DNS and Infrastracture DDoS Protection

•Download as PPTX, PDF•

0 likes•1,591 views

DNS Protection safeguards Incapsula clients’ DNS servers, while also accelerating DNS responses. Infrastructure Protection, enabled by the addition of a GRE tunneling onboarding option, widen Incapsula's security perimeter - allowing it to protect entire subnets, secure all network elements and inspect all TCP/UDP communication.

Technology

Eldad Chai, VP Product
Preparing for the Terabit Scale DDoS Attack

Agenda
• Network DDoS trends
• Is a Terabit DDoS imminent?
• A DDoS resilient network
• Infrastructure and DNS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.2

Where do we stand today?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.3
59%
28%
13%
<20Gbps
20-40Gbps
>40Gbps
Attacks bandwidth is showing
exponential growth
One third of attacks exceed 20Gbps
More than 13% exceed 40Gbps

Its not all bandwidth
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.4
More than 25% of attacks exceed 10Mpps
Most IPS/IDS will crash at 5Mpps

Recent campaigns / SaaS applications
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.5

Recent campaigns / DNS providers
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.6

How are they reaching these numbers?
• Are botnets becoming bigger?
> No, according to www.shadowserver.org
• Are there more open DNS resolvers?
> No, the number is actually declining according to
www.openresolverproject.org
• Are there more open NTP servers?
> Probably not
• So what is it then?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.7

How are they reaching these numbers?
• They are using bigger guns
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.8
Example of a 4Mpps attack
Less than 30 IPs are generating more than 99% of the traffic

What can we learn from all this?
• The stronger the internet is becoming, the stronger the attacks
• The largest attacks use a small set of super resources rather
than a large set of weak resources
• Attacks will far exceed a single network capacity
• Should we expect a 1Tbps+ attack within the next 12-36
months?
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.9

A DDoS resilient network
• Can scale its capacity on demand
> Cloud solution are built to scale efficiently
> Cloud provides the most cost effective way to scale capacity
• Can protect any service from any attack
> Both layer 3&4 and layer 7 mitigation is required
> Web servers and DNS servers are a target for sophisticated attacks
• Provides real time visibility
> You cannot mitigate what you cannot see
• Can respond rapidly to changes
> DDoS mitigation is a delicate balance between false positives and
false negatives
> You need to react quickly to any change that disrupts this balance
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.10

Incapsula DDoS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.
11
DNS
Web
SSH, FTP, Telnet
SIP
SMTP
UDP, TCP
Network services

Incapsula DDoS protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.
12
DNS
Web
SSH, FTP, Telnet
SIP
SMTP
Incapsula
Application
Protection
Incapsula DNS
Protection
Incapsula
Infrastructure
Protection
UDP, TCP

Incapsula Application Protection
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.13
Protect HTTP/S Applications
Layer 3&4 and also Layer 7
Always On / On Demand

Incapsula DNS Protection - NEW
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.14
Protect DNS servers
Prevent Blacklisting
Always On Service

Incapsula Infrastructure Protection - NEW
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.15
Protect all services and protocols
Protect entire IP ranges
Layer 3&4 (Network)
On Demand Service

BGP and Cloud
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.16
LAX
80Gbps
IAD
60Gbps
FRA
80Gbps
+1
23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24
23.5.6.0/
24
IP ranges are announced in Anycast
Traffic is forwarded to origin
over the same GRE tunnel

The “Behemoth”
• We still need to filter DDoS traffic…
• Our requirements
> Filter 100Gbps+ of traffic per POP
> Manage BGP for announcing
> Manage GRE for origin forwarding
> Software defined network (SDN) capabilities
• The solution
> An appliance that can deal with 170Gbps
> Advanced implementations of DDoS filtering algorithms
> Anomaly detection
> Proprietary implementation of BGP and GRE
> C&C for internal networking devices
Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.17

Please send follow up questions to info@incapsula.com
Thank you

What's hot

Joomla Security Simplified — Seven Easy Steps For a More Secure Website

Imperva Incapsula

Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic. This is an introductory guide of how to get set up and monitor the benefits of Argo. Please do note that Argo is an add-on feature.

