Deploy a hybrid solution, with both DDoS mitigation infrastructure on premise and hosted services Build out our own DDoS mitigation infrastructure in our data centers Percent of Service Provider Respondents IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015
© 2015 IHS Mitigation Capacity 8 ‣ Same 25 operators ‣ 77% expect to have only 50G of on-premise mitigation (or less) IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 8% 15% 38% 27% 12% 62% 27% 12% 0% 0% 0% 20% 40% 60% 80% >100G 100G 50G 10G 1G Percent of Service Provider Respondents Hosted On-premises
© 2015 IHS Providers Planning Investments Today 9 ‣ DDoS mitigation is a top investment priority today ‣ Would make capital investments in on-premise DDoS mitigation if the economics work IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 4% 4% 4% 4% 4% 4% 8% 23% 27% 46% 50% 0% 20% 40% 60% Don’t know Web application firewall UTM Sandboxing/advanced malware protection Intrusion prevention system Integrated network security platform that offers firewall,… Web security gateway Virtual security appliances/ security solutions for… Next gen firewall Firewall DDoS protection system Percent of Service Provider Respondents SecurityPlatforms
© 2015 IHS DDoS Mitigation Generates Revenue 10 ‣ Providers can turn mitigation infrastructure around and re-sell as a service IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 46% 46% 46% 50% 58% 65% 69% 88% 96% 0% 20% 40% 60% 80% 100% Incident response Authentication Vulnerability assessment Sandboxing/advanced threat prevention Secure web gateway Secure remote access E-mail/messaging security Firewall/UTM/NGFW DDoS protection Percent of Respondents Hosted/ManagedSecurityServices IHS Infonetics Cloud and CPE Managed Security Services Market Size & Forecasts; March 2015 $0 $500 $1,000 $1,500 CY13 CY14 CY15 CY16 CY17 CY18 CY19 Revenue(US$Millions) DDoS Mitigation Revenue
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS Unprotected Customer Attack Traffic Non-Attack Traffic DDoS Detection (NetFlow Collector/Analyzer) Null Route on Destination IP Native Traffic Path All traffic discarded DDoS Defense 1.0 - Null Route 12
© 2015 IHS Partially Protected Customers DDoS Detection (NetFlow Collector/Analyzer) Non-Attack Traffic Diverted Traffic Path New Route via BGP GRE Tunnel to Customer Native Traffic Path Industry Leader’s Scrubbing Approach DDoS Defense 2.0 - Scrubbing Legacy 13 Attack Traffic Non-Attack Traffic
© 2015 IHS Attack Traffic Non-Attack Traffic Non-Attack Traffic DDoS Traffic Blocked Inline Completely Protected Customers DDoS Defense 3.0 - Inline, Always-On Real-time Alerting and Reporting 14 In-line Appliance
© 2015 IHS In-line Appliance In-line Appliance In-line Appliance Always-On, Service Provider Managed Threat Defense Available as a Shared or a Dedicated Threat Defense Service Protected Resource Single Customer 10G 10G DEDICATED 10G THREAT DEFENSE DEDICATED MULTIPLE 10G THREAT DEFENSE 10G Protected Resource Single Customer 10G 10G 10G Protected Resource Customer 1 40G 10M SHARED <10G THREAT DEFENSE Protected Resource Customer 2 1G Protected Resource Customer N 100M 10G 10G Internet 15 In-line Appliance
© 2015 IHS Example Peering/Transit Point Deployment SP Upstream Provider A In-Line Appliances Deployed on 10G Peering/Transit Connections Upstream Provider B Service Provider Network 16 In-line Appliance In-line Appliance In-line Appliance In-line Appliance
© 2015 IHS Attack Traffic Non-Attack Traffic Alerting and Reporting Non-Attack Traffic DDoS Traffic Blocked at Subscriber Edge Completely Protected ISP, Hosting, and Enterprise Customers Example Subscriber Edge Deployment 17 In-line Appliance
