SlideShare a Scribd company logo

DDoS Defenses | DDoS Protection and Mitigation | MazeBolt

MazeBolt Technologies
MazeBolt Technologies

With several DDoS defense technologies available in the market, which one is good for your organization? Choose the mitigation solution that works best for your needs.

Technology
1 of 13
Download to read offline
1
2 © MazeBolt Technologies. All Rights Reserved. Table of Contents MazeBolt Introduction ......................................................................................................................................3 Executive Summary..........................................................................................................................................4 Components of a DDoS Mitigation System........................................................................................................5 Approaches to Mitigation Activity.....................................................................................................................6 Cloud Based Solutions .....................................................................................................................................6 1. Scrubbing Center.....................................................................................................................6 1. Content Delivery Network (CDN) ..............................................................................................7 On-Prem. Based Solutions ...............................................................................................................................8 2. Vendor Appliances (Customer Premises Equipment - CPE)......................................................8 3. Intrusion Prevention Systems (IPS) .........................................................................................9 4. Web Application Firewalls (WAFs) ...........................................................................................9 5. Load Balancer .......................................................................................................................10 6. Firewall .................................................................................................................................11 7. Components Summary ..........................................................................................................12 8. Conclusion ............................................................................................................................12 About MazeBolt .............................................................................................................................................13 Sources .........................................................................................................................................................13 Table of Figures FIGURE 1 - ILLUSTRATION OF A TYPICAL HYBRID DDOS MITIGATION POSTURE.........................................................5 FIGURE 2 – ILLUSTRATION OF A CLOUD SCRUBBING CENTER..................................................................................6 FIGURE 3 - ILLUSTRATION OF A CONTENT DISTRIBUTION NETWORK (CDN)..............................................................7 FIGURE 4 - ILLUSTRATION OF DEDICATED ON-PREM DDOS MITIGATION EQUIPMENT ................................................8 FIGURE 5 - ILLUSTRATION OF AN INTRUSION PREVENTION SYSTEM (IPS).................................................................9 FIGURE 6 - ILLUSTRATION OF A WEB APPLICATION FIREWALL (WAF)................................................................... 10 FIGURE 7 - ILLUSTRATION OF A LOAD BALANCER ................................................................................................ 11 FIGURE 8 - ILLUSTRATION OF A FIREWALL .......................................................................................................... 11
3 © MazeBolt Technologies. All Rights Reserved. MazeBolt Introduction MazeBolt is an innovation leader in cybersecurity and part of the DDoS mitigation space. Offering full DDoS risk detection and elimination and working with any mitigation system to provide end to end full coverage. Supporting organizations in avoiding downtime and closing DDoS vulnerabilities before an attack happens. MazeBolt’s leading DDoS Testing solutions cover both: Traditional DDoS Testing: The commonly available DDoS Testing technology that is disruptive to ongoing operations and requires maintenance windows. MazeBolt’s traditional BaseLine DDoS Testing Methodology – the de-facto industry standard – is the most effective method of traditional testing that provides validation of over 95% of all DDoS attack vectors in just 3 hours. **NEW** Non-Disruptive DDoS Testing: MazeBolt’s DDoS RADAR™ has ZERO impact on ongoing operations that allows it to test a company’s entire network against hundreds of DDoS attack vectors continuously 24/7. MazeBolt’s patent pending DDoS RADAR™ is the only DDoS testing method that unlike traditional DDoS Testing (that is limited in time (maintenance window) and network (up to 5 IPs)), provides a unique, comprehensive answer to the challenge of DDoS prevention.
4 © MazeBolt Technologies. All Rights Reserved. Executive Summary Generally, the more complex the mitigation system, the more likely failure will be due to configuration issues. This is because most Enterprise IT organizations don’t have the time or resources to ensure that every part of their DDoS Mitigation posture is updated, integrated, and running the right settings for their specific environment. No matter what the level of complexity or robustness, your mitigation system most likely has some combination of the following components: ▪ Scrubbing Center (BGP) ▪ Content Delivery Network (CDN) ▪ Vendor Appliances (CPE Equipment) ▪ Intrusion Detection System/Intrusion Prevention System ▪ Web Application Firewall This document reviews the most common network devices from the DDoS mitigation perspective to provide clarity regarding the role each element plays in mitigating DDoS attacks. Questions this document answers: ● Do WAFs, Firewalls and Load balances protect against DDoS Traffic? ● What is the difference between an Intrusion Prevention System (IPS) and a DDoS mitigation system? ● Does a CDN completely replace DDoS mitigation? ● What are the crucial systems my specific network needs for optimal DDoS mitigation? ● Does cloud based mitigation (scrubbing) deprecate on-prem DDoS mitigation?
5 © MazeBolt Technologies. All Rights Reserved. Components of a DDoS Mitigation System There are generally three types of DDoS mitigation postures: Cloud based, On-Prem solutions, and lastly, hybrid combinations of the two. Each has its own advantages and disadvantages and the decision of which to use largely depends on the company’s infrastructure. Most mitigation systems consist of a combination of components. This combination is essential because each component is proficient in responding to different types of attacks. Most companies today opt for a hybrid setup. At the very least they would include a scrubbing center to protect their bandwidth. Without it, their internet pipe is very likely to be easily saturated, even if the attack traffic does not enter their internal network. That being said, companies that host their infrastructure exclusively in the cloud (AWS, Google, Azure) cannot have on-prem mitigation devices (as they just don’t have an infrastructure premise), but should still have a scrubbing center. Figure 1 - Illustration of a Typical Hybrid DDoS Mitigation Posture
