Upload
ziv-ichilov
View
342
Download
5
Tags:
Embed Size (px)
DESCRIPTION
Hybrid DDoS Protection Services for MSSPs and Enterprises - Hybrid DDoS Mitigation Services - Seamless Transparent Protection - Mitigation Capacity Backup
Citation preview
DDoS Protection Services
1 DDoS Protection
2 About us & global reach
3 Services & Solutions
4 Traffic Diversion
5 Response Time
6 Control Center
7 Capacity Backup
8 Partners
CONTENToverview
9 Summary
1
DDoS Protection Strategies – General Traditional Approaches
On Premises
Dedicated appliances
Pros
• Good for layer 7 attacks
• Enterprise control
Cons
• Vol. attacks (upstream)
• Requires in-house skills
Clean Pipe
ISP detects and mitigates.
Pros
• Cost effective
• Mature offering
Cons
• Low capacity ISP
• ISP agnostic
2
DDoS Protection Strategies – Providers Traditional Approaches
CDN Provider
Web content is distributed,
mitigation done at the edge.
Web only.
Pros
• Always On
• New services (e.g.WAF)
Cons
• No DMZ protection
• Limited to Web
Scrubbing Center
Traffic redirection to closest
cleaning facility. Forward
good traffic.
Pros
• Effects ALL traffic
• Interact with CPE
Cons
• No auto-diversion*
• Require testing
3
SecurityDAMoverview
SecurityDAM offers
Managed Security Service
Providers (MSSPs) a quick
and easy way of adding
comprehensive Distributed
Denial of Service (DDoS)
protection service to their
security portfolio.
ABOUT USSecurityDAM
Worldwide Resources
Radware Partner
SecurityDAMControl Center
Monitoring & Alerting
MSSP Solutions
RAD Group
DDoS Protection
NOC/ERT Services
Hybrid Approach
Comprehensive evolving managed
DDoS Protection Services5
OUR GLOBAL REACHGlobal Network of Scrubbing Centers
US>100 Gbps
Hong Kong>20Gbps
Frankfurt>100 Gbps
Current: >200 Gbps
200G
OUR NETWORK IS EXPANDING
Russia<partner>
UK<partner>
Hong Kong<partner>
US>50Gbps
Singapore>20Gbps
Partners: >50 Gbps
250G
2014 Plans: >+100 Gbps
350G
SERVICES & SOLUTIONSSecurityDAM Offering
SecurityDAM offers a complete DDoS Protection Services suit, with a flexible deployment
and responsibility offering, matching your current and future needs.
White Label ServiceBrand on SecurityDAM system
Turnkey ServiceIndependent local system
Backup ServiceMitigation capacity backup
SecurityDAM suite of services enables flexible provisioning of DDoS Protection Services
Full Operational ServicesSecurityDAM NOC and ERT
Partial Operational ServicesNOC / ERT / Support
On Demand Servicefor registered end-customers
7
OUR SERVICESSystem and Team
AnalysisReal-time analysis and
adjustment of protection settings
AccountingFlexible protection plans definitions
to match customer and market needs
Flexible EnvironmentCloud-based environment
Best of bread flexible integration
DevelopmentEvolving proprietary
mitigation tools
24x7 SupportNOC – monitoring, mitigation
and past mortem analysis
ResearchDDoS tools and mitigation
techniques research
8
Traffic DiversionAutomated from the Control Center
Traffic diversion to Scrubbing Centers
BGP
AS / (/24)
network diversion
Route Change
direct route
changes
9
DNS
website diversion
(reverse-proxy)
RESPONSE TIME #1Shortest Time-to-Mitigate
24x7 MonitoringReal-time / Inline
Detection time measured in
seconds.
AlertNOC / Customer
Analysis of attack
and mitigation measures.
CPE Only
Monitor on
premises
actions
Divert
Decide on
diversion
and engage
10
TIME TO MITIGATE< 15 minutes, when diversion is needed
Time to mitigate
RESPONSE TIMEShort response time to new threats
SOFTWARECloud Deployment
Quick deployment
of new measures
IDEANew threats
Real-time analysis of
mitigation efficiency
DEVELOPINGNew protections
COTS and custom mitigation
tools integration
12
13
Figure 1 Customer Dashboard
Real-time monitoring
Traffic
Setting
Security & Operational
Signaling based Alerting
Diversion requests
Control CenterManaging DDoS Protection Service
14
Figure 2 Operator Dashboard
Global real-time views
Traffic
Setting
Security & Operational
Signaling based Alerting
Control CenterManaging DDoS Protection Service
15
Figure 3 Reports
Summary Report
Account report aggregating
CPE and Scrubbing Center data
Detailed Report
Attack report per incident (with
aggregation)
Enhanced Reports (future)
External source integration to
produced reports.
Control CenterManaging DDoS Protection Service
CAPACITY BACKUP SERVICEHigh rate attack mitigation via SecurityDAM
SD NetCapacity backup
services for supporting local scrubbing center
resource limitation.
UnifiedUnified reporting cross
levels, with aggregated date from
multiple mitigation points.
Incre
ase V
alu
eR
educe C
apE
x
DDoS attack rate can be overwhelming80/20 still apply rely on cloud backup 16
Partners – JT GlobalOperating SecurityDAM Independent System
Image
Placeholder 1
UK Channel Island operator Customer DDoS Protection
Banking Online businesses
Stand-alone Control Center Stand-alone Scrubbing Center
Mark Stuchfield, (Head of Innovation
and Strategy, JT):
“SecurityDAM allows us to provide
these cloud security services to
multiple customers and at the same
time give them a visual indication of
what is going on”
17
Partners – Defense Center LLCOperating SecurityDAM Independent System
Russian MSSP Customer DDoS Protection
Small businesses Enterprise networks
Domestic Control Center Mitigation capacity backup
Valery Kirillov, (CEO):
“Business continuity is a prime
concern to our customers. Our multi-
layered DDoS protection will allow us
to provide the highest level of
mitigation capacity, backup by
SecurityDAM Emergency Response
Team service.”
18
SUMMARYBasic flow
Clean
ReinjectionCC
51
MonitorCPE
Mitigate / AlertCPECC
2
DivertTo CC
3
Cloud
MitigationCC
4
Attack
EndCPE
6
19
SUMMARYAttack Management Flow
20
On-premise CPE mitigates the attack
Protected Organization
Signaling Messaging
Volumetric DDoS attack
blocks the Internet pipe
Clean traffic
Sharing essential
information for
attack mitigation
MSSP Scrubbing Center & NOC
SecurityDAM Global
Scrubbing Centers
MSSP/customer decide to divert the traffic
MSSP local capacity exhausted; initiate Capacity Backup
SUMMARYSecurityDAM DDoS Protection Platform and Services
Customer Portal
Operator provisioning
and management
Audit and Accounting
Monitoring
End-to-End
Protection
Integrated Layered DDoS protectionSmooth operationExperts assistance
21