DSS ITSEC CONFERENCE - Radware - Attack Mitigation System (AMS) - Riga, Latvia

1,139 views

Published on

Presentation from "DSS" organized ITSEC conference. (http://event.dss.lv)

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,139
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
36
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • 16
  • The circle line that connect all the modules should be on the SEM layers – see my change here
    The screen shots should be somehow presented in a better way, see my change as an example.
  • DSS ITSEC CONFERENCE - Radware - Attack Mitigation System (AMS) - Riga, Latvia

    1. 1. Beyond Today’s Perimeter Defense: Radware Attack Mitigation System (AMS) Michael Soukonnik RIGA, Latvia (DSS ITSEC 2012) 24.11.2012
    2. 2. Agenda • About Radware • Understanding online business security threats • Introducing Radware Attack Mitigation System (AMS) • AMS building blocks overview • Customer success • Summary Slide 2
    3. 3. Imagine That You Could… Slide 3 Eliminate Costs of Downtime Improve your Customer Experience & Employee Productivity Cut Application Infrastructure Cost by 20-50% Enhance your Business Agility
    4. 4. 1 1 3 Over 10,000 Radware Customers Can… Slide 4
    5. 5. About Radware Slide 5 Over 10,000 Customers Global Technology Partners 1998 2000 2002 2004 2006 2008 2010 4.9 14.1 38.4 43.3 43.7 54.8 68.4 77.6 81.4 88.6 94.6 108.9 144.1 Company Growth Recognized Security Vendor
    6. 6. Online Business Security Threats
    7. 7. Security Threat Vectors Slide 7 Large volume network flood attacks High and slow Application DoS attacks SYN flood attack Brute force attack Web application attacks (e.g. XSS, Injections, CSRF) Port scan “Low & Slow” DoS attacks (e.g., Sockstress) Network scan Intrusion Intrusion, malware
    8. 8. Network and Data Security Attacks: from the News Slide 8
    9. 9. Multi-Vulnerability Attack Campaigns Slide 9 Business Large volume network flood attacks Application flood attack (Slowloris, Port 443 data flood,…) Large volume SYN flood Web application attacks (e.g. XSS, Injections, CSRF) Low & Slow connection DoS attacks Network scan Web application vulnerability scan Conclusions • Attackers use multi-vulnerability attack campaigns making mitigation nearly impossible • DoS & DDoS tools are preferred weapon of mass disruption
    10. 10. Mapping Security Protection Tools Slide 10 Large volume network flood attacks High & Low rate application DoS attacks “Low & Slow” DoS attacks Brute force attack Web application attacks (e.g. XSS, Injections, CSRF) SYN flood Port scan Network scan Intrusion Intrusion, Malware DoS Protection Behavioral Analysis IP Reputation IPS WAF
    11. 11. Introducing Radware Attack Mitigation System
    12. 12. Radware Attack Mitigation System (AMS) Slide 12
    13. 13. AMS Protection Set Slide 13 NBA • Prevent application resource misuse • Prevent zero-minute malware DoS Protection • Prevent all type of network DDoS attacks IPS • Prevent application vulnerability exploits Reputation Engine • Financial fraud protection • Anti Trojan & Phishing WAF • Mitigating Web application threats and zero-day attacks
    14. 14. OnDemand Switch: Designed for Attacks Mitigation Slide 14 OnDemand Switch Platform Capacity up to 14Gbps DoS Mitigation Engine • ASIC based • Prevent high volume attacks • Up to 12 Million PPS of attack protection NBA Protections & WAF IPS & Reputation Engine • ASIC based String Match & RegEx Engine • Performs deep packet inspection
    15. 15. Static Signature Engine (DPI) Real-time Signatures Engine (Multi CPU Cores) DefensePro On-Demand Switch 3: • Up to 12Gbps of network traffic inspection • 4,000,000 concurrent sessions • Latency < 100 micro seconds Next Generation DefensePro: IPS+DoS Architecture Page 15 APSolute Immunity Engines Standard IPS Solution Real-time signature APSolute Immunity booster: • Prevent high volume attacks • Up to 10 Million PPS of attack ASIC-Based DoS Mitigator Engines Real-time signature injection ot
    16. 16. The Secret Sauce – Real-time Signatures Public Network Inbound Traffic Outbound Traffic Behavioral Analysis Abnormal Activity Detection Inspection Module Real-Time Signature Inputs - Network - Servers - Clients Real-Time Signature Generation Closed Feedback Enterprise Network Optimize Signature Remove when attack is over Slide 16 DoS & DDoS Application level threats Zero-Minute malware propagation
    17. 17. Radware Security Event Management (SEM) Slide 17 • Correlated reports • Trend analysis • Compliance management • RT monitoring • Advanced alerts • Forensics 3rd Party SEM
    18. 18. AMS Synergy Slide 18 • Advanced configuration • Role-based access control Web application scanning activity detected from source A Web intrusion attack detected from source A Black list source A
    19. 19. Radware AMS & ERT/SOC Slide 19 • Security Operations Center (SOC) – Provides weekly and emergency signature updates – Maintains on-going application vulnerability protection • Emergency Response Team (ERT) – Provide 24x7 service for customers under attack – Neutralize DoS/DDoS attacks and malware outbreaks
    20. 20. Radware Security Products Portfolio Slide 22 AppWall Web Application Firewall (WAF) DefensePro Network & Server attack prevention device APSolute Vision Management and security reporting & compliance
    21. 21. Summary
    22. 22. Conclusion • Attackers deploy multi-vulnerability attack campaigns – Organizations deploy point security solutions – Attackers target for blind spots • Radware offers Attack Mitigation System (AMS): – The only solution that can defend against emerging cyber attack campaigns – No blind spots in network & application security • Customer success: best security solution for – Online business protection – Data center protection Slide 28
    23. 23. Thank You www.radware.com

    ×