6 © MazeBolt Technologies. All Rights Reserved. Approaches to Mitigation Activity DDoS mitigation generally takes one of two approaches: ● Proactive, “always on” – Goes into effect automatically. All traffic is inspected, and suspicious traffic is separated out before it gets to your infrastructure, preventing it from going down. ● Reactive, “on demand” – Also known as Monitoring Mode. Components that take this approach do not block automatically, they monitor and wait for a block order. This isn’t always automated, which means by the time the mitigation provider discovers the problem – often reported via a client calling the customer service line – it may be too late to prevent downtime. Cloud Based Solutions 1. Scrubbing Center Component Snapshot Deployment Location: Cloud-based Functional Role: Scalable Data Cleanser DDoS Mitigation Capabilities: Layer 3 & 4 – Strong Layer 7 – Conditional on SSL visibility Most scrubbing centers are cloud-based. They are the first source of defense for most volumetric attacks, which send an enormous number of packets in an attempt to overwhelm your network resources and saturate bandwidth. Most Application Layer (Layer 7) traffic is encrypted, this means that the ability of a scrubbing service to effectively mitigate malicious Application Layer traffic is highly dependent on whether it has the relevant decryption keys – i.e. “SSL Visibility”. Figure 2 – Illustration of a Cloud Scrubbing Center Scrubbing centers are essentially data cleansers – They review traffic going through them and remove packets that don’t adhere to the rules and guidelines defined. The reason they are used mostly against large volumetric attacks is because of their ability to scale and match even some of the largest floods exceeding 10Tbps.
7 © MazeBolt Technologies. All Rights Reserved. Scrubbing centers generally use the Border Gateway Protocol (BGP). BGP routes traffic according to rule-sets, policies and metrics. It forces all traffic to go through the scrubbing center, where the incoming attack traffic is cleaned before being forwarded to the organizations’ IT infrastructure. Using a scrubbing center will protect an organization against an attacker targeting the name (DNS name) of your organization or the numerical IP address. 1. Content Delivery Network (CDN) Component Snapshot Deployment Location: Cloud-based Functional Role: Static Content Serving DDoS Mitigation Capabilities: Good - Situational Content Delivery Networks (CDNs) use the DNS (Domain Name System) protocol to route traffic through the CDN provider’s system. Figure 3 - Illustration of a Content Distribution Network (CDN) In its most basic form, a Content Delivery Network is used to improve your customers’ access to your website’s content. CDNs cache some of the site’s resources, and only forward requests it cannot handle, that is, only Layer 7 traffic. Incidentally, that means that Layers 3 and 4 traffic is never forwarded by a CDN to the organization’s IT infrastructure, thus protecting it against volumetric attacks. However, CDNs will only protect organizations against attacks that use the DNS names as their target. For example: An attacker targeting www.bankingplusonline.com will be forced to go through the CDN. But, if the attacker targets the same organization by inputting the site’s IP address directly, i.e. 10.249.3.2 – you are not protected because your CDN provider never even sees the attack. A CDN can only be a part of a bigger DDoS mitigation scheme. Usually more advanced attackers can find and attack the source IP of the website directly, circumventing the CDN completely.
8 © MazeBolt Technologies. All Rights Reserved. On-Prem. Based Solutions 2. Vendor Appliances (Customer Premises Equipment - CPE) Component Snapshot Deployment Location: On-Prem. Functional Role: DDoS Mitigation and Protection DDoS Mitigation Capabilities: Strong Vendor appliances contain a variety of proprietary technologies, but, at their core, they are all tuned to detect and stop DDoS attacks. DDoS CPE equipment is generally located at the very edge of the organization's network, after the router but before reaching the internal network infrastructure, E.g. Firewalls, Load Balancers etc. Figure 4 - Illustration of Dedicated On-Prem DDoS Mitigation Equipment The appliances vary from being a combination of other components – to being a completely proprietary device consisting of highly specialized software and hardware fine-tuned to protect against DDoS attacks. Many of the devices deliver in-depth traffic analysis, bandwidth monitoring, and anomaly reports, allowing for better network traffic planning and DDoS attack analysis. Detection of malicious packets triggers filters that only allow the legitimate traffic to get through. Post- attack forensics may provide lessons learned, so the systems can be better tuned for mitigation of future attacks. Processing speed varies among vendors, with some offering over 100Gbps throughput. With the increasing use of AI, vendors are including more specialized detection software based on behavioral analysis, better-tuned anomaly detection, and active intelligence gathering. CPE equipment without a scrubbing center will not protect against large volumetric attacks, even if the CPE equipment is well configured. The CPE alone will not provide protection against internet pipe saturation.
9 © MazeBolt Technologies. All Rights Reserved. 3. Intrusion Prevention Systems (IPS) Component Snapshot Deployment Location: On-Prem. Functional Role: Detecting and Stopping Cyber Attacks DDoS Mitigation Capabilities: Poor These appliances specifically monitor suspicious activities within the network. They can be part of the router system, integrated into the firewall, serve as a back-up to a firewall, or sit deeper within the network infrastructure. Figure 5 - Illustration of an Intrusion Prevention System (IPS) They inspect and scan packets based on pre-existing rule sets, signatures, protocol status, or anomaly detection, creating alerts and/or blocking when any type of cyberattack is suspected. The underlying design is focused on blocking security breaches, and is not set to stop a DDoS attack. These systems generally have some layer 3, 4 and 7 protection capabilities, but can only be used to help filter out leakage from components up stream, or potentially to block prolonged Layer 7 attack campaigns. Generally most DDoS attacks cannot be mitigated using IPS systems and having to use an IPS system to block an attack most likely means the organization targeted is under a very advanced DDoS attack campaign in which CPE and or scrubbing center services are failing to mitigate Layer 7 attack traffic. 4. Web Application Firewalls (WAFs) Component Snapshot Deployment Location: On-Prem./Cloud-based Functional Role: Protection against Layer 7 Application Attacks DDoS Mitigation Capabilities: Mild WAFs perform multiple functions – intrusion detection and DDoS attack detection and prevention. They analyze application traffic, distinguishing potential risks from legitimate
