SlideShare a Scribd company logo

Protect Your Assets with Single IP DDoS Protection

Download as PPTX, PDF
Imperva Incapsula
Imperva Incapsula

A secure web server isn’t really secure if the infrastructure supporting it remains vulnerable. Unless you implement infrastructure protection, your non-HTTP assets are vulnerable and you may not be as protected as you think you are. You may be like others who need to get better DDoS protection but haven’t been able to or had to settle for an imperfect solution because of deployment limitations such as protocol dependencies and BGP restrictions. Incapsula IP Protection has now overcome these barriers — and we are the only service that can do it. At this webinar our product experts will discuss how Incapsula customers are adopting IP Protection and bringing their DDoS protection to the next level. We’ll also have a discussion with Imperva CISO Shahar Ben-Hador who will share insights on how we use IP Protection and real-world lessons learned. You need to protect more than just your web servers from DDoS attacks. We’ll address these questions: Why do you need to protect more than just your web servers? What were the limitations others ran into when they tried to do it? How did Incapsula help them overcome the limitations? ...and much more!

Technology
1 of 26
© 2015 Imperva, Inc. All rights reserved. Protect Your Assets with Single IP DDoS Protection Shahar Ben-Hador CISO Dvir Shapira Director, Product Management @imperva@Incapsula_com
© 2015 Imperva, Inc. All rights reserved. Agenda • DDoS threat trends • Current solutions • IP Protection overview • How Imperva is using IP Protection • Lessons learned Confidential2
© 2015 Imperva, Inc. All rights reserved. Speaker Bio for Dvir Shapira • Background – BSc in physics (no idea why I did it…) and EE – Saw the bubble burst around me as a part-time startup employee back at 2001 – Held various roles at Applied Materials, CheckPoint, Incapsula and a few startups. • Director of product management • Email: dvir@incapsula.com 3
© 2015 Imperva, Inc. All rights reserved. Speaker Bio for Shahar Ben-Hador • Background – BSc in Math and Computer Science – More than 7 years with Imperva – Held various roles at Imperva around Infrastructure and Security • CISO • Email: shaharb@imperva.com 4
© 2015 Imperva, Inc. All rights reserved. DDoS Protection Today 1
© 2015 Imperva, Inc. All rights reserved. Confidential6
© 2015 Imperva, Inc. All rights reserved. Confidential7 DDoS Propelling the Rise of Cyber Extortion “Any organization can be hit by a DDoS attack” – Swiss Governmental Computer Emergency Response Team • Armada Collective, DD4BC, others continue threatening attacks for Ransom • Even governments are alerting organizations of the growing threat • The need for comprehensive, upstream mitigation is urgent
© 2015 Imperva, Inc. All rights reserved. You may not be protected even if you have anti-DDoS • Non-HTTP assets are still vulnerable • An attack on an exposed server can bring down your entire infrastructure • Protected HTTP servers can still suffer direct-to-origin attacks • Public cloud servers can be vulnerable Confidential8
© 2015 Imperva, Inc. All rights reserved. What are the alternatives? • Use a different set of IPs Confidential9 DDoS Legit Traffic • On demand BGP • TCP/UDP proxy • Single IP protection
© 2015 Imperva, Inc. All rights reserved. IP Protection Confidential10 DDoSLegit Traffic Incapsula Network GRE Tunnel Incapsula IP Address 1.2.3.4 Customer Infrastructure • Provides complete Infrastructure DDoS protection for single IP addresses • Deploys as an always-on service for immediate detection and mitigation of DDoS attacks • Enables origin protection for DNS redirection based services (e.g. CDNs)
© 2015 Imperva, Inc. All rights reserved. Common Use Cases 2
Customer Story (1/3) Confidential12 We have constant DDoS attacks on three IPs in which we use proprietary protocols. Looked at four different vendors, none of them were able to provide a decent protection. Diego T | CTO, Online Poker site No C-Class ranges, using proprietary protocol
BGP on-demand customer, requires always on Customer Story (2/3) Confidential13 We use on-demand BGP, but for one specific server we want to deploy an always on solution. John O | IT Director, video conferencing platform
Customer Story (3/3) Confidential14 DDoS attacks on a few customers can affect the entire ISP operation. We need to identify the few targets and protect them, to keep our whole network from being burdened by attack. Tim W | Ops Manager, ISP ISPs need to protect Specific IPs that are vulnerable
© 2015 Imperva, Inc. All rights reserved. How it Works 3
Confidential16 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Traffic is routed directly to the server
Confidential17 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Incapsula establishes a GRE tunnel between its CDN and the origin server
Confidential18 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Incapsula assigns a unique IP to the customer 2.2.2.2
Confidential19 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server Customer changes the DNS record to point to the Incapsula allocated IP 2.2.2.2
Confidential20 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server All traffic is routed through the Incapsula global network Only clean traffic is passed to origin 2.2.2.2
© 2015 Imperva, Inc. All rights reserved. Safeguarding our Own House 4
© 2015 Imperva, Inc. All rights reserved. Proof in the Pudding • All IP ranges need to be protected • Non-HTTP entry points usually weak links (e.g. VPN tunnels with customers, client server applications) • We’re implementing on-demand Infrastructure Protection with IP Protection for all non-HTTP apps • This approach provides full coverage for all assets Confidential22
© 2015 Imperva, Inc. All rights reserved. Imperva Architecture Confidential23 Cloud Based DDOS and WAF Protection (Incapsula) Redundant Enterprise Database Firewalls Redundant Enterprise Web Application Firewalls Database Servers Network Application Servers Network Web Servers Network Redundant ISP Connections Redundant Enterprise Edge Routers Redundant Enterprise Firewalls,IPS,AV Website Protection Infrastructure Protection
© 2015 Imperva, Inc. All rights reserved.24 Questions?
© 2015 Imperva, Inc. All rights reserved. Lessons Learned • Organizations face growing risk of DDoS attacks for ransom • Existing mitigation solutions may still have vulnerabilities that leave organizations exposed • Always-on IP-level DDoS protection is the only way to completely secure your network infrastructure Confidential25
Protect Your Assets with Single IP DDoS Protection

