Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DDoS mitigation at Jisc

by Tim Boundy and Lee Harringan-Green

  • Login to see the comments

  • Be the first to like this

DDoS mitigation at Jisc

  1. 1. Lee Harrigan-GreenTim Boundy Senior Security Analyst Security Services Delivery Manager 01/11/2016 DDoS Mitigation at Jisc
  2. 2. What to expect » What we have done in the last year » Attack details over the last 12 months » Cyber Security Portal » Additional new DDoS Mitigation services » Other professional services 08/11/2017 DDoS Mitigation at Jisc 2
  3. 3. » All Institutions are now protected by the foundation service › This is included in your Jisc subscription. » Portal Development » Secondary hosting Locations » Development of additional protection services » Responding to attacks when they occur This time last year 08/11/2017 DDoS Mitigation at Jisc 3
  4. 4. DDoS attack duration stats In the last year: » Median attack duration = 11 Minutes » Average attack duration = 19.94 Minutes » Most common attack duration = 7 Minutes » Longest attack duration = 15 Hours 25 Minutes 4
  5. 5. DDoS attack packet rate stats In the last year: » Median attack packet rate = 239.99 Kpps » Average attack packet rate = 447.16 Kpps » Most common attack packet rate = 1 Mpps » Largest attack packet rate = 13.10 Mpps 5
  6. 6. DDoS attack traffic rate stats In the last year the: » Median attack traffic rate = 1.40 Gbps » Average attack traffic rate = 2.74 Gbps » Most common attack traffic rate = 1.40 Gbps » Largest attack traffic rate = 46.92 Gbps 6
  7. 7. Portal Objectives »Enable Organisations to have real time information on any alerts, attacks and mitigations. »Give Organisations more perspective on the threat, frequency and impact of attacks. »Phase 2 – Host additional cyber security services, above the DDoS mitigation service. 03/11/2017 Jisc Cyber Security Portal (featuring DDoS) 7
  8. 8. Phase 2 in DDoS Mitigation We mitigate large attacks that affect your network connection (but not focused on specific internal services). Included in the Jisc subscription Connection Attack Mitigation (Foundation) We can mitigate focused attacks on specific services inside your network Charge per service. Service Attack Mitigation 01/11/2017
  9. 9. Pre-configured profiles for internal services Web servers Custom LDAP DNS Email VPN
  10. 10. 01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 10 Permanent Mitigation Automatic Mitigation (<4mins) Foundation Mitigation (<3 hrs) Cost DDoS Mitigation- New Services Service Profiles Service Profiles Customised
  11. 11. Pricing strategy 1. Threat intelligence is of great value. 2. We need to understand as many institutions requirements and services and as possible 3. We can build a valuable resource to protect the network 4. The services need to be affordable to all sizes of organisation 1. Provisional prices are being tested with community members. Account managers will be available to discuss the products and options. 2. Service profiles will be created. Community volunteers are invited to contribute. ( ) Next steps
  12. 12. Professional Services Penetration Testing - Live service. A method for evaluating the security of an information system, network or program by simulating the types of attack that are known to occur in the real world. Jisc’s in-house service is entirely flexible and carried out by our own experienced, trained and certified cyber-security experts. Security Costs X-ray – New service Analyse the cost of your information security, the scope of which is confined to the IT dept. Benefits include delivering cost transparency and peer benchmarking, clarity, risk/vulnerability management & governance.
  13. 13. Professional Services Cyber Security Assessment – New service Evaluate the readiness of your institution’s IT infrastructure against attack. By analyzing quantifiable aspects of your network for known issues, we can provide consistent and repeatable data which can be used for remediation of security holes. Cyber Essentials – New service Since October 2014 any business in receipt of government money for projects or research is required to have a Cyber Essentials certificate. We provide advice and support in fulfilling these obligations. This is a new service meeting an important new need for the sector.
  14. 14. 01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 14 Questions?
  15. 15. Jisc Cyber Security Portal Tim Boundy Security Services Delivery Manager 01/11/2017 Jisc Cyber Security Portal (featuring DDoS) 15 Lee Harrigan-Green Senior Security Analyst