10 © MazeBolt Technologies. All Rights Reserved. usage, controlling access to applications or services by applying a set of rules to incoming HTTP traffic. They perform deep-packet inspections, locating, identifying, classifying, rerouting and/or blocking packets with specific data or code payloads. Figure 6 - Illustration of a Web Application Firewall (WAF) WAFs depend on white-listing and black-listing, which means they must be updated continuously. Legitimate user traffic will be allowed through, while suspicious traffic will be routed elsewhere for further inspection or simply blocked. The web application firewall can be customized to your applications. For example, protecting from certain attacks against functionality – they generally protect against layer 7 attacks, which directly affect applications. The inspection process does increase latency and affects the user experience, so efficiency is key. The WAF can also be cloud-based via a service provider like AWS. Still, it generally does not protect against volumetric attacks on layers 3 and 4 that target network availability. 5. Load Balancer Component Snapshot Deployment Location: On-Prem. Functional Role: Distributing Incoming Traffic DDoS Mitigation Capabilities: Poor A Load Balancer receives traffic from many clients and distributes that traffic evenly between multiple application servers of the same type. In many cases multiple servers are preferred over a single stronger server for the increased reliability and availability they provide. A Load Balancer acts as a man-in-the-middle. Clients connect to it on one end, and the load balancer creates a connection to one of the application servers on behalf of the client. In this way, the load balancer has to keep track of every connection's state i.e. the load balancer is a stateful device. Like many other stateful devices, the load balancer is vulnerable to state-table saturation attacks e.g. HTTP attacks and a SYN flood.
11 © MazeBolt Technologies. All Rights Reserved. Figure 7 - Illustration of a Load Balancer A Load Balancer can help offset DDoS Attacks by distributing the malicious traffic between the application servers. Unfortunately, without a stronger DDoS mitigation component upstream to filter out most of the attack traffic, the load balancer will not be enough to stop your site from being overwhelmed. 6. Firewall Component Snapshot Deployment Location: On-Prem. Functional Role: Rule-based Traffic Filtering DDoS Mitigation Capabilities: Mild The Firewall guards the entrance to your internal network, preventing certain types of packets or requests from reaching your servers. It does so using rules defined at setup time, and mostly filters according to allowed packet types and the connection states. Figure 8 - Illustration of a Firewall
12 © MazeBolt Technologies. All Rights Reserved. A Firewall keeps a record of the state of every connection opened between external clients and the internal servers and uses those records to filter out any packet that is out-of-state. Unsurprisingly, that qualifies the Firewall as a stateful device. Like many other stateful devices, the firewall is vulnerable to state-table saturation attacks e.g. HTTP attacks and a SYN flood. A Firewall can filter the packets that are part of a DDoS attack but is usually not optimized for the amount of incoming packets that a DDoS entails. It will become overloaded very quickly and will go into a fail-open or fail-closed state, both of which are sure to cause downtime. 7. Components Summary No. Component Network Location DDoS Mitigation Capabilities Comments 1. Scrubbing Center Cloud-based Layer 3 & 4 – Strong The main protection against volumetric attacks Layer 7 – Conditional on SSL visibility 2. CDN Cloud-based Good – Situational Can mitigate DDoS Attacks but will not stop skilled attackers. 3. CPE On-Prem. Strong The main on-site protection 4. IPS On-Prem. Poor Unsuitable for DDoS Mitigation 5. WAF On-Prem. /Cloud- based Mild Cannot process the volume of traffic a DDoS attack entails. 6. Load Balancer On-Prem. Poor Has no defensive capabilities 7. Firewall On-Prem. Mild Cannot process the volume of traffic a DDoS attack entails. 8. Conclusion Choosing the right combination of mitigation devices requires an understanding of how each devices’ capabilities match your environment's needs together with an objective look at the corporate requirements – risk, available resources, budget, personnel, existing network infrastructure.
13 © MazeBolt Technologies. All Rights Reserved. However, even with the most sophisticated DDoS mitigation and testing solutions deployed, most companies are left with a staggering 48% DDoS vulnerability level. The vulnerability gap stems from DDoS mitigation solutions & infrequent Red Team DDoS testing being reactive, instead of continuously evaluating and closing vulnerabilities. Mitigation solutions do not constantly re-configure and fine tune their DDoS mitigation policies. Leaving their ongoing visibility limited and forcing them to troubleshoot issues at the very worst possible time, that is, when systems are brought down by a successful DDoS attack. These solutions are all reactive, reacting to an attack and not closing DDoS vulnerabilities before an attack happens. About RADAR ™ RADAR™, MazeBolt’s new patented technology solution is part of the MazeBolt security platform. RADAR™, simulates DDoS attacks continuously and non-disruptively. Delivering advanced intelligence, through straightforward reports on how to remediate the DDoS vulnerabilities found. With RADAR™ organizations achieve, maintain, and verify the continuous closing of their DDoS vulnerability gaps. Reducing and maintaining the vulnerability level of a damaging DDoS attack from an average of 48% to under 2% ongoing. About MazeBolt MazeBolt is an innovation leader in cybersecurity and part of the DDoS mitigation space. Offering full DDoS risk detection and elimination and working with any mitigation system to provide end to end full coverage. Supporting organizations in avoiding downtime and closing DDoS vulnerabilities before an attack happens. Sources 1. https://en.wikipedia.org/wiki/Application_firewall 2. https://www.techwalla.com/articles/what-are-the-advantages-and-disadvantages-of- using-a-firewall 3. https://searchnetworking.techtarget.com/definition/deep-packet-inspection-DPI 4. https://arxiv.org/pdf/1710.08628.pdf 5. http://www.ijiss.org/ijiss/index.php/ijiss2/article/view/248/pdf_561 6. https://www.sans.org/reading-room/whitepapers/intrusion/summary-dos-ddos- prevention-monitoring-mitigation-techniques-service-provider-environment-1212 7. http://www.infosecurityeurope.com/__novadocuments/22581 8. https://en.wikipedia.org/wiki/Data_monitoring_switch