Recommended

DNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionDNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionImperva Incapsula
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...Imperva Incapsula
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceImperva Incapsula
 
Migrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowMigrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowImperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 
Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Imperva Incapsula
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityImperva Incapsula
 

Recommended

DNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionDNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionImperva Incapsula
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...Imperva Incapsula
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceImperva Incapsula
 
Migrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowMigrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowImperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 
Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Imperva Incapsula
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityImperva Incapsula
 
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnImperva Incapsula
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Cloudflare
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 
Latest Trends in Web Application Security
Latest Trends in Web Application SecurityLatest Trends in Web Application Security
Latest Trends in Web Application SecurityCloudflare
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes
 
Gwava gwava6
Gwava gwava6Gwava gwava6
Gwava gwava6GWAVA
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosCaitlin Magat
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesCloudflare
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessCloudflare
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
Shanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPassShanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPassAruba, a Hewlett Packard Enterprise company
 
How CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application PerformanceHow CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application PerformanceCloudflare
 
Enterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesEnterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesThousandEyes
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkNetpluz Asia Pte Ltd
 
ThousandEyes at Zendesk
ThousandEyes at ZendeskThousandEyes at Zendesk
ThousandEyes at ZendeskThousandEyes
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereThousandEyes
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...APNIC
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes
 
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyRemote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyAruba, a Hewlett Packard Enterprise company
 
VoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingVoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingThousandEyes
 

More Related Content

What's hot

D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnImperva Incapsula
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Cloudflare
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 
Latest Trends in Web Application Security
Latest Trends in Web Application SecurityLatest Trends in Web Application Security
Latest Trends in Web Application SecurityCloudflare
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes
 
Gwava gwava6
Gwava gwava6Gwava gwava6
Gwava gwava6GWAVA
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosCaitlin Magat
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesCloudflare
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessCloudflare
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
How CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application PerformanceHow CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application PerformanceCloudflare
 
Enterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesEnterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesThousandEyes
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkNetpluz Asia Pte Ltd
 
ThousandEyes at Zendesk
ThousandEyes at ZendeskThousandEyes at Zendesk
ThousandEyes at ZendeskThousandEyes
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereThousandEyes
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...APNIC
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes
 

What's hot (20)

D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
 
Latest Trends in Web Application Security
Latest Trends in Web Application SecurityLatest Trends in Web Application Security
Latest Trends in Web Application Security
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
 
Gwava gwava6
Gwava gwava6Gwava gwava6
Gwava gwava6
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS Attack
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and Demos
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product Launches
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare Access
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart Routing
 
Shanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPassShanghai Breakout: Access Management with Aruba ClearPass
Shanghai Breakout: Access Management with Aruba ClearPass
 
How CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application PerformanceHow CDNs Can improve Mobile Application Performance
How CDNs Can improve Mobile Application Performance
 
Enterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesEnterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best Practices
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
 
ThousandEyes at Zendesk
ThousandEyes at ZendeskThousandEyes at Zendesk
ThousandEyes at Zendesk
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer Games
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 - Technical Key...
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes Connect
 

Similar to Protect Your Assets with Single IP DDoS Protection

VoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingVoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingThousandEyes
 
The Anatomy of DDoS Attacks
The Anatomy of DDoS AttacksThe Anatomy of DDoS Attacks
The Anatomy of DDoS AttacksAcquia
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeDDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeMyNOG
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatImperva
 
Final sip is so much more! webinar
Final sip is so much more! webinarFinal sip is so much more! webinar
Final sip is so much more! webinarIntelePeer
 
Making SIP Migration Easy
Making SIP Migration EasyMaking SIP Migration Easy
Making SIP Migration EasyIntelePeer
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...APNIC
 
Which IP address should be used to implement IoT/M2M services?
Which IP address should be used to implement IoT/M2M services?Which IP address should be used to implement IoT/M2M services?
Which IP address should be used to implement IoT/M2M services?APNIC
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsImperva
 
Deploying mobile unified communications and collaboration (UCC) with Microsof...
Deploying mobile unified communications and collaboration (UCC) with Microsof...Deploying mobile unified communications and collaboration (UCC) with Microsof...
Deploying mobile unified communications and collaboration (UCC) with Microsof...Aruba, a Hewlett Packard Enterprise company
 
Sydney UC - February 2015
Sydney UC - February 2015Sydney UC - February 2015
Sydney UC - February 2015justimorris
 
ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014Marcello Marchesini
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
Server-side WebRTC Infrastructure
Server-side WebRTC InfrastructureServer-side WebRTC Infrastructure
Server-side WebRTC InfrastructureDialogic Inc.
 
ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2Nguyen Binh
 

Similar to Protect Your Assets with Single IP DDoS Protection (20)

Remote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyRemote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf Italy
 
VoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingVoIP Monitoring and Troubleshooting
VoIP Monitoring and Troubleshooting
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon green
 
The Anatomy of DDoS Attacks
The Anatomy of DDoS AttacksThe Anatomy of DDoS Attacks
The Anatomy of DDoS Attacks
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeDDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL Lee
 
2012 ah vegas remote networking fundamentals
2012 ah vegas remote networking fundamentals2012 ah vegas remote networking fundamentals
2012 ah vegas remote networking fundamentals
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent Threat
 
Final sip is so much more! webinar
Final sip is so much more! webinarFinal sip is so much more! webinar
Final sip is so much more! webinar
 
Making SIP Migration Easy
Making SIP Migration EasyMaking SIP Migration Easy
Making SIP Migration Easy
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
 
Which IP address should be used to implement IoT/M2M services?
Which IP address should be used to implement IoT/M2M services?Which IP address should be used to implement IoT/M2M services?
Which IP address should be used to implement IoT/M2M services?
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower Costs
 
Deploying mobile unified communications and collaboration (UCC) with Microsof...
Deploying mobile unified communications and collaboration (UCC) with Microsof...Deploying mobile unified communications and collaboration (UCC) with Microsof...
Deploying mobile unified communications and collaboration (UCC) with Microsof...
 
Sydney UC - February 2015
Sydney UC - February 2015Sydney UC - February 2015
Sydney UC - February 2015
 
ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
Server-side WebRTC Infrastructure
Server-side WebRTC InfrastructureServer-side WebRTC Infrastructure
Server-side WebRTC Infrastructure
 
ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2
 

More from Imperva Incapsula

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?Imperva Incapsula
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...Imperva Incapsula
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesImperva Incapsula
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserImperva Incapsula
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationImperva Incapsula
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudImperva Incapsula
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityImperva Incapsula
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlImperva Incapsula
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesImperva Incapsula
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...Imperva Incapsula
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceImperva Incapsula
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedImperva Incapsula
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveImperva Incapsula
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteImperva Incapsula
 
