DoS, DDoS and application attacks –
are you ready?

Michael Soukonnik
Radware Ltd
michaels@radware.com
2012 Radware Security Report:
DDoS Attack Vectors

SSL based
attacks are on
the rise
Specific
Application
Resources are
ta...
Attack Vectors

Cloud Mitigation

On-Premises
Mitigation

Volumetric network flood attacks
Attack Volume
Network scan
Intr...
Old fashion systems are volnurable

Firewall, IPS (even NG) cannot stop DDoS !

Radware Confidential Jan 2012

4
• Attacks become more complex (5-7 vectors)!
• Attacks become longer (days and weeks)!
• More financially motivated attack...
• It’s cheap (hundreds of $)!
• Attacks become very powerful and use
server based botnets !
• New attacking tools know how...
So – Nothing to do with that?
Radware Attack Mitigation System (AMS) and service
Mapping Security Protection Tools
In the cloud DDoS protection
DoS protection
Behavioral analysis
SSL protection
IPS
WAF

...
Radware Attack Mitigation System (AMS)

10
AMS Deployment
• Mitigate all type of
DDoS attacks
• Mitigate SSL attacks
Alteon

AppWall

DefensePro

• Mitigate web
appl...
Where to Detect?
• Network DDoS
• SYN Floods
• HTTP Floods
• SSL Floods
• Server cracking

Cloud mitigation services
canno...
Attack Mitigation System: Layers of Defense
In the cloud

Defense Messaging
• Traffic baselines & real-time
signature info...
Attack Mitigation System: Scalable Defense Network
In the cloud
Perimeter
Front-End

ERT and the customer
decide to divert...
Attack Mitigation System: Mitigating the SSL Threat
In the cloud

Unique Solution Benefits

Perimeter

• Detects all types...
• Every governmental and business body may become an attack target
• Attacks have more and more volume and complexity, cov...
Customer Success Leading the DDoS Protection Market
Our Customers Select AMS
Financial Services

Retail Services

Government, Healthcare & Education

Carrier & Technology Ser...
We Protect Against the Top Attack Campaigns

19
Q&A

20
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
Upcoming SlideShare
Loading in...5
×

DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide

310

Published on

Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
310
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide

  1. 1. DoS, DDoS and application attacks – are you ready? Michael Soukonnik Radware Ltd michaels@radware.com
  2. 2. 2012 Radware Security Report: DDoS Attack Vectors SSL based attacks are on the rise Specific Application Resources are targeted C/R bypass capabilities SMTP 9% VoIP 4% Increased Bandwidth saturation TCP - SYN Flood 35% Web 24% Complexity DNS 10% Volume TCP UDP Other 7% 3% ICMP 5% IPv6 3% Attack remained diversified between different attack types. This reflects attackers using multi-vector attacks. Usage of servers – more firepower Volume attacks on DNS infrastructure 2
  3. 3. Attack Vectors Cloud Mitigation On-Premises Mitigation Volumetric network flood attacks Attack Volume Network scan Intrusion Port scan SYN flood attack Attack “Low Complexity & Slow” attacks Application Flood attacks Application vulnerability, malware SSL based attacks Web attacks: XSS, Brute force Web attacks: SQL Injection 3
  4. 4. Old fashion systems are volnurable Firewall, IPS (even NG) cannot stop DDoS ! Radware Confidential Jan 2012 4
  5. 5. • Attacks become more complex (5-7 vectors)! • Attacks become longer (days and weeks)! • More financially motivated attacks, but at the same time more politically motivated attacks on government and private organizations ! You never know if you are on sight of future attack! 5
  6. 6. • It’s cheap (hundreds of $)! • Attacks become very powerful and use server based botnets ! • New attacking tools know how to overcome not only legacy, but even newest protection systems 6
  7. 7. So – Nothing to do with that?
  8. 8. Radware Attack Mitigation System (AMS) and service
  9. 9. Mapping Security Protection Tools In the cloud DDoS protection DoS protection Behavioral analysis SSL protection IPS WAF UDP Garbage flood on ports 80 and 443 ICMP flood attacks To fight back you need: SYN/TCP OOS flood attacks • An integrated solution with all security technologies Server cracking attacks Business • Mitigate attacks beyond the perimeter SSL/TLS negotiation attacks HTTP flood attack HTTPS flood attack Web attacks: XSS, SQL Injection, Brute force 9
  10. 10. Radware Attack Mitigation System (AMS) 10
  11. 11. AMS Deployment • Mitigate all type of DDoS attacks • Mitigate SSL attacks Alteon AppWall DefensePro • Mitigate web application exploits Application Infrastructure 11
  12. 12. Where to Detect? • Network DDoS • SYN Floods • HTTP Floods • SSL Floods • Server cracking Cloud mitigation services cannot detect attacks! In the cloud Perimeter Front-End AMS provides the widest attack detection coverage! Alteon Internet • Web attacks Protected • Application misuse Organization • Application connection overflow 12
  13. 13. Attack Mitigation System: Layers of Defense In the cloud Defense Messaging • Traffic baselines & real-time signature information • Complete system in sync Perimeter Front-End Alteon Benefits • Detect where you can • Mitigate where you should • Optimize mitigation scalability Defense Messaging Protected Organization Internet 13
  14. 14. Attack Mitigation System: Scalable Defense Network In the cloud Perimeter Front-End ERT and the customer decide to divert the traffic Alteon Defense Messaging Internet Volumetric DDoS attack that saturates Internet pipe Protected Organization 14
  15. 15. Attack Mitigation System: Mitigating the SSL Threat In the cloud Unique Solution Benefits Perimeter • Detects all types of SSL encrypted attacks Front-End •Non-vulnerable mitigation architecture • Legitimate transactions go through without decryption •Lowest latency approach Alteon •FIPS compliant & common criteria certified solution •Single vendor, integrated management Protected Organization Internet 15
  16. 16. • Every governmental and business body may become an attack target • Attacks have more and more volume and complexity, covering L4-L7 simultaneously • Legacy types of security equipment cannot stop complex attacks • Cloud service and CPE cannot stop attacks working separately • Radware provides CPE (DDoS, DoS, Application attacks and WEB), Emergency Response Team 24X365 support and DefensePipe cloud service. Together it enables attack mitigation from its’ first seconds at CPE and volume network attack mitigation in cloud 16
  17. 17. Customer Success Leading the DDoS Protection Market
  18. 18. Our Customers Select AMS Financial Services Retail Services Government, Healthcare & Education Carrier & Technology Services 18
  19. 19. We Protect Against the Top Attack Campaigns 19
  20. 20. Q&A 20
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×