Recommended

Why DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesWhy DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesMazeBolt Technologies
 
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltDDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltMazeBolt Technologies
 
Automatic DDoS Attack Simulator | MazeBolt Technologies
Automatic DDoS Attack Simulator | MazeBolt TechnologiesAutomatic DDoS Attack Simulator | MazeBolt Technologies
Automatic DDoS Attack Simulator | MazeBolt TechnologiesMazeBolt Technologies
 
Common Types of DDoS Attacks | MazeBolt Technologies
Common Types of DDoS Attacks | MazeBolt TechnologiesCommon Types of DDoS Attacks | MazeBolt Technologies
Common Types of DDoS Attacks | MazeBolt TechnologiesMazeBolt Technologies
 
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesCost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesMazeBolt Technologies
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
DDoS Explained
DDoS ExplainedDDoS Explained
DDoS ExplainedThe Lorenzi Group
 
DDoS
DDoSDDoS
DDoSMilan Petrásek
 

Recommended

Why DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesWhy DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesMazeBolt Technologies
 
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltDDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltMazeBolt Technologies
 
Automatic DDoS Attack Simulator | MazeBolt Technologies
Automatic DDoS Attack Simulator | MazeBolt TechnologiesAutomatic DDoS Attack Simulator | MazeBolt Technologies
Automatic DDoS Attack Simulator | MazeBolt TechnologiesMazeBolt Technologies
 
Common Types of DDoS Attacks | MazeBolt Technologies
Common Types of DDoS Attacks | MazeBolt TechnologiesCommon Types of DDoS Attacks | MazeBolt Technologies
Common Types of DDoS Attacks | MazeBolt TechnologiesMazeBolt Technologies
 
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesCost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesMazeBolt Technologies
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
DDoS Explained
DDoS ExplainedDDoS Explained
DDoS ExplainedThe Lorenzi Group
 
DDoS
DDoSDDoS
DDoSMilan Petrásek
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
DDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersDDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersStephanie Weagle
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...Deenuji Loganathan
 
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosHaltdos
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSDSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSAndris Soroka
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Distil technical-white-paper
Distil technical-white-paperDistil technical-white-paper
Distil technical-white-paperDr. Augustine Fou - Independent Ad Fraud Researcher
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignTing Yin
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014Michael Bunn
 
Ambesh
AmbeshAmbesh
AmbeshAmbesh Sharma
 
ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1CloudSyntrix
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceInformation Security Awareness Group
 

More Related Content

What's hot

The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
DDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersDDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersStephanie Weagle
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...Deenuji Loganathan
 
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosHaltdos
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSDSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSAndris Soroka
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignTing Yin
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014Michael Bunn
 

What's hot (20)

The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWARE
 
DDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customersDDoS Defense for the Hosting Provider - Protection for you and your customers
DDoS Defense for the Hosting Provider - Protection for you and your customers
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWARE
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
 
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPs
 
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSDSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Distil technical-white-paper
Distil technical-white-paperDistil technical-white-paper
Distil technical-white-paper
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web Design
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
 
Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014Gartner Magic Quadrant for Secure Email Gateways 2014
Gartner Magic Quadrant for Secure Email Gateways 2014
 