Understanding Web Bots and How They Hurt Your Business
Understanding Web Bots and How They Hurt Your BusinessUnderstanding Web Bots and How They Hurt Your Business
Understanding Web Bots and How They Hurt Your BusinessImperva Incapsula
 
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...Imperva Incapsula
 
Load Balancing from the Cloud - Layer 7 Aware Solution
Load Balancing from the Cloud - Layer 7 Aware SolutionLoad Balancing from the Cloud - Layer 7 Aware Solution
Load Balancing from the Cloud - Layer 7 Aware SolutionImperva Incapsula
 
Humans Are Now A Minority On The Internet
Humans Are Now A Minority On The InternetHumans Are Now A Minority On The Internet
Humans Are Now A Minority On The InternetImperva Incapsula
 

More from Imperva Incapsula (20)

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?
 
D3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeD3TLV17- Keeping it Safe
D3TLV17- Keeping it Safe
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation Techniques
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the Browser
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
 
D3LDN17 - Keynote
D3LDN17 - KeynoteD3LDN17 - Keynote
D3LDN17 - Keynote
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the Cloud
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize Security
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access Control
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery Rules
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients Performance
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
 
Understanding Web Bots and How They Hurt Your Business
Understanding Web Bots and How They Hurt Your BusinessUnderstanding Web Bots and How They Hurt Your Business
Understanding Web Bots and How They Hurt Your Business
 
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
 
Load Balancing from the Cloud - Layer 7 Aware Solution
Load Balancing from the Cloud - Layer 7 Aware SolutionLoad Balancing from the Cloud - Layer 7 Aware Solution
Load Balancing from the Cloud - Layer 7 Aware Solution
 
Humans Are Now A Minority On The Internet
Humans Are Now A Minority On The InternetHumans Are Now A Minority On The Internet
Humans Are Now A Minority On The Internet
 

