SlideShare a Scribd company logo
1 of 15
Download to read offline
Lee Harrigan-GreenTim Boundy
Senior Security Analyst Security Services Delivery Manager
01/11/2016 DDoS Mitigation at Jisc
What to expect
» What we have done in the last year
» Attack details over the last 12 months
» Cyber Security Portal
» Additional new DDoS Mitigation services
» Other professional services
08/11/2017 DDoS Mitigation at Jisc 2
» All Institutions are now protected by the foundation service
› This is included in your Jisc subscription.
» Portal Development
» Secondary hosting Locations
» Development of additional protection services
» Responding to attacks when they occur
This time last year
08/11/2017 DDoS Mitigation at Jisc 3
DDoS attack duration stats
In the last year:
» Median attack duration = 11 Minutes
» Average attack duration = 19.94 Minutes
» Most common attack duration = 7 Minutes
» Longest attack duration = 15 Hours 25 Minutes
4
DDoS attack packet rate stats
In the last year:
» Median attack packet rate = 239.99 Kpps
» Average attack packet rate = 447.16 Kpps
» Most common attack packet rate = 1 Mpps
» Largest attack packet rate = 13.10 Mpps
5
DDoS attack traffic rate stats
In the last year the:
» Median attack traffic rate = 1.40 Gbps
» Average attack traffic rate = 2.74 Gbps
» Most common attack traffic rate = 1.40 Gbps
» Largest attack traffic rate = 46.92 Gbps
6
Portal Objectives
»Enable Organisations to have real time information on
any alerts, attacks and mitigations.
»Give Organisations more perspective on the threat,
frequency and impact of attacks.
»Phase 2 – Host additional cyber security services, above
the DDoS mitigation service.
03/11/2017 Jisc Cyber Security Portal (featuring DDoS) 7
Phase 2 in DDoS Mitigation
We mitigate large attacks that affect your network
connection (but not focused on specific internal services).
Included in the Jisc subscription
Connection Attack Mitigation (Foundation)
We can mitigate focused attacks on specific services
inside your network
Charge per service.
Service Attack Mitigation
01/11/2017
Pre-configured profiles for internal services
Web
servers
Custom
LDAP
DNS
Email
VPN
01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 10
Permanent
Mitigation
Automatic Mitigation (<4mins)
Foundation
Mitigation (<3 hrs)
Cost
DDoS Mitigation- New Services
Service Profiles
Service Profiles
Customised
Pricing strategy
1. Threat intelligence is of great value.
2. We need to understand as many institutions requirements and
services and as possible
3. We can build a valuable resource to protect the network
4. The services need to be affordable to all sizes of organisation
1. Provisional prices are being tested with community members.
Account managers will be available to discuss the products and
options.
2. Service profiles will be created. Community volunteers are invited
to contribute. (tim.boundy@jisc.ac.uk )
Next steps
Professional Services
Penetration Testing - Live service.
A method for evaluating the security of an information system, network or program by simulating the
types of attack that are known to occur in the real world.
Jisc’s in-house service is entirely flexible and carried out by our own experienced, trained and certified
cyber-security experts.
Security Costs X-ray – New service
Analyse the cost of your information security, the scope of which is confined to the IT dept.
Benefits include delivering cost transparency and peer benchmarking, clarity, risk/vulnerability
management & governance.
Professional Services
Cyber Security Assessment – New service
Evaluate the readiness of your institution’s IT infrastructure against attack.
By analyzing quantifiable aspects of your network for known issues, we can provide consistent and
repeatable data which can be used for remediation of security holes.
Cyber Essentials – New service
Since October 2014 any business in receipt of government money for projects or research is required to
have a Cyber Essentials certificate.
We provide advice and support in fulfilling these obligations. This is a new service meeting an important
new need for the sector.
01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 14
Questions?
jisc.ac.uk
Jisc Cyber Security Portal
Tim Boundy
Security Services Delivery Manager
tim.boundy@jisc.ac.uk
01/11/2017 Jisc Cyber Security Portal (featuring DDoS) 15
Lee Harrigan-Green
Senior Security Analyst
lee.harrigan-green@jisc.ac.uk

More Related Content

What's hot

Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]TrustArc
 
The GDPR and What It Means to You
The GDPR and What It Means to YouThe GDPR and What It Means to You
The GDPR and What It Means to YouDelphix
 
Why Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateWhy Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateDelphix
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designblogzilla
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017Veritas Technologies LLC
 
Dcg cba legal ethics and the cloud final 06.20.17
Dcg cba legal ethics and the cloud final 06.20.17Dcg cba legal ethics and the cloud final 06.20.17
Dcg cba legal ethics and the cloud final 06.20.17DENNIS GARCIA ☁
 