Ambesh
AmbeshAmbesh
Ambesh
 

Similar to DDoS Defenses | DDoS Protection and Mitigation | MazeBolt

ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1CloudSyntrix
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceInformation Security Awareness Group
 
Cloud Computing
Cloud Computing Cloud Computing
Cloud ComputingAbdul Aslam
 
Tools of noc
Tools of nocTools of noc
Tools of nocmunawarul
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxsarah david
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 
3 Reasons Why The Host Rules Intrusion Detection in The Cloud
3 Reasons Why The Host Rules Intrusion Detection in The Cloud 3 Reasons Why The Host Rules Intrusion Detection in The Cloud
3 Reasons Why The Host Rules Intrusion Detection in The Cloud Threat Stack
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyNetwork Intelligence India
 
V mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperV mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperEMC
 
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...Ziv Ichilov
 
Secure Cloud Hosting.paper
Secure Cloud Hosting.paperSecure Cloud Hosting.paper
Secure Cloud Hosting.paperjagan339
 
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)Lustratus REPAMA
 

Similar to DDoS Defenses | DDoS Protection and Mitigation | MazeBolt (20)

ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1ABS Cloud Computing Implementation Guide 1.1
ABS Cloud Computing Implementation Guide 1.1
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security Alliance
 
Cloud Computing
Cloud Computing Cloud Computing
Cloud Computing
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Tools of noc
Tools of nocTools of noc
Tools of noc
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
Final report
Final reportFinal report
Final report
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
 
3 Reasons Why The Host Rules Intrusion Detection in The Cloud
3 Reasons Why The Host Rules Intrusion Detection in The Cloud 3 Reasons Why The Host Rules Intrusion Detection in The Cloud
3 Reasons Why The Host Rules Intrusion Detection in The Cloud
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
 
V mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paperV mware sddc-micro-segmentation-white-paper
V mware sddc-micro-segmentation-white-paper
 
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Clustering overview2
Clustering overview2Clustering overview2
Clustering overview2
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Secure Cloud Hosting.paper
Secure Cloud Hosting.paperSecure Cloud Hosting.paper
Secure Cloud Hosting.paper
 
Segmentation on azure platform
Segmentation on azure platformSegmentation on azure platform
Segmentation on azure platform
 
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)
Cloud Computing Without The Hype An Executive Guide (1.00 Slideshare)
 

More from MazeBolt Technologies

Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyMazeBolt Technologies
 
DDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt TechnologiesDDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt TechnologiesMazeBolt Technologies
 
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...MazeBolt Technologies
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyMazeBolt Technologies
 
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoS
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoSTop 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoS
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoSMazeBolt Technologies
 
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020 DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020 MazeBolt Technologies
 

More from MazeBolt Technologies (6)

Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
 
DDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt TechnologiesDDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt Technologies
 
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...
Mitigating Modern DDoS Attacks | Evaluate DDoS Protection | MazeBolt Technolo...
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
 
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoS
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoSTop 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoS
Top 10 DDoS Attacks 2019 | MazeBolt Technologies | Infographics on DDoS
 
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020 DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020
DDoS Effects On Enterprises 2020 | Industries affected by DDoS Attacks in 2020
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

