Radware Attack Mitigation System

Current Trends

19% of attacks are considered “constant” in 2014

52% of organizations expect to be able to fight attacks for

only a day or less.

Only 17.46% acknowledge being able to fight a month

long attack.

DDoS is the attack that will cause most harm.

*2014-2015 Global Application & Network Security Report

The Threat Landscape

3

Risk is on the rise for some unexpected targets: Healthcare

and Education.

Likelihood of attacks is also heating up for Gaming, Hosting

and ISP companies

Only one – Financial Services – actually moved from “High” to

“Medium” risk

– Enhanced protection based on prior year experiences helped

No one is Immune – Unexpected Targets

4

Extra-large attacks are seen on a daily basis

Attacks are targeting all types of organizations

Enabled by “better” technology via reflective attacks, at attacker’s

disposal

Point of Failure

The Internet pipe is now the organization’s #1 point of failure

5

Multi-Vector Attacks Integrated, hybrid solution to mitigate all types of attacks

IPS/IDS

“Low & Slow” DoS attacks (e.g.Sockstress)

Large volume network flood attacks

Syn Floods

Network Scan

HTTP Floods

SSL Floods App Misuse

Brute Force

Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection

Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server

6

Radware Attack Mitigation System (AMS)

Integrated hybrid security solution

– On-premise detection and mitigation

– Cloud scrubbing to mitigate beyond the perimeter

Backed by Radware’s Emergency

Response Team

Also available as a fully-managed

service

Radware Attack Mitigation System (AMS) Dedicated hardware for attacks

Dedicated hardware for legitimate traffic

Behavior-based detection to

prevent service-level impact of

legit traffic

8

Emergency Response Team (ERT)

Protecting against top attack campaigns

Emergency Response Team (ERT) - 24x7 team of security experts for fast mitigation under attack

9

Behavior-based Detection

To prevent service-level impact of legit traffic

Behavior-based traffic analysis Rather than Superficial rate-based analysis

10

Dynamic Mitigation Engagement

to minimize security impact on service-level

In-Line when you must Out-of-Path when you can

11

Augmented Security via Collaboration

12

All security and application delivery elements exchange Defense Messaging for more accurate detection and protection and minimal impact on service-level

Distributed Architecture

Mitigation Mitigation Detection

12

AMS - Hybrid DDoS Mitigation Solution

Cloud Perimeter LAN

DefensePro

Defense Messaging

ADC

13

• Full coverage - Detects all types of SSL encrypted attacks

– SSL Negotiation Floods

– HTTPS Floods

– Encrypted Web Attacks

• Stateless solution - Non-vulnerable mitigation architecture

• Lowest latency approach - Legitimate transactions go through without decryption

• FIPS compliant & common criteria certified solution

• Single vendor, integrated management

AMS – Mitigating the SSL Threat

Unique SSL attack mitigation solution

14

AMS Elements

APSolute Vision

AppWall

DefensePro

15

Global Network of Scrubbing Centers

US US

UK Germany

Russia

Hong Kong

Brazil

16

Attack Mitigation System

Customers own and manage on-premises

components of AMS

DefensePipe cloud scrubbing service is used to

protect against internet pipe saturation

Customers are notified of attacks that require the

ERT involvement

Attack Mitigation Service

Radware owns and implements on-premises

components of AMS

DefensePipe cloud scrubbing service is used to

protect against internet pipe saturation

Customers are notified of attacks that require the

ERT involvement

Flexible Attack Mitigation Offerings

17

“Radware's Attack Mitigation System (AMS) mitigates both known and new forms of attack

while allowing legitimate business traffic to be handled as normal, so the business

continuity of our hosted cloud customers is preserved even while under attack.”

Nathaniel Kemberling, CTO, Brinkster

What Customers Say

“Radware’s Attack Mitigation System (AMS) fits perfectly within our secure cloud hosting architecture. The ability to stop a variety of multi-level attacks at the edge of our networks in North America and Europe empowers FireHost to provide the best protection in the industry.”

Chris Drake, Chief Executive Officer, FireHost

18

Summary

•Able to detect and mitigate the full scope of DDoS attacks Widest Coverage

•Minimal false positives with patent-protected behavioral analysis technology

•Real-time signatures and selective challenge-response mechanism for high mitigation accuracy

High Accuracy

•All attacks are detected on-premise in real-time

•Protection starts in seconds – shortest time to protect in the industry Shortest Time

•ERT’s security experts to manage attacks

•Fully-managed service option

• Integrated reporting system Complete Solution

Hybrid, integrated security solution with widest coverage and high quality of protection

19