Cloudflare Argo - Overview

Vu Long Tran

The latest version of the transport layer security (TLS) protocol was launched at the end of 2017, and version 1.3 proposes the largest change with improvements to performance and security. However, there has not been widespread adoption of this protocol which leaves many users exposed to data and privacy breaches. In this webinar, we will look at the new developments in TLS and SSL, why the internet needs better security and the technical challenges of good encryption.

Why Many Websites are still Insecure (and How to Fix Them)

Cloudflare

Alerting is a critical component of the ThousandEyes platform to inform operations teams of performance deviations or problems. From DNS availability to BGP reachability to layer 3 network metrics, ThousandEyes has a wide array of alert triggers. Learn how to use the alerting framework to your advantage by selecting the best alerts, customizing rules and receiving notifications. In this presentation, we share how to match alerts to your most important monitoring use case, customize modular alert rules, configure notifications and alert integrations. https://www.thousandeyes.com/webinars/alerting

ThousandEyes Alerting Essentials for Your Network

ThousandEyes

Gwava gwava6

GWAVA

The Internet is inherently unreliable, a collection of networks connected to each other where things break all the time; cables get cut, bogus routes get advertised, routers crash. Today, to fix all of this, Cloudflare launched Argo, a “virtual backbone” for the modern Internet. Just as Waze can tell you which route to take to avoid congested or blocked roads, Argo can route connections across the Internet efficiently by avoiding packet loss, congestion, and outages.

How to Reduce Latency with Cloudflare Argo Smart Routing

Cloudflare

Two to four seconds. That’s about as long as many consumers will wait for web pages to load before abandoning your page, research shows. Content Delivery Networks (CDN) can help dramatically improve your site’s load times and performance. But what can they do to improve the performance of mobile applications? This is especially problematic when users are connecting from subpar or congested cellular networks which are often beyond the reach of traditional CDN provider POPs. In this webinar, learn how traditional CDN providers operate, and the challenges with delivering to mobile users.

How CDNs Can improve Mobile Application Performance

Cloudflare

Using a secured, cloud-delivered SD-WAN to transform your business network

Netpluz Asia Pte Ltd

Join Cloudflare and CoinGecko, a Singapore-based cryptocurrency ranking chart platform that serves over 100 million pages views per month, for an educational webinar. Learn about the steps CoinGecko took to improve the user experience of its cryptocurrency platform, and how Cloudflare’s Argo Smart Routing routed over 1.2 billion website requests per month to improve performance on average by 65%, while using caching to save CoinGecko up to 88% on bandwidth.

65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...

Cloudflare

Hear the talk on YouTube: https://www.youtube.com/watch?v=lp4dQTSH130 Web Application Firewall security is evolving. Join John Graham-Cumming, CTO of CloudFlare, as he shares the latest trends and changes in Web Application Security. This talk will give details of the big trends in web application security seen in 2015, and how to defend against these threats and talk about the evolving web application security landscape.

Latest Trends in Web Application Security

Cloudflare

Last month, the world’s largest-ever distributed denial of service (DDOS) attack — 1.35 Tbps — hit GitHub and raised the stakes for every commercial website. These increasingly larger and more distributed attacks challenge security practitioners to better anticipate potential attacks on their own applications and infrastructure. In this live webinar, Cloudflare security experts will discuss the new DDoS landscape and mitigation techniques.

What You Should Know Before The Next DDoS Attack

Cloudflare

Cisco IT and ThousandEyes

ThousandEyes

Enterprise Agents: Deployment Best Practices

ThousandEyes

New Products Overview: Use Cases and Demos

Caitlin Magat

What’s New at Cloudflare: New Product Launches

Cloudflare

Securing internal applications for remote employees and contractors is cumbersome to deploy and maintain, missing granular access controls, and slow for users on mobile devices. Join this live webinar to learn how Cloudflare Access protects internal resources by securing, authenticating and monitoring access per-user and by application. With Cloudflare Access, only authenticated users with the required permissions are able to access specific resources behind the Cloudflare edge. Support for existing identity providers such as GSuite and Okta ensures the right users have easy and instant access regardless of physical location. By enforcing access rules at the edge, Cloudflare reduces latency for users.