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS Block Communications Overview ‣ Communication, Internet, and Computing Solutions Provider ‣ Block Communications Commercial Telecommunications divisions, Telesystem (www.telesystem.us) and Line Systems (LSI) (www.linesystems.com) offer voice, internet, and cloud computing solutions to thousands of commercial customers extending from the east coast throughout the Midwest 19
© 2015 IHS Block’s DDoS Mitigation Deployment ‣ Number/size of links protected • TSM – eight (8) 10Gig links being mitigated • LSI – three (3) 10Gigs links being mitigated; two (2) 1Gig links being mitigated • MaxxSouth – Four (4) 10Gig links; expect to be in mitigation mode by end of month ‣ In-line deployment automatic DDoS mitigation on each of the vital interconnects ‣ Eliminate DDoS attack traffic at the peering edge 20
© 2015 IHS Relief with In-Line Mitigation ‣ Post deployment success. DDoS is handled automatically, and good user traffic flows as intended. 21 Week start date Traffic blocked (GB) 9/27/2015 7935.42 10/4/2015 5442.49 10/11/2015 4515.76 10/18/2015 2040.66 10/25/2015 5280.27 11/1/2015 6018.34 11/8/2015 4506.04 11/15/2015 3903.47 11/22/2015 5833.86 11/29/2015 4941.37 12/6/2015 2457.96 12/13/2015 5262.04 12/20/2015 25005.61 12/27/2015 8610.96 25 terabytes of DDoS attack traffic automatically removed! No human intervention Near saturation attack event on 12/22
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS 23 What was your previous DDoS mitigation strategy?
© 2015 IHS 24 What drove the decision to look at new solutions?
© 2015 IHS How did you become comfortable with going to in-line mitigation? 25
© 2015 IHS 26 What other capabilities are you looking to deploy with this new solution?
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS Corero SmartWall Network Threat Defense ADVANCED DDOS & CYBER THREAT DEFENSE TECHNOLOGY BUILT ON NEXT GENERATION ARCHITECTURE COMPREHENSIVE ATTACK VISIBILITY & NETWORK FORENSICS SmartWall® Threat Defense System (TDS)  Service/hosting providers  On-premises or cloud deployments  Protection in modular increments of 10 Gbps  In-line or scrubbing topologies 28 1/10/20 Gbps 80 Gbps 320 Gbps
© 2015 IHS Corero Cost Savings Opportunity ‣ From a scrubbing center perspective* - 85% rackspace advantage - 75% power advantage - 4x packet-per-second performance - >85% OPEX savings - >50% CAPEX savings * Per gigabit of scrubbing center capacity 29
© 2015 IHS DDoS as-a-Service ROI Advantage 30 Types of Customers # of Current Customers Average Monthly Charge Current Monthly Revenue Penetration Rate # of DDoS service Customers % Upcharge New Price For Service New Revenue stream 10Gbps 100 $5,000 $500,000 50% 50 3% $5,150 $7,500 1Gbps 200 $3,000 $600,000 25% 50 4% $3,120 $6,000 100Mbps 500 $500 $250,000 20% 100 8% $540 $4,000 50 Mbps 100 $100 $100,000 10% 100 10% $110 $1,000 Additional monthly DDoS as-a-service revenue - $18,500 Additional annual DDoS as-a-service revenue - $222,000
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS 32 DDoS mitigation is everyone’s problem The solutions for in-line mitigation have changed There is opportunity today to save operational and bandwidth cost, and generate new revenue
© 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
© 2015 IHS Audience Q&A Service Provider Deployment of DDoS Mitigation 34 Dave Larson Chief Operating Officer dave.larson@corero.com Corero Network Security Stephen Clark Director, IP Networks seclark@telesystem.us Telesystem Allen Tatara Manager, Webinar Events (Moderator) Allen.Tatara@ihs.com IHS Jeff Wilson Senior Research Director Cybersecurity Technology Jeff.Wilson@ihs.com IHS #DDoS
Thank You This webcast will be available on-demand for 90 days. For additional IHS Infonetics events, visit: https://www.infonetics.com/infonetics-events/ Follow us on Twitter at @infonetics and @infoneticsevent #DDoS

