• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Check Point Ddos protector
 

Check Point Ddos protector

on

  • 714 views

Check Point Ddos protector

Check Point Ddos protector

Statistics

Views

Total Views
714
Views on SlideShare
708
Embed Views
6

Actions

Likes
1
Downloads
0
Comments
0

1 Embed 6

http://192.168.6.184 6

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • http://voices.yahoo.com/denial-service-attacks-rise-ugly-trend-10842457.html?cat=15
  • Application layer attacks can be targeted at specific server vulnerabilities and might cause more damageRequire less bandwidth and resources from the attackerNo need to fill-up the target’s Internet connection
  • Low & Slow attacks exploit application implementation weaknessesUsing relatively low volume and low number of connections In many cases, targeted application DoS attacks are used in parallel to volumetric DDoS attacksThis kind of attacks can go undetected by solutions that are based only on thresholds and volume-based measures
  • -- stock-photo-17737715-speedometer.jpg -- stock-photo-19499609-data-protection.jpg -- stock-photo-19422828-lock.jpgThe right solution for DDoS protection should have:Fast response time to minimizeDDoS damages Application adaptation for customer’s specific environmentNetwork layer protections for volume-based attacks
  • DDoS Protector’s customized multi-layered DDoS protection blocks a wide range of attacksBehavioral analysis comparing typical vs. abnormal trafficAutomatically generated and pre-defined signatures Using advanced challenge/response techniquesCustomized protection optimized to meet specific network environment and security needs  DDoSProtectorTM is ready to protect any size network in minutesProduct line of 7 new appliances offering:Low-latency (less than 60 microseconds)High-performance (up to 12 Gbps)Port density of up to 16 ports (both 1 GE and 10 GE options available)On premise inline deployment for immediate response to attacksTransparent network device easily fits into existing network topology (layer 2 bridge)Filter traffic before it reaches the firewall to protect networks, servers and block exploits Integrated with Check Point security management suite Leverage SmartEvent, SmartLog and SmartViewTracker for real-time and historic view of overall network security and DDoS attack status Policy management with both Web UI and command line interfaceTeam of security experts provide immediate help for customers facing DoS
  • There are 3 DDoS protection deployment types: on the customer premises, off-site, or bothOn-Premise solutions can have better response times and can be customized to each networkOff-Site deployment helps with moving the problem away from the protected network - Fits when attack is on bandwidthA deployment of both types of solution can leverage advantages of the two deployment options