Securing Internal Applications with Cloudflare Access

Cloudflare

Endpoint Agents monitor application experience and network connectivity of SaaS apps like Salesforce and Office 365. Performance data is collected directly from employee laptops and desktops and aggregated so you can understand real-time performance, long-term trends and individual user issues. In Part 2 of this webinar series, we’ll share: * Metrics you can gather on SaaS performance * How to report on aggregate performance for an app or location * How to troubleshoot both office and remote users

Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere

ThousandEyes

Shanghai Breakout: Access Management with Aruba ClearPass

Aruba, a Hewlett Packard Enterprise company

DDoS Protection System DPS

Alexander Velikiy

Your sales team is in the field, executives are on the road and other employees are often working from home. This means that your help desk and ops teams spend hours validating problems or leave unsolvable tickets open. Endpoint Agent continuously collects performance data about internal or SaaS applications that are used by your remote workers, including metrics about Wi-Fi and VPN connections. This webinar covers how monitoring remote employee connectivity can boost productivity and how Endpoint Agent measures performance through VPNs and on remote networks.

Troubleshooting Remote Workers and VPNs

ThousandEyes

What's hot (20)

Joomla Security Simplified — Seven Easy Steps For a More Secure Website

Cloudflare Argo - Overview

Why Many Websites are still Insecure (and How to Fix Them)

ThousandEyes Alerting Essentials for Your Network

Gwava gwava6

How to Reduce Latency with Cloudflare Argo Smart Routing

How CDNs Can improve Mobile Application Performance

Using a secured, cloud-delivered SD-WAN to transform your business network

65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...

Latest Trends in Web Application Security

What You Should Know Before The Next DDoS Attack

Cisco IT and ThousandEyes

Enterprise Agents: Deployment Best Practices

New Products Overview: Use Cases and Demos

What’s New at Cloudflare: New Product Launches

Securing Internal Applications with Cloudflare Access

Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere

Shanghai Breakout: Access Management with Aruba ClearPass

DDoS Protection System DPS

Troubleshooting Remote Workers and VPNs

Similar to DNS and Infrastracture DDoS Protection

With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack. Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Learn: - Expected trends in the evolving DDoS landscape over the next 12-36 months - Important considerations when selecting your DDoS protection technology - How to prepare your organization to detect and respond to a DDoS attack

Preparing for the Imminent Terabit DDoS Attack

Imperva

The DNS of Things

Peter Silva

D3TLV17- Advanced DDoS Mitigation Techniques

Imperva Incapsula

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

PROIDEA

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

Marta Pacyga

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

Media Perspectives

IPv6 @ Cloudflare

Internet Society

Big Data for Security

Marco Casassa Mont

IT challenges are growing at exponential rates Most of these challenges are external forces pushing in on IT The challenges are a mix of both apps and infrastructure – mobile apps and BYoD tax both the app and network infrastructure However the solutions are typically siloed, focused on solving very specific issues without addressing the larger problems as a whole These technology shifts, many of which are creating market transitions. Creating a great opportunity for solutions. For example, Users no longer work from the office. Today, they work for anywhere, at any time, one any device, and corporations needs solutions for a mobile work force The rise of the Cloud and Software Define Data Center….means that applications are equally portable and require a new set of solutions to ensure they’re fast, secure and available With such changes, there are new forms or threats…from simple FW solutions, to DDoS (volumetric and application centric), to malware, fraud and much more Lets not forget Software Defined “Everything”, customer want a much more agile infrastructure and orchestration and manageability. At a push of a button they want to orchestrate the whole stack. Clearly, there will be more devices and traffic. Demanding more diameter signaling, security and QoE And last, let not forget the HTTP is the new TCP. HTTP is the web protocol and therefore your network infrastructure needs to be aware of the session flows and messages, which requires intelligence beyond the traditional layer 3 solutions All these solutions are having dramatic implications on applications an the users that access them.