Recommended

DDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersDDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersCorero Network Security
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistMyNOG
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoMyNOG
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 

Recommended

DDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersDDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersCorero Network Security
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistMyNOG
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoMyNOG
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolInfoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolJisc
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsCloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
SonicWall
SonicWallSonicWall
SonicWallNEOTD Tech Events .
 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Canada
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 SolutionsMarketingArrowECS_CZ
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFDominik Suter
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 

More Related Content

What's hot

Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolInfoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolJisc
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsCloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Canada
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 

What's hot (20)

Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolInfoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security tool
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of Things
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teams
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
SonicWall
SonicWallSonicWall
SonicWall
 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF Provider
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware appliance
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPs
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 Solutions
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWARE
 

Similar to Service Provider Deployment of DDoS Mitigation

The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFDominik Suter
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfTuPhan66
 
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...Ben Stricker
 
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the SmokeA Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the SmokeNeustar, Inc.
 
Stopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaStopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaCloudflare
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureProlifics
 
Cisco Powered Presentation - For Customers
Cisco Powered Presentation - For CustomersCisco Powered Presentation - For Customers
Cisco Powered Presentation - For CustomersCisco Powered
 
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...A10 Networks
 
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPROIDEA
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyNexusguard
 
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...eFolder
 
Cyber Priority - Judson Walker
Cyber Priority - Judson WalkerCyber Priority - Judson Walker
Cyber Priority - Judson Walkerscoopnewsgroup
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseNETSCOUT
 

Similar to Service Provider Deployment of DDoS Mitigation (20)

The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDF
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdf
 
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...
A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruption with Expanded ...
 
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the SmokeA Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke
A Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke
 
Stopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaStopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South Africa
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern Architecture
 
Cisco Powered Presentation - For Customers
Cisco Powered Presentation - For CustomersCisco Powered Presentation - For Customers
Cisco Powered Presentation - For Customers
 
Analytics, Automation and Standardization
Analytics, Automation and StandardizationAnalytics, Automation and Standardization
Analytics, Automation and Standardization
 
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...
A10 slide deck: A10 Networks Brings Brawn to Stop Multi-Vector DDoS Disruptio...
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...
eFolder Partner Chat Webinar – "How We Minimized Risk": An eFolder and OpenDN...
 
Cyber Priority - Judson Walker
Cyber Priority - Judson WalkerCyber Priority - Judson Walker
Cyber Priority - Judson Walker
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
 

Recently uploaded

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 

Recently uploaded (20)