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...TrustArc
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Veritas Technologies LLC
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity  Update 10-9-13Southern Risk Council - Cybersecurity  Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Phil Agcaoili
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysDigital Guardian
 
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]TrustArc
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014kevintsmith
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Codemotion
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 

What's hot (20)

Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
 
The GDPR and What It Means to You
The GDPR and What It Means to YouThe GDPR and What It Means to You
The GDPR and What It Means to You
 
Why Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateWhy Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major Update
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider Threats
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
Dcg cba legal ethics and the cloud final 06.20.17
Dcg cba legal ethics and the cloud final 06.20.17Dcg cba legal ethics and the cloud final 06.20.17
Dcg cba legal ethics and the cloud final 06.20.17
 
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White Papaer
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity  Update 10-9-13Southern Risk Council - Cybersecurity  Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
 
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]
72 Hours Notice: Incident Response Management under the GDPR [Webinar Slides]
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 

Similar to DDoS mitigation at Jisc

SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...Ziv Ichilov
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyNexusguard
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFDominik Suter
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingJisc
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
ciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewPriyanka Aash
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаCisco Russia
 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptNiteshRajput1123
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Cisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesCisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesNetworkCollaborators
 
Worldwide Infrastructure Security Report Highlights
Worldwide Infrastructure Security Report HighlightsWorldwide Infrastructure Security Report Highlights
Worldwide Infrastructure Security Report HighlightsAPNIC
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security BrochureJoseph DeFever
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationR. Blake Martin
 
Automating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAutomating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAmazon Web Services
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 

Similar to DDoS mitigation at Jisc (20)

SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDF
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharing
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
 
ciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overview
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнеса
 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.ppt
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
Cisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesCisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response Services
 
Worldwide Infrastructure Security Report Highlights
Worldwide Infrastructure Security Report HighlightsWorldwide Infrastructure Security Report Highlights
Worldwide Infrastructure Security Report Highlights
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015
 
Key Capibilities.pptx
Key Capibilities.pptxKey Capibilities.pptx
Key Capibilities.pptx
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWARE
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_Mitigation
 
Automating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAutomating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS Cloud
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 

More from Jisc

Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 
ExpertsknightOct23.pptx
ExpertsknightOct23.pptxExpertsknightOct23.pptx
ExpertsknightOct23.pptxJisc
 
BeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxBeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxJisc
 

More from Jisc (20)

Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 
ExpertsknightOct23.pptx
ExpertsknightOct23.pptxExpertsknightOct23.pptx
ExpertsknightOct23.pptx
 
BeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxBeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptx
 

Recently uploaded

The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdf
The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdfThe Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdf
The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdfjacklutz2
 
Here are five tips to make house packing quicker and faster.pptx
Here are five tips to make house packing quicker and faster.pptxHere are five tips to make house packing quicker and faster.pptx
Here are five tips to make house packing quicker and faster.pptxnidhimovee
 
International Sustainable and Efficient Irrigation Solutions
International Sustainable and Efficient Irrigation SolutionsInternational Sustainable and Efficient Irrigation Solutions
International Sustainable and Efficient Irrigation SolutionsIrri Design Studio
 
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando Valley
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando ValleyHow Can Dumpster Rental Streamline Yard Waste Management In San Fernando Valley
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando ValleyBG’s Big Box Service
 
How Do Cleaners Prepare Before Commencing Builders Cleaning?
How Do Cleaners Prepare Before Commencing Builders Cleaning?How Do Cleaners Prepare Before Commencing Builders Cleaning?
How Do Cleaners Prepare Before Commencing Builders Cleaning?Renovation Cleaning
 
Touchstone Lofts – Loft conversions specialist
Touchstone Lofts – Loft conversions specialistTouchstone Lofts – Loft conversions specialist
Touchstone Lofts – Loft conversions specialistTouchstone Lofts
 
one of the best by art prints online here
one of the best by art prints online hereone of the best by art prints online here
one of the best by art prints online heretoyism501
 
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdf
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdfONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdf
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdfLeonaNguyenThuyLinh
 
From A To Z Understanding The Full Spectrum Of Employment Background Checks
From A To Z Understanding The Full Spectrum Of Employment Background ChecksFrom A To Z Understanding The Full Spectrum Of Employment Background Checks
From A To Z Understanding The Full Spectrum Of Employment Background Checksaffordablebackgroundchecks
 
Point of View Glazing - Expert Glazing Services
Point of View Glazing - Expert Glazing ServicesPoint of View Glazing - Expert Glazing Services
Point of View Glazing - Expert Glazing ServicesPoint of View Glazing
 