The DNS of Things

F5 Networks

Adam Obszyński – pracuje w Infoblox jako Senior Systems Engineer odpowiedzialny za CEE. Wcześniej pracował w Cisco, u kilku integratorów (NXO, MCX, ATM) i operatorów (ATMAN, Polbox, Multinet). Posiada doświadczenie w projektowaniu i wdrażaniu rozwiązań sieciowych i aplikacyjnych. W branży od 20 lat. Certyfikowany inżynier CCIE #8557 oraz CISSP. Prowadził prezentacje i warsztaty na wielu konferencjach w kraju i za granicą (m.in. Cisco Live US & EU, Cisco Forum, Cisco Expo, PLNOG). Temat prezentacji:Case Study – Infoblox Advanced DNS Protection Język prezentacji: Polski Abstrakt: Słyszałeś o typach ataków wymienionych poniżej? A może doświadczyłeś ich w swojej sieci? Phantom domain attack NXDomain attack DNS reflection/DrDoS attacks DNS amplification DNS cache poisoning Protocol anomalies DNS tunneling DNS hijacking Na poprzednim PLNOG mówiłem o unikalnej ochronie DNS za pomocą Infoblox ADP. Tym razem opowiem o tym co nowego zrobiliśmy w ramach ochrony DNS oraz zaprezentuje przypadki ze środowisk sieciowych naszych klientów. Opowiem co się działo w sieci klientów i jak uporaliśmy się z problemami ataków na DNS. Rozwiązanie Advanced DNS Protection od Infoblox dostarcza kompleksowe rozwiązanie do ochrony przed wieloma atakami na usługi DNS. System w inteligentny sposób odróżnia poprawny ruch DNS od złośliwego ruchu DDoS generowanego przez atakujących, takich jak DNS, exploity i słabości. Automatycznie usuwa ruch atakujący podczas gdy z pełną wydajnością odpowiada na poprawny ruch DNS. Ponadto, Advanced DNS Protection otrzymuje automatyczne aktualizacje swoich polityk/reguł, zapewniając stałą ochronę przed wszelkimi nowościami w tej dziedzinie. Infoblox jest pierwszym i jedynym producentem, który oferuje tak wyjątkowe i unkalne rozwiązanie dla najwyższej ochrony krytycznych usług DNS. Więcej szczegółów o rozwiązaniach dla operatorów: www.infoblox.com/sp

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

PROIDEA

RedisConf18 - The Versatility of Redis - Powering our critical business using...

Redis Labs

[Redis conf18] The Versatility of Redis

Eiti Kimura

Data centers move exabytes of data through their networks. This explosive growth in network traffic has put demands on data centers to adapt and add new technologies and standards to keep pace and make information easily accessible. Our personal information, company IP assets and sensitive data run across these networks that are constantly under persistent and malicious cyber attacks to look for vulnerabilities in their networks. IT security teams have to protect complex networks that are growing in size and complexity. They call for a new approach to gaining full – rather than partial – visibility into network behavior to stop downtime losses and data leaks. By providing 1 to 1 NetFlow generation then collecting the data and analyzing the flow records is essential in time-to-resolution (TTR). To help you take full advantage of valuable NetFlow data for use in network security management, Emulex and Lancope have created a best-in-class network and security solution that allows you to quickly and continuously monitor the makeup of the traffic traversing your network. In this webinar, we’ll explore why network security management is crucial in managing functionality and visibility of an organization’s network infrastructure and how Emulex helps address these deployment requirements. We'll also explore what matters most when network security is breached, and share some best practice insights gleaned from working with customers that run some of the largest and most critical data networks on the planet.

Using NetFlow to Streamline Security Analysis and Response to Cyber Threats

Emulex Corporation

The past few months have seen significant changes in global DDoS tactics. We can observe these changes in detail by analyzing traffic patterns from Cloudflare’s global network, which protects more than 27 million Internet properties and blocks 45 billion cyber threats every day. What approaches are DDoS attackers using right now, and what are forward-thinking organizations doing in response? Cloudflare DDoS product experts Omer Yoachimik, and Vivek Ganti will explore new data on DDoS trends and discuss ways to counter these tactics.

Recent DDoS attack trends, and how you should respond

Cloudflare

DNS Made Easy Sales Brochure

DNS Made Easy

9534715

Pavel Odintsov

Scaling service provider business with DDoS-mitigation-as-a-service

Cloudflare

Spider & F5 Round Table - Application Centric Security

Tzoori Tamam

DNS is a mission-critical component for any online business. Yet this component is often overlooked and forgotten until something breaks. As DNS attacks become more prevalent, businesses are starting to realize that the lack of a resilient DNS creates a weak link in their security strategy. Also, adopting the right DNS posture is important for achieving 100% uptime and ensuring uninterrupted superior performance. This becomes even more important during this crisis environment as your online presence is the only bridge connecting your business to customers and prospects. Join this webinar to learn more about: Risks posed by a weak DNS strategy, Different ways to accomplish a redundant DNS setup, How Cloudflare makes it easy to deploy a secure and resilient DNS.