Check Point Ddos protector Check Point Ddos protector Presentation Transcript

  • Building Your Defense Line Against DDoS Attacks Dan Wiley CPX 2013 ©2013 Check Point Software Technologies Ltd. 1 1
  • Cybercrime Trends for 2012 44% 35% 33% 32% SQL Injections APTs Botnet DDoS 65% of Businesses Experienced Attacks Average $214,000 of Damage Per Attack Ponemon Institute, May 2012 ©2013 Check Point Software Technologies Ltd. 2 2
  • Victims of Recent DDoS Attacks ―Amazon.com claims its widely publicized DDoS attack resulted in a loss of $600,000 during the 10 hours it was down…‖ — Amazon.com ©2013 Check Point Software Technologies Ltd. 3 3
  • Today’s Attacks Are More Sophisticated More DDoS attacks today than ever before More damage with application attacks No need to flood network bandwidth ©2013 Check Point Software Technologies Ltd. 4 4
  • DDoS Attacks by Type TCP SYN Flood Application Layer Attacks Network Layer Attacks More attacks are targeted at the Application Layer Radware 2011 ©2013 Check Point Software Technologies Ltd. 5 5
  • DDoS Attack Examples  Volumetric Attacks – Fill the pipe  DNS Amplification Attacks – Using critical applications as attack source  SYN Attacks – Simple way to use resources  Application Attack – Overrun SSL Logins ©2013 Check Point Software Technologies Ltd. 6 6
  • Volumetric Attacks Mixture of Valid Traffic and Spoofed Traffic Limited Pipe Attack Target Victim ©2013 Check Point Software Technologies Ltd. 7 7
  • DNS Amplification Attack Example Attacker Simple DNS Request Open DNS Server Attack Target Able to amplify DNS request to victim Victim ©2013 Check Point Software Technologies Ltd. 8 8
  • SYN Attacks Spoofed Traffic, Random Sources Random SYN Packets Attack Target Utilize State Table on Firewalls and Servers Victim ©2013 Check Point Software Technologies Ltd. 9 9
  • Application Layer DDoS Attacks New Application Attacks Are Stealthier…  Exploit application weakness with Low&Slow attacks  Utilize relatively low volume and fewer connections  Used in conjunction with volume-based attacks Undetectable by threshold ‒ or volume-based solutions ©2013 Check Point Software Technologies Ltd. 10 10
  • Application Attacks Examples SSL Login Attack Network and Server Resource Consumption Really Simple – Thousands of login requests to web login page, consuming web and database resources Repeated PDF Get Attack – Find a large PDF and download it thousands of times ©2013 Check Point Software Technologies Ltd. 11 11
  • Real World of Real Attacks  US Banking attacks – Volumetric – Application – Continues and Dynamic  DNSSEC Attack Example – Ability to execute DDoS Amplification attack via US Gov  Application low and slow attack – Lets hold those HTTP connections open forever – Very hard to find ©2013 Check Point Software Technologies Ltd. 12 12
  • Layers Work Together Protection Layers Flow Network Flood Server Flood Application Low & Slow Attacks Allowed Traffic ©2013 Check Point Software Technologies Ltd. 13 13
  • DDoS Mitigation Options Attack Type Firewall Network Cleaning Appliance Volumetric Attacks Limited Effective Effective up to bandwidth Network Attacks Limited Effective Effective Application Attacks Limited Limited Effective ©2013 Check Point Software Technologies Ltd. 14 14
  • DDoS Protection The Right DDoS Solution Should Have… Network Layer Protection Adaptable Application Layer Protections Fast Response Time ©2013 Check Point Software Technologies Ltd. 15 15
  • Check Point DDoS Protector™ Customized multi-layered DDoS protection Protects against attacks within seconds Integrated security management and expert support ©2013 Check Point Software Technologies Ltd. 16 16
  • Multi-Vectored DDoS Attacks Network Flood Server Flood Application Low & Slow Attacks High volume of packets High rate of new sessions Web / DNS connectionbased attacks Advanced attack techniques ©2013 Check Point Software Technologies Ltd. 17 17
  • Multi-Layered Protections Network Flood Server Flood Application Low & Slow Attacks Behavioral High volume of network packets analysis Automatic and High rate of pre-defined new sessions signatures Web / DNS Behavioral connectionHTTP and based attacks DNS Advanced Granular attack custom filters techniques Stateless and behavioral engines Protections against misuse of resources Challenge / response mitigation methods Create filters that block attacks and allow users ©2013 Check Point Software Technologies Ltd. 18 18
  • Where to Protect Against DDoS Scenarios: 1 2 3 On-Premise Deployment DDoS Protector Appliance + Off-Site Deployment DDoS Protector Appliance ©2013 Check Point Software Technologies Ltd. 19 19
  • Flexible Deployment Options Ready to Protect in Minutes Fits to Existing Network Topology Optional Learning Mode Deployment Low Maintenance and Support ©2013 Check Point Software Technologies Ltd. 20 20
  • Emergency Response and Support Emergency Response Team Check Point Customer Support  Help from security experts when under DoS attacks  Leverage experience gathered from real-life attacks  World-class support infrastructure  Always-on support 7x24  Flexible service options ©2013 Check Point Software Technologies Ltd. 21 21
  • Summary Blocks DDoS Attacks Within Seconds Customized multi-layered DDoS protection Ready to protect in minutes Integrated with Check Point Security Management ©2013 Check Point Software Technologies Ltd. 22 22
  • What It Takes to Deal with DDoS  Have a plan  Test the plan  Determine what the impact will be to operations  Brief management on impact of DDoS attack ©2013 Check Point Software Technologies Ltd. 23 23
  • DDoS Is a Team Sport DDoS is a team activity  Application – Web Team, Database Team  Network – Networking team  ISP/Clean Service – Make sure you test cut-overs ©2013 Check Point Software Technologies Ltd. 24 24
  • Business Impact  Make sure management will know what happens during a DDoS  What will it cost you if you have a DDoS – Operational Costs – Business Costs – PR Costs  Be prepared for the long haul  Don’t expect the attackers will go away  Map impact to all business units ©2013 Check Point Software Technologies Ltd. 25 25
  • Thank You ©2013 Check Point Software Technologies Ltd. 26 26