What To Look For in Employee Onboarding Software?
What To Look For in Employee Onboarding Software?What To Look For in Employee Onboarding Software?
What To Look For in Employee Onboarding Software?eZaango HR
 
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITED
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITEDTHIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITED
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITEDAMRITMISHRA46
 
The Expertise of Our Web Development Company
The Expertise of Our Web Development CompanyThe Expertise of Our Web Development Company
The Expertise of Our Web Development CompanyNetqom Solutions
 
Custom Speech Writing Services Online | Writing Sharks
Custom Speech Writing Services Online | Writing SharksCustom Speech Writing Services Online | Writing Sharks
Custom Speech Writing Services Online | Writing SharksWritingSharks
 
interior design company dubai | Sites DXB
interior design company dubai | Sites DXBinterior design company dubai | Sites DXB
interior design company dubai | Sites DXBSitesDXB
 
7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier
7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier
7 Ways To Select Best Corporate Gifts | Corporate Gifts SupplierVerve Corporate Gifts
 
Retirement Planning - Transferring UK Pension to France.pptx
Retirement Planning - Transferring UK Pension to France.pptxRetirement Planning - Transferring UK Pension to France.pptx
Retirement Planning - Transferring UK Pension to France.pptxChaseBuchanan
 

Recently uploaded (19)

The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdf
The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdfThe Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdf
The Power of Quick Commerce Data Monitoring A Comprehensive Guide.pdf
 
Here are five tips to make house packing quicker and faster.pptx
Here are five tips to make house packing quicker and faster.pptxHere are five tips to make house packing quicker and faster.pptx
Here are five tips to make house packing quicker and faster.pptx
 
International Sustainable and Efficient Irrigation Solutions
International Sustainable and Efficient Irrigation SolutionsInternational Sustainable and Efficient Irrigation Solutions
International Sustainable and Efficient Irrigation Solutions
 
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando Valley
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando ValleyHow Can Dumpster Rental Streamline Yard Waste Management In San Fernando Valley
How Can Dumpster Rental Streamline Yard Waste Management In San Fernando Valley
 
How Do Cleaners Prepare Before Commencing Builders Cleaning?
How Do Cleaners Prepare Before Commencing Builders Cleaning?How Do Cleaners Prepare Before Commencing Builders Cleaning?
How Do Cleaners Prepare Before Commencing Builders Cleaning?
 
Touchstone Lofts – Loft conversions specialist
Touchstone Lofts – Loft conversions specialistTouchstone Lofts – Loft conversions specialist
Touchstone Lofts – Loft conversions specialist
 
one of the best by art prints online here
one of the best by art prints online hereone of the best by art prints online here
one of the best by art prints online here
 
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdf
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdfONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdf
ONEUNIVERSE_PORTFOLIO_ENGLISH_202403.pdf
 
From A To Z Understanding The Full Spectrum Of Employment Background Checks
From A To Z Understanding The Full Spectrum Of Employment Background ChecksFrom A To Z Understanding The Full Spectrum Of Employment Background Checks
From A To Z Understanding The Full Spectrum Of Employment Background Checks
 
Point of View Glazing - Expert Glazing Services
Point of View Glazing - Expert Glazing ServicesPoint of View Glazing - Expert Glazing Services
Point of View Glazing - Expert Glazing Services
 
What To Look For in Employee Onboarding Software?
What To Look For in Employee Onboarding Software?What To Look For in Employee Onboarding Software?
What To Look For in Employee Onboarding Software?
 
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITED
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITEDTHIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITED
THIRTEEN ODDS DESIGN DOCKYARD PRIVATE LIMITED
 
The Expertise of Our Web Development Company
The Expertise of Our Web Development CompanyThe Expertise of Our Web Development Company
The Expertise of Our Web Development Company
 
Custom Speech Writing Services Online | Writing Sharks
Custom Speech Writing Services Online | Writing SharksCustom Speech Writing Services Online | Writing Sharks
Custom Speech Writing Services Online | Writing Sharks
 
interior design company dubai | Sites DXB
interior design company dubai | Sites DXBinterior design company dubai | Sites DXB
interior design company dubai | Sites DXB
 
7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier
7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier
7 Ways To Select Best Corporate Gifts | Corporate Gifts Supplier
 
QuickBooks Multi User Mode Not Working Solutions Steps.pdf
QuickBooks Multi User Mode Not Working Solutions Steps.pdfQuickBooks Multi User Mode Not Working Solutions Steps.pdf
QuickBooks Multi User Mode Not Working Solutions Steps.pdf
 