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 

Service Provider Deployment of DDoS Mitigation

  • 1. Service Provider Deployment of DDoS Mitigation An IHS Infonetics Webinar #DDoS
  • 2. © 2015 IHS Today’s Speakers Service Provider Deployment of DDoS Mitigation 2 Dave Larson Chief Operating Officer Corero Network Security Stephen Clark Director, IP Networks Telesystem Allen Tatara Manager, Webinar Events (Moderator) IHS Jeff Wilson Senior Research Director Cybersecurity Technology IHS #DDoS
  • 3. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 4. © 2015 IHS 20 Years of DDoS Attacks 4 First Hacktivist event: Zapatista National Liberation Army Packeting for bragging rights MafiaBoy DDoS: Yahoo!, Amazon, Dell, CNN, Ebay, Etrade Spammers discover botnets Organized crime: Extortion Estonia: Parliament, banks, media, Estonia Reform Party Spamhaus attack: Reported to reach 310 Gbps 1993 20131995 1997 1999 2001 2003 2005 2007 2009 2011 DDoS Timeline Anon hits Church of Scientology Panix.net hit with first major DDoS 2015 Coordinated bank attacks: Attack sized to 170 Gbps, continues today 500 Gbps attack in Hong Kong France swarmed after terror attack PlayStation & Xbox hit at Christmas ProtonMail attack
  • 5. © 2015 IHS Solution Evolution 5 Primary focus: Tier 1 service providers 2003 2009 2013 2001 2007 2011 2015 Commercial products Cloud scrubbing De-facto standard solution Massive increase in attack volume Massive increase in attack complexity Demand for on-prem New on-prem solutions
  • 6. © 2015 IHS The Dirty Secret: Tier 2/3 Peering Connections 6 Source: peeringdb.com
  • 7. © 2015 IHS Long-Term Deployment Strategies 7 ‣ We surveyed 25 tier 1 and 2 operators around the globe ‣ On-prem is a no-brainer for tier 1, and becoming a viable option for tier 2 ‣ Even those who won’t deploy 100% on prem plan hybrid deployments 12% 38% 50% 0% 20% 40% 60% Partner for or purchase a hosted DDoS mitigation service Deploy a hybrid solution, with both DDoS mitigation infrastructure on premise and hosted services Build out our own DDoS mitigation infrastructure in our data centers Percent of Service Provider Respondents IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015
  • 8. © 2015 IHS Mitigation Capacity 8 ‣ Same 25 operators ‣ 77% expect to have only 50G of on-premise mitigation (or less) IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 8% 15% 38% 27% 12% 62% 27% 12% 0% 0% 0% 20% 40% 60% 80% >100G 100G 50G 10G 1G Percent of Service Provider Respondents Hosted On-premises
  • 9. © 2015 IHS Providers Planning Investments Today 9 ‣ DDoS mitigation is a top investment priority today ‣ Would make capital investments in on-premise DDoS mitigation if the economics work IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 4% 4% 4% 4% 4% 4% 8% 23% 27% 46% 50% 0% 20% 40% 60% Don’t know Web application firewall UTM Sandboxing/advanced malware protection Intrusion prevention system Integrated network security platform that offers firewall,… Web security gateway Virtual security appliances/ security solutions for… Next gen firewall Firewall DDoS protection system Percent of Service Provider Respondents SecurityPlatforms
  • 10. © 2015 IHS DDoS Mitigation Generates Revenue 10 ‣ Providers can turn mitigation infrastructure around and re-sell as a service IHS Infonetics Cloud & Data Center Security Strategies & Vendor Leadership: Global Service Provider Survey; December 2015 46% 46% 46% 50% 58% 65% 69% 88% 96% 0% 20% 40% 60% 80% 100% Incident response Authentication Vulnerability assessment Sandboxing/advanced threat prevention Secure web gateway Secure remote access E-mail/messaging security Firewall/UTM/NGFW DDoS protection Percent of Respondents Hosted/ManagedSecurityServices IHS Infonetics Cloud and CPE Managed Security Services Market Size & Forecasts; March 2015 $0 $500 $1,000 $1,500 CY13 CY14 CY15 CY16 CY17 CY18 CY19 Revenue(US$Millions) DDoS Mitigation Revenue
  • 11. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 12. © 2015 IHS Unprotected Customer Attack Traffic Non-Attack Traffic DDoS Detection (NetFlow Collector/Analyzer) Null Route on Destination IP Native Traffic Path All traffic discarded DDoS Defense 1.0 - Null Route 12
  • 13. © 2015 IHS Partially Protected Customers DDoS Detection (NetFlow Collector/Analyzer) Non-Attack Traffic Diverted Traffic Path New Route via BGP GRE Tunnel to Customer Native Traffic Path Industry Leader’s Scrubbing Approach DDoS Defense 2.0 - Scrubbing Legacy 13 Attack Traffic Non-Attack Traffic
  • 14. © 2015 IHS Attack Traffic Non-Attack Traffic Non-Attack Traffic DDoS Traffic Blocked Inline Completely Protected Customers DDoS Defense 3.0 - Inline, Always-On Real-time Alerting and Reporting 14 In-line Appliance