DDoS Defenses | DDoS Protection and Mitigation | MazeBolt

  • 1. 1
  • 2. 2 © MazeBolt Technologies. All Rights Reserved. Table of Contents MazeBolt Introduction ......................................................................................................................................3 Executive Summary..........................................................................................................................................4 Components of a DDoS Mitigation System........................................................................................................5 Approaches to Mitigation Activity.....................................................................................................................6 Cloud Based Solutions .....................................................................................................................................6 1. Scrubbing Center.....................................................................................................................6 1. Content Delivery Network (CDN) ..............................................................................................7 On-Prem. Based Solutions ...............................................................................................................................8 2. Vendor Appliances (Customer Premises Equipment - CPE)......................................................8 3. Intrusion Prevention Systems (IPS) .........................................................................................9 4. Web Application Firewalls (WAFs) ...........................................................................................9 5. Load Balancer .......................................................................................................................10 6. Firewall .................................................................................................................................11 7. Components Summary ..........................................................................................................12 8. Conclusion ............................................................................................................................12 About MazeBolt .............................................................................................................................................13 Sources .........................................................................................................................................................13 Table of Figures FIGURE 1 - ILLUSTRATION OF A TYPICAL HYBRID DDOS MITIGATION POSTURE.........................................................5 FIGURE 2 – ILLUSTRATION OF A CLOUD SCRUBBING CENTER..................................................................................6 FIGURE 3 - ILLUSTRATION OF A CONTENT DISTRIBUTION NETWORK (CDN)..............................................................7 FIGURE 4 - ILLUSTRATION OF DEDICATED ON-PREM DDOS MITIGATION EQUIPMENT ................................................8 FIGURE 5 - ILLUSTRATION OF AN INTRUSION PREVENTION SYSTEM (IPS).................................................................9 FIGURE 6 - ILLUSTRATION OF A WEB APPLICATION FIREWALL (WAF)................................................................... 10 FIGURE 7 - ILLUSTRATION OF A LOAD BALANCER ................................................................................................ 11 FIGURE 8 - ILLUSTRATION OF A FIREWALL .......................................................................................................... 11
  • 3. 3 © MazeBolt Technologies. All Rights Reserved. MazeBolt Introduction MazeBolt is an innovation leader in cybersecurity and part of the DDoS mitigation space. Offering full DDoS risk detection and elimination and working with any mitigation system to provide end to end full coverage. Supporting organizations in avoiding downtime and closing DDoS vulnerabilities before an attack happens. MazeBolt’s leading DDoS Testing solutions cover both: Traditional DDoS Testing: The commonly available DDoS Testing technology that is disruptive to ongoing operations and requires maintenance windows. MazeBolt’s traditional BaseLine DDoS Testing Methodology – the de-facto industry standard – is the most effective method of traditional testing that provides validation of over 95% of all DDoS attack vectors in just 3 hours. **NEW** Non-Disruptive DDoS Testing: MazeBolt’s DDoS RADAR™ has ZERO impact on ongoing operations that allows it to test a company’s entire network against hundreds of DDoS attack vectors continuously 24/7. MazeBolt’s patent pending DDoS RADAR™ is the only DDoS testing method that unlike traditional DDoS Testing (that is limited in time (maintenance window) and network (up to 5 IPs)), provides a unique, comprehensive answer to the challenge of DDoS prevention.
  • 4. 4 © MazeBolt Technologies. All Rights Reserved. Executive Summary Generally, the more complex the mitigation system, the more likely failure will be due to configuration issues. This is because most Enterprise IT organizations don’t have the time or resources to ensure that every part of their DDoS Mitigation posture is updated, integrated, and running the right settings for their specific environment. No matter what the level of complexity or robustness, your mitigation system most likely has some combination of the following components: ▪ Scrubbing Center (BGP) ▪ Content Delivery Network (CDN) ▪ Vendor Appliances (CPE Equipment) ▪ Intrusion Detection System/Intrusion Prevention System ▪ Web Application Firewall This document reviews the most common network devices from the DDoS mitigation perspective to provide clarity regarding the role each element plays in mitigating DDoS attacks. Questions this document answers: ● Do WAFs, Firewalls and Load balances protect against DDoS Traffic? ● What is the difference between an Intrusion Prevention System (IPS) and a DDoS mitigation system? ● Does a CDN completely replace DDoS mitigation? ● What are the crucial systems my specific network needs for optimal DDoS mitigation? ● Does cloud based mitigation (scrubbing) deprecate on-prem DDoS mitigation?
  • 5. 5 © MazeBolt Technologies. All Rights Reserved. Components of a DDoS Mitigation System There are generally three types of DDoS mitigation postures: Cloud based, On-Prem solutions, and lastly, hybrid combinations of the two. Each has its own advantages and disadvantages and the decision of which to use largely depends on the company’s infrastructure. Most mitigation systems consist of a combination of components. This combination is essential because each component is proficient in responding to different types of attacks. Most companies today opt for a hybrid setup. At the very least they would include a scrubbing center to protect their bandwidth. Without it, their internet pipe is very likely to be easily saturated, even if the attack traffic does not enter their internal network. That being said, companies that host their infrastructure exclusively in the cloud (AWS, Google, Azure) cannot have on-prem mitigation devices (as they just don’t have an infrastructure premise), but should still have a scrubbing center. Figure 1 - Illustration of a Typical Hybrid DDoS Mitigation Posture