Retirement Planning - Transferring UK Pension to France.pptx
Retirement Planning - Transferring UK Pension to France.pptxRetirement Planning - Transferring UK Pension to France.pptx
Retirement Planning - Transferring UK Pension to France.pptx
 
A Guide to AI-powered Lead Generation Strategies
A Guide to AI-powered Lead Generation StrategiesA Guide to AI-powered Lead Generation Strategies
A Guide to AI-powered Lead Generation Strategies
 

DDoS mitigation at Jisc

  • 1. Lee Harrigan-GreenTim Boundy Senior Security Analyst Security Services Delivery Manager 01/11/2016 DDoS Mitigation at Jisc
  • 2. What to expect » What we have done in the last year » Attack details over the last 12 months » Cyber Security Portal » Additional new DDoS Mitigation services » Other professional services 08/11/2017 DDoS Mitigation at Jisc 2
  • 3. » All Institutions are now protected by the foundation service › This is included in your Jisc subscription. » Portal Development » Secondary hosting Locations » Development of additional protection services » Responding to attacks when they occur This time last year 08/11/2017 DDoS Mitigation at Jisc 3
  • 4. DDoS attack duration stats In the last year: » Median attack duration = 11 Minutes » Average attack duration = 19.94 Minutes » Most common attack duration = 7 Minutes » Longest attack duration = 15 Hours 25 Minutes 4
  • 5. DDoS attack packet rate stats In the last year: » Median attack packet rate = 239.99 Kpps » Average attack packet rate = 447.16 Kpps » Most common attack packet rate = 1 Mpps » Largest attack packet rate = 13.10 Mpps 5
  • 6. DDoS attack traffic rate stats In the last year the: » Median attack traffic rate = 1.40 Gbps » Average attack traffic rate = 2.74 Gbps » Most common attack traffic rate = 1.40 Gbps » Largest attack traffic rate = 46.92 Gbps 6
  • 7. Portal Objectives »Enable Organisations to have real time information on any alerts, attacks and mitigations. »Give Organisations more perspective on the threat, frequency and impact of attacks. »Phase 2 – Host additional cyber security services, above the DDoS mitigation service. 03/11/2017 Jisc Cyber Security Portal (featuring DDoS) 7
  • 8. Phase 2 in DDoS Mitigation We mitigate large attacks that affect your network connection (but not focused on specific internal services). Included in the Jisc subscription Connection Attack Mitigation (Foundation) We can mitigate focused attacks on specific services inside your network Charge per service. Service Attack Mitigation 01/11/2017
  • 9. Pre-configured profiles for internal services Web servers Custom LDAP DNS Email VPN
  • 10. 01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 10 Permanent Mitigation Automatic Mitigation (<4mins) Foundation Mitigation (<3 hrs) Cost DDoS Mitigation- New Services Service Profiles Service Profiles Customised
  • 11. Pricing strategy 1. Threat intelligence is of great value. 2. We need to understand as many institutions requirements and services and as possible 3. We can build a valuable resource to protect the network 4. The services need to be affordable to all sizes of organisation 1. Provisional prices are being tested with community members. Account managers will be available to discuss the products and options. 2. Service profiles will be created. Community volunteers are invited to contribute. (tim.boundy@jisc.ac.uk ) Next steps
  • 12. Professional Services Penetration Testing - Live service. A method for evaluating the security of an information system, network or program by simulating the types of attack that are known to occur in the real world. Jisc’s in-house service is entirely flexible and carried out by our own experienced, trained and certified cyber-security experts. Security Costs X-ray – New service Analyse the cost of your information security, the scope of which is confined to the IT dept. Benefits include delivering cost transparency and peer benchmarking, clarity, risk/vulnerability management & governance.
  • 13. Professional Services Cyber Security Assessment – New service Evaluate the readiness of your institution’s IT infrastructure against attack. By analyzing quantifiable aspects of your network for known issues, we can provide consistent and repeatable data which can be used for remediation of security holes. Cyber Essentials – New service Since October 2014 any business in receipt of government money for projects or research is required to have a Cyber Essentials certificate. We provide advice and support in fulfilling these obligations. This is a new service meeting an important new need for the sector.
  • 14. 01/11/2017 Jisc Cyber Security Update - DDOS Mitigation Service 14 Questions?
  • 15. jisc.ac.uk Jisc Cyber Security Portal Tim Boundy Security Services Delivery Manager tim.boundy@jisc.ac.uk 01/11/2017 Jisc Cyber Security Portal (featuring DDoS) 15 Lee Harrigan-Green Senior Security Analyst lee.harrigan-green@jisc.ac.uk