  • 15. © 2015 IHS In-line Appliance In-line Appliance In-line Appliance Always-On, Service Provider Managed Threat Defense Available as a Shared or a Dedicated Threat Defense Service Protected Resource Single Customer 10G 10G DEDICATED 10G THREAT DEFENSE DEDICATED MULTIPLE 10G THREAT DEFENSE 10G Protected Resource Single Customer 10G 10G 10G Protected Resource Customer 1 40G 10M SHARED <10G THREAT DEFENSE Protected Resource Customer 2 1G Protected Resource Customer N 100M 10G 10G Internet 15 In-line Appliance
  • 16. © 2015 IHS Example Peering/Transit Point Deployment SP Upstream Provider A In-Line Appliances Deployed on 10G Peering/Transit Connections Upstream Provider B Service Provider Network 16 In-line Appliance In-line Appliance In-line Appliance In-line Appliance
  • 17. © 2015 IHS Attack Traffic Non-Attack Traffic Alerting and Reporting Non-Attack Traffic DDoS Traffic Blocked at Subscriber Edge Completely Protected ISP, Hosting, and Enterprise Customers Example Subscriber Edge Deployment 17 In-line Appliance
  • 18. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 19. © 2015 IHS Block Communications Overview ‣ Communication, Internet, and Computing Solutions Provider ‣ Block Communications Commercial Telecommunications divisions, Telesystem (www.telesystem.us) and Line Systems (LSI) (www.linesystems.com) offer voice, internet, and cloud computing solutions to thousands of commercial customers extending from the east coast throughout the Midwest 19
  • 20. © 2015 IHS Block’s DDoS Mitigation Deployment ‣ Number/size of links protected • TSM – eight (8) 10Gig links being mitigated • LSI – three (3) 10Gigs links being mitigated; two (2) 1Gig links being mitigated • MaxxSouth – Four (4) 10Gig links; expect to be in mitigation mode by end of month ‣ In-line deployment automatic DDoS mitigation on each of the vital interconnects ‣ Eliminate DDoS attack traffic at the peering edge 20
  • 21. © 2015 IHS Relief with In-Line Mitigation ‣ Post deployment success. DDoS is handled automatically, and good user traffic flows as intended. 21 Week start date Traffic blocked (GB) 9/27/2015 7935.42 10/4/2015 5442.49 10/11/2015 4515.76 10/18/2015 2040.66 10/25/2015 5280.27 11/1/2015 6018.34 11/8/2015 4506.04 11/15/2015 3903.47 11/22/2015 5833.86 11/29/2015 4941.37 12/6/2015 2457.96 12/13/2015 5262.04 12/20/2015 25005.61 12/27/2015 8610.96 25 terabytes of DDoS attack traffic automatically removed! No human intervention Near saturation attack event on 12/22
  • 22. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 23. © 2015 IHS 23 What was your previous DDoS mitigation strategy?
  • 24. © 2015 IHS 24 What drove the decision to look at new solutions?
  • 25. © 2015 IHS How did you become comfortable with going to in-line mitigation? 25
  • 26. © 2015 IHS 26 What other capabilities are you looking to deploy with this new solution?
  • 27. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 28. © 2015 IHS Corero SmartWall Network Threat Defense ADVANCED DDOS & CYBER THREAT DEFENSE TECHNOLOGY BUILT ON NEXT GENERATION ARCHITECTURE COMPREHENSIVE ATTACK VISIBILITY & NETWORK FORENSICS SmartWall® Threat Defense System (TDS)  Service/hosting providers  On-premises or cloud deployments  Protection in modular increments of 10 Gbps  In-line or scrubbing topologies 28 1/10/20 Gbps 80 Gbps 320 Gbps
  • 29. © 2015 IHS Corero Cost Savings Opportunity ‣ From a scrubbing center perspective* - 85% rackspace advantage - 75% power advantage - 4x packet-per-second performance - >85% OPEX savings - >50% CAPEX savings * Per gigabit of scrubbing center capacity 29
  • 30. © 2015 IHS DDoS as-a-Service ROI Advantage 30 Types of Customers # of Current Customers Average Monthly Charge Current Monthly Revenue Penetration Rate # of DDoS service Customers % Upcharge New Price For Service New Revenue stream 10Gbps 100 $5,000 $500,000 50% 50 3% $5,150 $7,500 1Gbps 200 $3,000 $600,000 25% 50 4% $3,120 $6,000 100Mbps 500 $500 $250,000 20% 100 8% $540 $4,000 50 Mbps 100 $100 $100,000 10% 100 10% $110 $1,000 Additional monthly DDoS as-a-service revenue - $18,500 Additional annual DDoS as-a-service revenue - $222,000
  • 31. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 32. © 2015 IHS 32 DDoS mitigation is everyone’s problem The solutions for in-line mitigation have changed There is opportunity today to save operational and bandwidth cost, and generate new revenue
  • 33. © 2015 IHS 1 5 4 2 3 DDoS Attacks and Service Providers Mitigation Architectures for Providers Block Communications Overview Deployment Discussion Sponsor Approach 6 7 Conclusions Audience Q&A #DDoS
  • 34. © 2015 IHS Audience Q&A Service Provider Deployment of DDoS Mitigation 34 Dave Larson Chief Operating Officer dave.larson@corero.com Corero Network Security Stephen Clark Director, IP Networks seclark@telesystem.us Telesystem Allen Tatara Manager, Webinar Events (Moderator) Allen.Tatara@ihs.com IHS Jeff Wilson Senior Research Director Cybersecurity Technology Jeff.Wilson@ihs.com IHS #DDoS
  • 35. Thank You This webcast will be available on-demand for 90 days. For additional IHS Infonetics events, visit: https://www.infonetics.com/infonetics-events/ Follow us on Twitter at @infonetics and @infoneticsevent #DDoS

