Embed Size (px)
Citation preview
KASPERSKYDDOS PROTECTION
© 2016 Kaspersky Lab. All rights reserved.
SVEN SELLENDDOS PROTECTION EUROPE
FACTS ABOUT US
>3,000 highly
qualified specialists
>20million product
activations per year
Founded in 1997 and led
by Eugene Kaspersky
Holding company registered
in the United Kingdom
Provides innovative
IT security solutions for
business and consumers
One of the four biggest endpoint
security vendors*
Our solutions are recognized and
awarded in independent tests and reviews
"Leader" according to the Gartner
Magic Quadrant for Endpoint
Protection Platforms**
711 million USD— global
unaudited revenue in 2014
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report "Worldwide Endpoint Security 2014–2018 Forecast
and 2013 Vendor Shares (IDC # 250210, August 2014). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013.
** Gartner, Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook, John Girard, Neil MacDonald, January 8, 2014. The report is available at Kaspersky Lab upon request.
Essentials Numbers Achievements
users worldwide
are protected by us> 400,000,000
3 KDP | Solution
OUR ROLE IN THE GLOBAL IT SECURITY COMMUNITY
We participate in joint operations and cyberthreat
investigations with the global IT security community,
international organizations such as INTERPOL andEuropol, law enforcement agencies and CERTs worldwide
We hold regular training
courses for INTERPOL and
Europol officers and the police
forces
of many countries, e.g. City
of London Police
We host the annual Kaspersky
Lab Security Analyst Summit
which brings together the world’s
best IT security experts
We provide expert speakers
at conferences around
the globe, e.g. World Economic
Forum in Davos
ENTERPRISE SECURITY PORTFOLIO
Providing protection across a variety of enterprise IT systems, from
endpoints to data centers, online services and critical infrastructure
Endpoint
Security
Mobile
Security
Security
Solutions
for Data Centers
Industrial
Cyber Security
Anti Targeted
Attacks Platform
Fraud
Prevention
DDoS
Protection
Virtualization
Security
Security
Intelligence
Services
CASE STUDY
Blackmailing
Organized crime force business to pay money to avoid been
attacked
Hacktivism
DDoS performed by sort type of activists as a reaction to any
global events
Competition crime
DDoS is a tool of unfair competition
DDOS ATTACK TYPES
7
Volumetric attacks
DNS Amplification
NTP Amplification
Application layer attacks
Attacks on DNS servers
Other infrastructure
attacks
Hybrid attacks
Internet ChannelNetwork
equipment
DNSOS
LAN
Web
Server
KDP | Solution
DDOS ATTACK TOOLS
8
Botnets
Desktops and
laptops infected
by malware(bot)
and controlled
from Command
& Control center
Servers
Both physical
and virtual. A
number of
rented servers in
Data Centers,
connected to
Internet via fast
Internet
channels
Smartphones
In most cases
running Android
and infected by
malware (bot)
IoT
Smart devices
like TVs, Wi-Fi
routers, etc.
connected to
Internet via
broadband
channels
Amplification
Technologies that
can amplify traffic
of attacks
KDP | Solution
DDOS ‘SERVICES’ ARE READILY AVAILABLE
$50 – black market cost of a day-long DDoS attack.
Specialized online marketplaces exist where you can buy and sell botnets or individual DDoS attacks.
Would-be DDoS attackers simply pay by PayPal, Bitcoin or credit card and choose desired attack.
2 KDP | Solution
It’s cheap and anonymous to order a DDoS attack. Everyone can do it.
Trafficredirection
Traffic delivery Sensor
KDP Connect DNS Always-On Proxy, GRE In cloud
KDP Control BGP On-Demand GRE, MPLS On premise
KDP Connect+ BGP Always-On GRE, MPLS In cloud
7
KDP PRODUCTS
8
KDP CONNECTAND CONNECT+(ALWAYS ON)
Router Switch
Protected resource
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
9 KDP | Solution
KDP l MONITORING
AmsterdamCleaning Center
FrankfurtCleaning Center
Proactive detection based on Kaspersky DDoS Intelligence
Statistical profiles
Behavior analysis at application layer
KDP experts
10
DETECTION METHODS
Monitors all known and emerging attack types to implement early warning mechanism to identify DDoS attacks.
Proactive detection –Helps to minimize downtime of protected resources
Granular detection of attack types –Minimizes false positives – i.e. legitimate users who were blocked
Analyzing new bots behavior to prepare for new attacks –Proactive reaction to a new types of threats
11 KDP | Solution
KASPERSKY DDOS INTELLIGENCE
Router Switch
Protected resource
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
12 KDP | Solution
KDP l FILTERING
AmsterdamCleaning Center
FrankfurtCleaning Center
Router Switch
Protected resource
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
12 KDP | Solution
KDP l END OF ATTACK
AmsterdamCleaning Center
FrankfurtCleaning Center
13
KDP CONTROL(ON DEMAND)
KDP Sensor
Router Switch
Protected resource
span
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
14 KDP | Solution
KDP l MONITORING
AmsterdamCleaning Center
FrankfurtCleaning Center
KDP Sensor
Router Switch
Protected resource
span
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
15 KDP | Solution
KDP l FILTERING
AmsterdamCleaning Center
FrankfurtCleaning Center
KDP Sensor
Router Switch
Protected resource
span
INTERNET CUSTOMER’S NETWORK
Emergency Response Team
16 KDP | Solution
KDP l END OF ATTACK
AmsterdamCleaning Center
FrankfurtCleaning Center
13
SUMMARY
Trafficredirection
Traffic delivery Sensor
KDP Connect DNS Always-On Proxy, GRE In cloud
KDP Control BGP On-Demand GRE, MPLS On premise
KDP Connect+ BGP Always-On GRE, MPLS In cloud
7
KDP PRODUCTS
Proactive, NextGen detection of attacks based on Kaspersky DDoS Intelligence
Smart mitigation of all types of DDoS Attacks (up to 500 Gbit/s)
Fast and easy deployment, zero installation on customer’s side (Connect)
Rapid protection and support by Emergency Response Team
KDP experts back up attack mitigation for hard cases
Customer is not involved into attack mitigation (Connect, Connect+)
Highly scalable Scrubbing Centres in Amsterdam and Frankfurt – traffic stays in EU
17
KDP ADVANTAGES