Building Resilient Applications with Cloudflare DNS

DevOps.com

Infoblox - turning DNS from security target to security tool

Jisc

Similar to DNS and Infrastracture DDoS Protection (20)

Preparing for the Imminent Terabit DDoS Attack

The DNS of Things

D3TLV17- Advanced DDoS Mitigation Techniques

PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

IPv6 @ Cloudflare

Big Data for Security

The DNS of Things

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

RedisConf18 - The Versatility of Redis - Powering our critical business using...

[Redis conf18] The Versatility of Redis

Using NetFlow to Streamline Security Analysis and Response to Cyber Threats

Recent DDoS attack trends, and how you should respond

DNS Made Easy Sales Brochure

9534715

Scaling service provider business with DDoS-mitigation-as-a-service

Spider & F5 Round Table - Application Centric Security

Building Resilient Applications with Cloudflare DNS

Infoblox - turning DNS from security target to security tool

More from Imperva Incapsula

D3TLV17- You have Incapsula...now what?

Imperva Incapsula

D3TLV17- Keeping it Safe

Imperva Incapsula

D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...

Imperva Incapsula

D3LDN17 - Recruiting the Browser

Imperva Incapsula

D3LDN17 - A Pragmatists Guide to DDoS Mitigation

Imperva Incapsula

D3LDN17 - Keynote

Imperva Incapsula

D3NY17- Customizing Incapsula to Accommodate Single Sign-On

Imperva Incapsula

D3NY17 - Migrating to the Cloud

Imperva Incapsula

IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Jeff Serota, Technical Account Manager, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.

D3NY17- Using IncapRules to Customize Security

Imperva Incapsula

IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Peter Klimek, Principal Security Engineer, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.

D3SF17- Using Incap Rules to Customize Your Security and Access Control

Imperva Incapsula

D3SF17- Boost Your Website Performance with Application Delivery Rules

Imperva Incapsula

D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...

Imperva Incapsula

D3SF17- Improving Our China Clients Performance

Imperva Incapsula

Moving your critical applications from on-premises servers to the cloud can be a daunting prospect — but it doesn't need to be. Drawing on over 5 years of experience bringing some of the largest CMS sites on the Web into the cloud, Vasken Hauri, VP of Engineering at 10up, covers the key aspects you'll need to consider to ensure a smooth and successful migration. He also touches on some best practices you can apply post-migration to keep your sites secure, performant, and worry-free in an era where our toasters can launch DDoS attacks.

D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned

Imperva Incapsula

D3SF17 -Keynote - Staying Ahead of the Curve

Imperva Incapsula

Understanding Web Bots and How They Hurt Your Business

Imperva Incapsula

Mondrian, MySQL, Mongo, Casandra, Lucene. You name it, we tried it. As a startup looking for cost-efficient and scalable solutions to power our event processing and statistics backend, we gave almost every Big Data technology out there a go. What we learned from these experiences is that doing it yourself is better than using plug-and-play black box solutions. This presentation details the building of Incapsula’s Big Data system as a case study, examining the requirements and the different evolutionary phases it went through before becoming what it is today.

From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...

Imperva Incapsula

Load Balancing from the Cloud - Layer 7 Aware Solution

Imperva Incapsula

Humans Are Now A Minority On The Internet

Imperva Incapsula

Under DDoS: Instant Access to Live Information

Imperva Incapsula

More from Imperva Incapsula (20)

D3TLV17- You have Incapsula...now what?

D3TLV17- Keeping it Safe

D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...

D3LDN17 - Recruiting the Browser

D3LDN17 - A Pragmatists Guide to DDoS Mitigation

D3LDN17 - Keynote

D3NY17- Customizing Incapsula to Accommodate Single Sign-On

D3NY17 - Migrating to the Cloud

D3NY17- Using IncapRules to Customize Security

D3SF17- Using Incap Rules to Customize Your Security and Access Control

D3SF17- Boost Your Website Performance with Application Delivery Rules

D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...

