Upload
jim-zhang
View
14
Download
2
Embed Size (px)
Citation preview
TERILOGY momenutm Case Study
momentum Solves DNS Monitoring Problem For Large ISP Firm
The creative Security monitoring Tool
One of the largest ISP based in the Taiwan, this firm
serves over 10 millions of customers in Taiwan, including
individuals, institutions.
Challenge:
• Monitoring the traffic of large) number of DNS servers
• Precision Burst analyst
• Constant DNS attack
Resolution:
DNS Traffic Visibility from momentum DNS viewer
Benefits:
• Capture and Record all packets
• DNS Reporting capability independent from specific
DNS software vendor
• Support historical trend of DNS traffic with one second
granularity.
• Detect the attack with traffic trend or domain statistic
This organization maintains a large, complex, mission-critical DNS servers
that require constant monitoring for security, performance, and capacity. It
had deployed a wide variety of different network monitoring and security tools,
including syslog analysis system , IPS
In some cases, collecting the syslog from DNS servers for analyzing, it is
hard to get detail information to find what happened in the DNS traffic burst,
what is the root reason for slow response time or security incident.
By deploying the momentum DNS viewer in the network, it gives visibility the
trend of DNS traffic and drill down the root reason from pcap, and analyze the
traffic burst from the one second granularity pcap
Eventually, the IPS deployed in the front of DNS Servers, when DNS attack
happened, it is difficult to grasp the attack detail information before it affects
the DNS servers performance.
momentum DNS viewer find the attack from the traffic trend and pcap
analysis, and to apply the countermeasure to reduce the minimum DNS
servers performance impact
Copyright © 2016 Terilogy Co., Ltd. All Rights Reserved.