Recently uploaded

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

Protect Your Assets with Single IP DDoS Protection

  • 1. © 2015 Imperva, Inc. All rights reserved. Protect Your Assets with Single IP DDoS Protection Shahar Ben-Hador CISO Dvir Shapira Director, Product Management @imperva@Incapsula_com
  • 2. © 2015 Imperva, Inc. All rights reserved. Agenda • DDoS threat trends • Current solutions • IP Protection overview • How Imperva is using IP Protection • Lessons learned Confidential2
  • 3. © 2015 Imperva, Inc. All rights reserved. Speaker Bio for Dvir Shapira • Background – BSc in physics (no idea why I did it…) and EE – Saw the bubble burst around me as a part-time startup employee back at 2001 – Held various roles at Applied Materials, CheckPoint, Incapsula and a few startups. • Director of product management • Email: dvir@incapsula.com 3
  • 4. © 2015 Imperva, Inc. All rights reserved. Speaker Bio for Shahar Ben-Hador • Background – BSc in Math and Computer Science – More than 7 years with Imperva – Held various roles at Imperva around Infrastructure and Security • CISO • Email: shaharb@imperva.com 4
  • 5. © 2015 Imperva, Inc. All rights reserved. DDoS Protection Today 1
  • 6. © 2015 Imperva, Inc. All rights reserved. Confidential6
  • 7. © 2015 Imperva, Inc. All rights reserved. Confidential7 DDoS Propelling the Rise of Cyber Extortion “Any organization can be hit by a DDoS attack” – Swiss Governmental Computer Emergency Response Team • Armada Collective, DD4BC, others continue threatening attacks for Ransom • Even governments are alerting organizations of the growing threat • The need for comprehensive, upstream mitigation is urgent
  • 8. © 2015 Imperva, Inc. All rights reserved. You may not be protected even if you have anti-DDoS • Non-HTTP assets are still vulnerable • An attack on an exposed server can bring down your entire infrastructure • Protected HTTP servers can still suffer direct-to-origin attacks • Public cloud servers can be vulnerable Confidential8
  • 9. © 2015 Imperva, Inc. All rights reserved. What are the alternatives? • Use a different set of IPs Confidential9 DDoS Legit Traffic • On demand BGP • TCP/UDP proxy • Single IP protection
  • 10. © 2015 Imperva, Inc. All rights reserved. IP Protection Confidential10 DDoSLegit Traffic Incapsula Network GRE Tunnel Incapsula IP Address 1.2.3.4 Customer Infrastructure • Provides complete Infrastructure DDoS protection for single IP addresses • Deploys as an always-on service for immediate detection and mitigation of DDoS attacks • Enables origin protection for DNS redirection based services (e.g. CDNs)
  • 11. © 2015 Imperva, Inc. All rights reserved. Common Use Cases 2
  • 12. Customer Story (1/3) Confidential12 We have constant DDoS attacks on three IPs in which we use proprietary protocols. Looked at four different vendors, none of them were able to provide a decent protection. Diego T | CTO, Online Poker site No C-Class ranges, using proprietary protocol
  • 13. BGP on-demand customer, requires always on Customer Story (2/3) Confidential13 We use on-demand BGP, but for one specific server we want to deploy an always on solution. John O | IT Director, video conferencing platform
  • 14. Customer Story (3/3) Confidential14 DDoS attacks on a few customers can affect the entire ISP operation. We need to identify the few targets and protect them, to keep our whole network from being burdened by attack. Tim W | Ops Manager, ISP ISPs need to protect Specific IPs that are vulnerable
  • 15. © 2015 Imperva, Inc. All rights reserved. How it Works 3
  • 16. Confidential16 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Traffic is routed directly to the server
  • 17. Confidential17 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Incapsula establishes a GRE tunnel between its CDN and the origin server
  • 18. Confidential18 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server 1.1.1.1 Incapsula assigns a unique IP to the customer 2.2.2.2
  • 19. Confidential19 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server Customer changes the DNS record to point to the Incapsula allocated IP 2.2.2.2
  • 20. Confidential20 © 2016 Imperva, Inc. All rights reserved. How it works Customer Origin Server All traffic is routed through the Incapsula global network Only clean traffic is passed to origin 2.2.2.2
  • 21. © 2015 Imperva, Inc. All rights reserved. Safeguarding our Own House 4
  • 22. © 2015 Imperva, Inc. All rights reserved. Proof in the Pudding • All IP ranges need to be protected • Non-HTTP entry points usually weak links (e.g. VPN tunnels with customers, client server applications) • We’re implementing on-demand Infrastructure Protection with IP Protection for all non-HTTP apps • This approach provides full coverage for all assets Confidential22
  • 23. © 2015 Imperva, Inc. All rights reserved. Imperva Architecture Confidential23 Cloud Based DDOS and WAF Protection (Incapsula) Redundant Enterprise Database Firewalls Redundant Enterprise Web Application Firewalls Database Servers Network Application Servers Network Web Servers Network Redundant ISP Connections Redundant Enterprise Edge Routers Redundant Enterprise Firewalls,IPS,AV Website Protection Infrastructure Protection
  • 24. © 2015 Imperva, Inc. All rights reserved.24 Questions?
  • 25. © 2015 Imperva, Inc. All rights reserved. Lessons Learned • Organizations face growing risk of DDoS attacks for ransom • Existing mitigation solutions may still have vulnerabilities that leave organizations exposed • Always-on IP-level DDoS protection is the only way to completely secure your network infrastructure Confidential25

Editor's Notes

  1. Over the past few months, groups like DD4BC, Armada Collective, Vikingdom and others have targeted financial institutions, hosting companies, and many other organizations with increasing frequency and intensity. [CLICK] Just this week, the Swiss government’s cyberdefence agency released this note that Armada Collective sent to several financial institutions [click] This criminals have one goal: to terrorize legitimate businesses that lack the means to defend themselves into paying up ransom [CLICK]
  2. What we’re seeing is that DDoS continues to be the weapon of choice
  3. Incapsula market-leading DDoS protection now available for single IP addresses. The benefits of DDoS protection have only been available to HTTP servers and entire BGP-enabled C-class ranges. Now, Incapsula can immediately stop any size attack on any IP without the need to monitor or configure an entire network. With Incapsula IP Protection, network operations managers that thought they couldn’t afford the hassle or expense of strong DDoS protection now have a solution
  4. Gaming companies Forex streaming New customers who want infrastructure protection for their custom, non-HTTP protocols (e.g. gaming, betting). Up till now the only way to portect custom protocols was to put THE ENTIRE IP range that contained the custom protocol behind a scrubbing solution. While is inconvenient for many reasons, one big downside of this was that many customers SIMPLY don’t have an an entire c-class range of IP addresses. Therefore these organizations had, really, no way to effectively protect their critical assets.
  5. Why always-on vs on-demand mention pros n cons
  6. Protect all your customers
  7. Use a different IP address when setting up the GRE.