  • 6. 6 © MazeBolt Technologies. All Rights Reserved. Approaches to Mitigation Activity DDoS mitigation generally takes one of two approaches: ● Proactive, “always on” – Goes into effect automatically. All traffic is inspected, and suspicious traffic is separated out before it gets to your infrastructure, preventing it from going down. ● Reactive, “on demand” – Also known as Monitoring Mode. Components that take this approach do not block automatically, they monitor and wait for a block order. This isn’t always automated, which means by the time the mitigation provider discovers the problem – often reported via a client calling the customer service line – it may be too late to prevent downtime. Cloud Based Solutions 1. Scrubbing Center Component Snapshot Deployment Location: Cloud-based Functional Role: Scalable Data Cleanser DDoS Mitigation Capabilities: Layer 3 & 4 – Strong Layer 7 – Conditional on SSL visibility Most scrubbing centers are cloud-based. They are the first source of defense for most volumetric attacks, which send an enormous number of packets in an attempt to overwhelm your network resources and saturate bandwidth. Most Application Layer (Layer 7) traffic is encrypted, this means that the ability of a scrubbing service to effectively mitigate malicious Application Layer traffic is highly dependent on whether it has the relevant decryption keys – i.e. “SSL Visibility”. Figure 2 – Illustration of a Cloud Scrubbing Center Scrubbing centers are essentially data cleansers – They review traffic going through them and remove packets that don’t adhere to the rules and guidelines defined. The reason they are used mostly against large volumetric attacks is because of their ability to scale and match even some of the largest floods exceeding 10Tbps.
  • 7. 7 © MazeBolt Technologies. All Rights Reserved. Scrubbing centers generally use the Border Gateway Protocol (BGP). BGP routes traffic according to rule-sets, policies and metrics. It forces all traffic to go through the scrubbing center, where the incoming attack traffic is cleaned before being forwarded to the organizations’ IT infrastructure. Using a scrubbing center will protect an organization against an attacker targeting the name (DNS name) of your organization or the numerical IP address. 1. Content Delivery Network (CDN) Component Snapshot Deployment Location: Cloud-based Functional Role: Static Content Serving DDoS Mitigation Capabilities: Good - Situational Content Delivery Networks (CDNs) use the DNS (Domain Name System) protocol to route traffic through the CDN provider’s system. Figure 3 - Illustration of a Content Distribution Network (CDN) In its most basic form, a Content Delivery Network is used to improve your customers’ access to your website’s content. CDNs cache some of the site’s resources, and only forward requests it cannot handle, that is, only Layer 7 traffic. Incidentally, that means that Layers 3 and 4 traffic is never forwarded by a CDN to the organization’s IT infrastructure, thus protecting it against volumetric attacks. However, CDNs will only protect organizations against attacks that use the DNS names as their target. For example: An attacker targeting www.bankingplusonline.com will be forced to go through the CDN. But, if the attacker targets the same organization by inputting the site’s IP address directly, i.e. 10.249.3.2 – you are not protected because your CDN provider never even sees the attack. A CDN can only be a part of a bigger DDoS mitigation scheme. Usually more advanced attackers can find and attack the source IP of the website directly, circumventing the CDN completely.
  • 8. 8 © MazeBolt Technologies. All Rights Reserved. On-Prem. Based Solutions 2. Vendor Appliances (Customer Premises Equipment - CPE) Component Snapshot Deployment Location: On-Prem. Functional Role: DDoS Mitigation and Protection DDoS Mitigation Capabilities: Strong Vendor appliances contain a variety of proprietary technologies, but, at their core, they are all tuned to detect and stop DDoS attacks. DDoS CPE equipment is generally located at the very edge of the organization's network, after the router but before reaching the internal network infrastructure, E.g. Firewalls, Load Balancers etc. Figure 4 - Illustration of Dedicated On-Prem DDoS Mitigation Equipment The appliances vary from being a combination of other components – to being a completely proprietary device consisting of highly specialized software and hardware fine-tuned to protect against DDoS attacks. Many of the devices deliver in-depth traffic analysis, bandwidth monitoring, and anomaly reports, allowing for better network traffic planning and DDoS attack analysis. Detection of malicious packets triggers filters that only allow the legitimate traffic to get through. Post- attack forensics may provide lessons learned, so the systems can be better tuned for mitigation of future attacks. Processing speed varies among vendors, with some offering over 100Gbps throughput. With the increasing use of AI, vendors are including more specialized detection software based on behavioral analysis, better-tuned anomaly detection, and active intelligence gathering. CPE equipment without a scrubbing center will not protect against large volumetric attacks, even if the CPE equipment is well configured. The CPE alone will not provide protection against internet pipe saturation.
  • 9. 9 © MazeBolt Technologies. All Rights Reserved. 3. Intrusion Prevention Systems (IPS) Component Snapshot Deployment Location: On-Prem. Functional Role: Detecting and Stopping Cyber Attacks DDoS Mitigation Capabilities: Poor These appliances specifically monitor suspicious activities within the network. They can be part of the router system, integrated into the firewall, serve as a back-up to a firewall, or sit deeper within the network infrastructure. Figure 5 - Illustration of an Intrusion Prevention System (IPS) They inspect and scan packets based on pre-existing rule sets, signatures, protocol status, or anomaly detection, creating alerts and/or blocking when any type of cyberattack is suspected. The underlying design is focused on blocking security breaches, and is not set to stop a DDoS attack. These systems generally have some layer 3, 4 and 7 protection capabilities, but can only be used to help filter out leakage from components up stream, or potentially to block prolonged Layer 7 attack campaigns. Generally most DDoS attacks cannot be mitigated using IPS systems and having to use an IPS system to block an attack most likely means the organization targeted is under a very advanced DDoS attack campaign in which CPE and or scrubbing center services are failing to mitigate Layer 7 attack traffic. 4. Web Application Firewalls (WAFs) Component Snapshot Deployment Location: On-Prem./Cloud-based Functional Role: Protection against Layer 7 Application Attacks DDoS Mitigation Capabilities: Mild WAFs perform multiple functions – intrusion detection and DDoS attack detection and prevention. They analyze application traffic, distinguishing potential risks from legitimate
