View
395
Download
0
Category
Preview:
Citation preview
MITIGATING DDOS ATTACKS
• This webinar is being recorded and an on-demand version will be available at the same URL at the conclusion of the webinar
• Please submit questions via the button on the upper left of the viewer• If we don’t get to your question during the
webinar, we will follow up with you via email• Download related resources via the
“Attachments” button above the viewing panel• On Twitter? Join the conversation: #DDoS,
@HOSTINGdotcom, @Exceda, @shrepfur
2
HOUSEKEEPING
3
#1. #2. #3?
Dev v. Prod(Un)Manag
ed
4
How Deep…Are You Protected?
For Free, I will say you are at risk!
5
(DIA) LEX-CEDA
6
Buyers On Same Team
7
OUR LOGOS EVEN MATCH
VEGAS.HOSTING.COM
HIGH PERFORMANCE SECURITY:MITIGATING DDOS ATTACKS
WITHOUT LOSING YOUR EDGE
John Cully, U.S. Marketing
DDoS Webinar 1/14/16 10
WHAT WE’LL COVER TODAY
• Some history/context
• Current observations & scary numbers
• Visible & invisible costs
• Protection strategies
• 2016 threat outlook
• Q&A
DDoS Webinar 1/14/16 11
NICE TO MEET YOU
• John CullyExceda U.S. Director of Marketing
• Alex SoaresDirector, Exceda Security Products
DDoS Webinar 1/14/16 12
WHO IS EXCEDA?
“Exceda provides a managed portfolio of best-in-class web acceleration, security
and monitoring solutions to customers and resellers throughout the Americas.”
• 15 year track record• 3rd largest Akamai Technologies channel partner • Extensive experience in professional
services/custom configurations
DDoS Webinar 1/14/16 13
DDOS ATTACKS: A BRIEF HISTORY
• A Perfect Storm• Players• Objectives• Targets• Cost of entry
DDoS Webinar 1/14/16 14
TWO DAYS AGO…
DDoS Webinar 1/14/16 15
SOME NUMBERS
Q3 2015 vs. Q3 2014:• 1,510 DDoS attacks on Akamai customers• 179.66% increase in total DDoS attacks• 25.74% increase in application layer (Layer 7) DDoS attacks • 198.1% increase in infrastructure layer (Layer 3 & 4) DDoS attacks • 15.65% decrease in average attack duration: 18.86 vs. 22.36 hours • 52.94% decrease in attacks > 100 Gbps: 8 vs. 17• 65.58% decrease in average peak attack bandwidth • 88.72% decrease in average peak attack volume • 462.44% increase in reflection attacks
Source: Akamai Q3 2015 SOTI Security Report
DDoS Webinar 1/14/16 16
KEY TAKEAWAYS
• More small attacks• More diverse actors• More tools• More incentive• More victims
DDoS Webinar 1/14/16 17
WHAT’S THE DAMAGE?
• $ per minute/hour• Reputation• Fines• Remediation• Resource fatigue• “Smash & grab”
DDoS Webinar 1/14/16 18
THINGS TO CONSIDER
• Timing• CDN• Closet or Cloud?• The $64,000 question
DDoS Webinar 1/14/16 19
CHALLENGES & STRATEGIES
• Application layer DDoS attack• WAF / request rate control - Provides defense for web applications by
limiting the amount of requests it can receive before disrupting service;• Added bonus of protecting against malicious requests against the web
application with intent to steal data, deface websites, etc. (e.g. OWASP)
• Network layer DDoS attack• Always on and on-demand full network routing protects
all infrastructure against attacks on the network layers (L3 - transport, L4 - control);
• Solutions• On-premises appliances• Cloud Application and Network DDoS defense• Hybrid approach that combines both solutions
DDoS Webinar 1/14/16 20
On-Premises DDoS Protection
On-premisesDDoS defense
Risk of resource exhaustion due to attackslarger than the equipment capacity, leading to service disruption
- Capable of protecting against all types of attacks- Good first step approach- More granular control- Only the tip of the iceberg
DDoS Webinar 1/14/16 21
Exceda’s globally distributedWeb Application Firewall
Cloud Web DDoS Protection
- Near-infinite resources to combat DDoS attacks- On-demand option available- Only protects the web applications and not the entirety of the infrastructure
DDoS Webinar 1/14/16 22
Cloud Network DDoS Protection
Exceda globally distributed
Scrubbing Centers
- Protects all of the infrastructure but without granularity towards the applications
- Possible added latency
DDoS Webinar 1/14/16 23
Hybrid Approach
Network DDoS Defense
Web ApplicationDDoS Defense
On-Prem DDoSDefense
A hybrid approach will largely eliminate the shortcomings of each individual solution and provide a comprehensive multi-perimeter approach to defending your business
DDoS Webinar 1/14/16 24
THE ROAD AHEAD: 2016
• DDoSaaS lowers barrier to entry
• IoT risks increase
• Ransom/blackmail
• Increased scale—not duration
• Trickle down to SMB and beyond
DDoS Webinar 1/14/16 25
FINAL THOUGHTS
• Planning: “How’s now? Is now good for you?
• On-Prem vs Cloud vs Hybrid
• Right Tools, Right Configuration
26
Q&AJohn Cully | Director of Marketing, Exceda | jcully@exceda.comAndy Schroepfer | CSO, HOSTING | aschroepfer@hosting.comAlex Soares | Director of Security Products, Exceda asoares@exceda.com
For more information about security solutions by HOSTING, please contact our team at 888.894.4678.
Recommended