D3SF17- Improving Our China Clients Performance

D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned

D3SF17 -Keynote - Staying Ahead of the Curve

Understanding Web Bots and How They Hurt Your Business

From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...

Load Balancing from the Cloud - Layer 7 Aware Solution

Humans Are Now A Minority On The Internet

Under DDoS: Instant Access to Live Information

Recently uploaded

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Developing An App To Navigate The Roads of Brazil

V3cube

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Tech Trends Report 2024 Future Today Institute.pdf

hans926745

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Scaling API-first – The story of a global engineering organization

Radu Cotescu

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘

presentation ICT roal in 21st century education

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

A Year of the Servo Reboot: Where Are We Now?

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

GenAI Risks & Security Meetup 01052024.pdf

Developing An App To Navigate The Roads of Brazil

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Tech Trends Report 2024 Future Today Institute.pdf

Finology Group – Insurtech Innovation Award 2024

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Scaling API-first – The story of a global engineering organization

Powerful Google developer tools for immediate impact! (2023-24 C)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Partners Life - Insurer Innovation Award 2024

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Automating Google Workspace (GWS) & more with Apps Script

Artificial Intelligence: Facts and Myths

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

DNS and Infrastracture DDoS Protection

1. Eldad Chai, VP Product Preparing for the Terabit Scale DDoS Attack

3. Where do we stand today? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.3 59% 28% 13% <20Gbps 20-40Gbps >40Gbps Attacks bandwidth is showing exponential growth One third of attacks exceed 20Gbps More than 13% exceed 40Gbps

7. How are they reaching these numbers? • Are botnets becoming bigger? > No, according to www.shadowserver.org • Are there more open DNS resolvers? > No, the number is actually declining according to www.openresolverproject.org • Are there more open NTP servers? > Probably not • So what is it then? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.7

8. How are they reaching these numbers? • They are using bigger guns Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.8 Example of a 4Mpps attack Less than 30 IPs are generating more than 99% of the traffic

9. What can we learn from all this? • The stronger the internet is becoming, the stronger the attacks • The largest attacks use a small set of super resources rather than a large set of weak resources • Attacks will far exceed a single network capacity • Should we expect a 1Tbps+ attack within the next 12-36 months? Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.9

10. A DDoS resilient network • Can scale its capacity on demand > Cloud solution are built to scale efficiently > Cloud provides the most cost effective way to scale capacity • Can protect any service from any attack > Both layer 3&4 and layer 7 mitigation is required > Web servers and DNS servers are a target for sophisticated attacks • Provides real time visibility > You cannot mitigate what you cannot see • Can respond rapidly to changes > DDoS mitigation is a delicate balance between false positives and false negatives > You need to react quickly to any change that disrupts this balance Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.10

12. Incapsula DDoS protection Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved. 12 DNS Web SSH, FTP, Telnet SIP SMTP Incapsula Application Protection Incapsula DNS Protection Incapsula Infrastructure Protection UDP, TCP

15. Incapsula Infrastructure Protection - NEW Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.15 Protect all services and protocols Protect entire IP ranges Layer 3&4 (Network) On Demand Service

16. BGP and Cloud Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.16 LAX 80Gbps IAD 60Gbps FRA 80Gbps +1 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/24 23.5.6.0/ 24 IP ranges are announced in Anycast Traffic is forwarded to origin over the same GRE tunnel

17. The “Behemoth” • We still need to filter DDoS traffic… • Our requirements > Filter 100Gbps+ of traffic per POP > Manage BGP for announcing > Manage GRE for origin forwarding > Software defined network (SDN) capabilities • The solution > An appliance that can deal with 170Gbps > Advanced implementations of DDoS filtering algorithms > Anomaly detection > Proprietary implementation of BGP and GRE > C&C for internal networking devices Incapsula, Inc. / Proprietary and Confidential. All Rights Reserved.17

18. Please send follow up questions to info@incapsula.com Thank you

Editor's Notes

Click to edit Master text styles Second level Third level Fourth level Fifth level

DNS and Infrastracture DDoS Protection

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to DNS and Infrastracture DDoS Protection

Similar to DNS and Infrastracture DDoS Protection (20)

More from Imperva Incapsula

More from Imperva Incapsula (20)

Recently uploaded

Recently uploaded (20)

DNS and Infrastracture DDoS Protection

Editor's Notes