Nas nie zaatakują!

448 views

Published on

Simon Cartwright,
Kongres Biznes To Rozmowy 2013, NETIA

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
448
On SlideShare
0
From Embeds
0
Number of Embeds
77
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Nas nie zaatakują!

  1. 1. Arbor Networks Poland. 3rd October 2013 Simon Cartwright Director of Security Services!
  2. 2. Agenda     •  Who  is  Arbor  ?   •  What  is  DDoS   •  Evolu3on  of  DDoS     •  Trends  in  DDoS   •  A9ack  Traffic  Details  Poland   •  Protec3on  Op3ons   •  The  Enterprise  Ques3on   •  Visibility  &  Control   •  Ne3a/Arbor/NCR  Partnership   •  Ques3ons.  At  Booth  
  3. 3. 4   Arbor - a Trusted & Proven Vendor Securing the World’s Largest and Most Demanding Networks 90% Percentage  of  world’s     Tier  1  service  providers     who  are  Arbor  customers   107 Number  of  countries   with  Arbor  products   deployed   47.1 Tbps Amount  of  global  traffic   monitored  by  the  ATLAS  security   intelligence  ini3a3ve  right  now  –   25%  of  global  Internet  traffic!   #1 Arbor  market  posi3on  in  Carrier,   Enterprise  and  Mobile  DDoS   equipment  market  segments  –     61%  of  total  market     [Infone3cs  Research  Dec  2011]   Number  of  years  Arbor  has  been  delivering   innova3ve  security  and  network  visibility   technologies  &  products   13 $16B 2011  GAAP  revenues  [USD]  of   Danaher  –  Arbor’s  parent  company   providing  deep  financial  backing  
  4. 4. Arbor’s proud history of
 productizing innovation
 in distributed networks.# Arbor is the most
 trusted and widely
 deployed solution for
 DDoS & Botnets.# Arbor sees more global
 traffic and threats than
 anyone else on the planet." Only Arbor has a fully integrated solution to quickly detect & stop
 advanced threats." •  Honored as a top 10 global innovations# •  Key patents in networking & security.# •  Analyzing over 48TB of data per second# •  Monitoring over 110K malware families# •  Integrated to detect & stop threats anywhere# •  See beyond the network through ATLAS# •  Over 90% of the world’s Tier 1 ISPs# •  9 of the top 10 largest business networks# Arbor Networks Overview
  5. 5. Threat Landscape Era’s Network   Protocol   Content   Advanced   Threats   1999-­‐2005   2006-­‐2010   2010-­‐Today   §  Synflood (Trinoo/TFN) §  Code Red §  Slammer §  Zotob §  Conficker (2008) §  Web Browser §  Web Applications §  Doc/PDF/etc. §  Flash/Shockwave §  Java §  Aurora §  Operation Payback §  Stuxnet/Flame/Duqu §  APT §  Cyber Warfare
  6. 6. During a Distributed Denial of Service (DDoS) attack, compromised hosts or bots coming from distributed sources overwhelm the target with illegitimate traffic so that the servers can not respond to legitimate clients. What is a DDoS Attack? 7  
  7. 7. DDoS The DDoS weapon of choice for Anonymous activists LOIC, was downloaded from the internet 1.167.305 times during 2011/12(sourceforge.net)
  8. 8. DDoS Motivations 9  
  9. 9. Everyone is a Target 10  
  10. 10. DDoS Devastating Costs 11   *Neustar  Insights  DDoS  Survey:  Q1  2012   The  impact  of  loss  of  service  availability  goes  beyond  financials:   Opera@ons   Help  Desk   Recovery   Employee   Output   Penal@es   Lost  Business   Brand  &   Reputa@on   Damage   35%  of  those  a9acked   said  it  lasted   More  than  a  day   67%  of  retailers  said  outages  cost   $100,000     per  hour   21%  overall  said  outages  cost   $50,000     per  hour  
  11. 11. Today’s Attacks are More Frequent 12  
  12. 12. Today’s Attacks 13   2012   2013  (so  far….)   Number  of  A9acks   713   986   Average  Dura3on   38mins  37secs   29mins  50secs   Longest  A9ack   1day  16hrs  07secs   1day  4hrs  45mins  58secs  
  13. 13. Volumetric
DDoS" Bots &
 Botnets" Mobile
 Malware" Availability# Confidentiality#IMPACT" THREAT
 SPECTRUM" The Next Generation of Threats
  14. 14. Netia’s Unique Threat Ecosystem 16   The  ecosystem  between  smart  providers  &  enterprises  to  offer   comprehensive  protec3on  from  ac3ve  threats   Enterprise NetworksNetia D   Enterprise  data  center  services  are  now  fully  available     and  secure  from  advanced  threats!  
  15. 15. Diverse end-points are accessing your network from anywhere." Your assets are distributed everywhere." Corporate
 Offices" Broadband"Mobile" Content" Corporate
 Servers &
 Applications" SaaS" A Global, Hybrid infrastructure" Private
 Network" Public
 Clouds" Internet" The Global Network is Your Business
  16. 16. CDNs" Mobile
 Carriers" Service
 Providers" SaaS" Cloud
 Providers" Enterprise
 Perimeter" Mobile
 WiFi" Employees" Corporate
 Servers" Remote
 Offices" Internal
 Apps" Never see
 the external
 threat traffic" Can’t
 withstand a
 direct attack" Never see the
 threat already
 inside enterprise
 " Existing Solutions Have Critical Gaps
  17. 17. Cloud" Pravail" Availability Protection System" Pravail" Network Security Intelligence" See and stop the
 threat anywhere# Stop
 the threat# See the threat lurking
 inside the enterprise# CDNs" Mobile
 Carriers" Service
 Providers" SaaS" Cloud
 Providers" Enterprise
 Perimeter" Mobile
 WiFi" Employees" Corporate
 Servers" Remote
 Offices" Threat Dashboard" Netia’s Solution Bridges the Gaps Internal
 Apps"
  18. 18. Users   An@-­‐Virus   IDS/IPS   NAC   Firewall    Secure  Trust  Perimeter   Mobile  Users   Malware   BYOD   Internet   Mobile  Users   Secure  Trust  Perimeter   Insider   Misuse   Home  Office(s)   Cloud  Services   VPN   Malware   Advanced Threats: From Outside AND Inside Network boundaries are harder to define –  Cloud based data and applications –  Employee mobility / BYOD –  Home Working         Threats are harder to keep out –  Targeted threats –  Walk-in threats (on portable devices) –  Malicious insider Challenge: Control & Security of business data, applications and services as businesses evolve. Data  Center  
  19. 19. Attack Mitigation. In Poland CP TMS
  20. 20. Attack Mitigation. In Poland CP TMS
  21. 21. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) CP TMS
  22. 22. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) CP TMS
  23. 23. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) 3. Divert Traffic (Network wide: BGP OFF-Ramp announcement) CP TMS
  24. 24. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) 4. Clean the Traffic and forward the legitimate (Network wide: using ON-Ramp Technique [e.g. MPLS, GRE, VLAN, …]) 5. Protected 3. Divert Traffic (Network wide: BGP OFF-Ramp announcement) CP TMS
  25. 25. Thank You Questions?

×