  • 10. 10 © MazeBolt Technologies. All Rights Reserved. usage, controlling access to applications or services by applying a set of rules to incoming HTTP traffic. They perform deep-packet inspections, locating, identifying, classifying, rerouting and/or blocking packets with specific data or code payloads. Figure 6 - Illustration of a Web Application Firewall (WAF) WAFs depend on white-listing and black-listing, which means they must be updated continuously. Legitimate user traffic will be allowed through, while suspicious traffic will be routed elsewhere for further inspection or simply blocked. The web application firewall can be customized to your applications. For example, protecting from certain attacks against functionality – they generally protect against layer 7 attacks, which directly affect applications. The inspection process does increase latency and affects the user experience, so efficiency is key. The WAF can also be cloud-based via a service provider like AWS. Still, it generally does not protect against volumetric attacks on layers 3 and 4 that target network availability. 5. Load Balancer Component Snapshot Deployment Location: On-Prem. Functional Role: Distributing Incoming Traffic DDoS Mitigation Capabilities: Poor A Load Balancer receives traffic from many clients and distributes that traffic evenly between multiple application servers of the same type. In many cases multiple servers are preferred over a single stronger server for the increased reliability and availability they provide. A Load Balancer acts as a man-in-the-middle. Clients connect to it on one end, and the load balancer creates a connection to one of the application servers on behalf of the client. In this way, the load balancer has to keep track of every connection's state i.e. the load balancer is a stateful device. Like many other stateful devices, the load balancer is vulnerable to state-table saturation attacks e.g. HTTP attacks and a SYN flood.
  • 11. 11 © MazeBolt Technologies. All Rights Reserved. Figure 7 - Illustration of a Load Balancer A Load Balancer can help offset DDoS Attacks by distributing the malicious traffic between the application servers. Unfortunately, without a stronger DDoS mitigation component upstream to filter out most of the attack traffic, the load balancer will not be enough to stop your site from being overwhelmed. 6. Firewall Component Snapshot Deployment Location: On-Prem. Functional Role: Rule-based Traffic Filtering DDoS Mitigation Capabilities: Mild The Firewall guards the entrance to your internal network, preventing certain types of packets or requests from reaching your servers. It does so using rules defined at setup time, and mostly filters according to allowed packet types and the connection states. Figure 8 - Illustration of a Firewall
  • 12. 12 © MazeBolt Technologies. All Rights Reserved. A Firewall keeps a record of the state of every connection opened between external clients and the internal servers and uses those records to filter out any packet that is out-of-state. Unsurprisingly, that qualifies the Firewall as a stateful device. Like many other stateful devices, the firewall is vulnerable to state-table saturation attacks e.g. HTTP attacks and a SYN flood. A Firewall can filter the packets that are part of a DDoS attack but is usually not optimized for the amount of incoming packets that a DDoS entails. It will become overloaded very quickly and will go into a fail-open or fail-closed state, both of which are sure to cause downtime. 7. Components Summary No. Component Network Location DDoS Mitigation Capabilities Comments 1. Scrubbing Center Cloud-based Layer 3 & 4 – Strong The main protection against volumetric attacks Layer 7 – Conditional on SSL visibility 2. CDN Cloud-based Good – Situational Can mitigate DDoS Attacks but will not stop skilled attackers. 3. CPE On-Prem. Strong The main on-site protection 4. IPS On-Prem. Poor Unsuitable for DDoS Mitigation 5. WAF On-Prem. /Cloud- based Mild Cannot process the volume of traffic a DDoS attack entails. 6. Load Balancer On-Prem. Poor Has no defensive capabilities 7. Firewall On-Prem. Mild Cannot process the volume of traffic a DDoS attack entails. 8. Conclusion Choosing the right combination of mitigation devices requires an understanding of how each devices’ capabilities match your environment's needs together with an objective look at the corporate requirements – risk, available resources, budget, personnel, existing network infrastructure.
  • 13. 13 © MazeBolt Technologies. All Rights Reserved. However, even with the most sophisticated DDoS mitigation and testing solutions deployed, most companies are left with a staggering 48% DDoS vulnerability level. The vulnerability gap stems from DDoS mitigation solutions & infrequent Red Team DDoS testing being reactive, instead of continuously evaluating and closing vulnerabilities. Mitigation solutions do not constantly re-configure and fine tune their DDoS mitigation policies. Leaving their ongoing visibility limited and forcing them to troubleshoot issues at the very worst possible time, that is, when systems are brought down by a successful DDoS attack. These solutions are all reactive, reacting to an attack and not closing DDoS vulnerabilities before an attack happens. About RADAR ™ RADAR™, MazeBolt’s new patented technology solution is part of the MazeBolt security platform. RADAR™, simulates DDoS attacks continuously and non-disruptively. Delivering advanced intelligence, through straightforward reports on how to remediate the DDoS vulnerabilities found. With RADAR™ organizations achieve, maintain, and verify the continuous closing of their DDoS vulnerability gaps. Reducing and maintaining the vulnerability level of a damaging DDoS attack from an average of 48% to under 2% ongoing. About MazeBolt MazeBolt is an innovation leader in cybersecurity and part of the DDoS mitigation space. Offering full DDoS risk detection and elimination and working with any mitigation system to provide end to end full coverage. Supporting organizations in avoiding downtime and closing DDoS vulnerabilities before an attack happens. Sources 1. https://en.wikipedia.org/wiki/Application_firewall 2. https://www.techwalla.com/articles/what-are-the-advantages-and-disadvantages-of- using-a-firewall 3. https://searchnetworking.techtarget.com/definition/deep-packet-inspection-DPI 4. https://arxiv.org/pdf/1710.08628.pdf 5. http://www.ijiss.org/ijiss/index.php/ijiss2/article/view/248/pdf_561 6. https://www.sans.org/reading-room/whitepapers/intrusion/summary-dos-ddos- prevention-monitoring-mitigation-techniques-service-provider-environment-1212 7. http://www.infosecurityeurope.com/__novadocuments/22581 8. https://en.wikipedia.org/wiki/Data_monitoring_switch