Editor's Notes

  1. 1: attackers have evolved 2: targets have evolved-now everyone is a target 3: mitigation solutions had to evolve UPDATE WITH EVENTS FROM CORERO Cloudflare-after initial attacks were mitigated by cloudflare, attackers went after their bandwidth providers (mostly tier 2 providers, who then foisted the problem onto the tier one providers they buy bandwidth from) Rutgeurs university Thai government 150G capable linux botnet Botnet made up of CCTV camers It never ends, attackers don’t discriminate…any company, any place, for any reason
  2. 20 years of attacks, but less than 15 years of commercial mitigation solutions…the first solutions came after the wave of public attacks that hit major brands in 1999/2000 The obvious assumption was to build something for tier 1 providers, as the traffic eventually rolled up to their networks, and they had the expertise and manpower to manage. Mitigation was very manual, and focused on volumetric attacks
  3. Will the Tier 1 providers help tier 2/3 when it really comes down to it? 25K public facility presences, and 15K private presences represents thousands of tier 2 providers: regional telecom providers, hosting shops, small cloud providers, etc. With so much consolidation of data into larger and larger data centers (even for tier 2/3 providers), they have become easier to target, but also have an opportunity to consolidate protection and not rely on upstream providers to fix the problem (on their timeline).
  4. http://techcrunch.com/2015/03/30/github-continues-to-face-evolving-ddos-attack/
  5. TSM – eight (8), 10Gig links being mitigated LSI – three (3), 10Gigs links being mitigated; Two (2) 1Gig links being mitigated MaxxSouth – Four (4), 10Gig links; expect to be in mitigation mode by end of month
  6. Firewall & manual intervention. Identification of attack vectors was difficult and mitigated, when applicable, via targeted null routing.
  7. Attacks that were targeting ranges as opposed to single addresses were virtually impossible to mitigate. Frequency and scale of attacks increasing. Customer impact escalated form individuals to entire sections of the network mostly due to increased scale.
  8. Attacks that were targeting ranges as opposed to single addresses were virtually impossible to mitigate. Frequency and scale of attacks increasing. Customer impact escalated form individuals to entire sections of the network mostly due to increased scale.
  9. Prevents attack traffic from entering the network which eliminates the concern with saturating a link and choking sections of the network. Provides real time monitoring and mitigation as oppose to noticing the attack and reacting after the customer experience is impacted. Provides reporting, alarming, and regular updates of attack vectors and impact – Proof of performance Provides active monitoring by Corero team and quick updates as new attacks scenarios occur This is where you can talk about the possibility of providing protection on the upstream link
  10. Present the product line in context of the bandwidth requirements. Dave L to mark up Evolutionary deployment for existing customers Existing DDS deployments can be scaled up without a fork lift upgrade with a SmartWall as an added component