SlideShare a Scribd company logo

momentum dns security case study

J
Jim Zhang

momentum DNS security , it describes the momentum Solves DNS Monitoring Problem For Large ISP Firm, solve the problems : •Monitoring the traffic of large) number of DNS servers •Precision Burst analyst •Constant DNS attack •DNS Traffic Visibility Benefits: •Capture and Record all packets •DNS Reporting capability independent from specific DNS software vendor •Support historical trend of DNS traffic with one second granularity. •Detect the attack with traffic trend or domain statistic

Software
1 of 1
Download to read offline
TERILOGY momenutm Case Study momentum Solves DNS Monitoring Problem For Large ISP Firm The creative Security monitoring Tool One of the largest ISP based in the Taiwan, this firm serves over 10 millions of customers in Taiwan, including individuals, institutions. Challenge: • Monitoring the traffic of large) number of DNS servers • Precision Burst analyst • Constant DNS attack Resolution: DNS Traffic Visibility from momentum DNS viewer Benefits: • Capture and Record all packets • DNS Reporting capability independent from specific DNS software vendor • Support historical trend of DNS traffic with one second granularity. • Detect the attack with traffic trend or domain statistic This organization maintains a large, complex, mission-critical DNS servers that require constant monitoring for security, performance, and capacity. It had deployed a wide variety of different network monitoring and security tools, including syslog analysis system , IPS In some cases, collecting the syslog from DNS servers for analyzing, it is hard to get detail information to find what happened in the DNS traffic burst, what is the root reason for slow response time or security incident. By deploying the momentum DNS viewer in the network, it gives visibility the trend of DNS traffic and drill down the root reason from pcap, and analyze the traffic burst from the one second granularity pcap Eventually, the IPS deployed in the front of DNS Servers, when DNS attack happened, it is difficult to grasp the attack detail information before it affects the DNS servers performance. momentum DNS viewer find the attack from the traffic trend and pcap analysis, and to apply the countermeasure to reduce the minimum DNS servers performance impact Copyright © 2016 Terilogy Co., Ltd. All Rights Reserved.

Recommended

SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...Ziv Ichilov
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 
WMATA Security Certification Plan
WMATA Security Certification PlanWMATA Security Certification Plan
WMATA Security Certification PlanKev R
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereThousandEyes
 
Network Monitoring Basics
Network Monitoring BasicsNetwork Monitoring Basics
Network Monitoring BasicsRob Dunn
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotServicePilot
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 

Recommended

SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...Ziv Ichilov
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 
WMATA Security Certification Plan
WMATA Security Certification PlanWMATA Security Certification Plan
WMATA Security Certification PlanKev R
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereThousandEyes
 
Network Monitoring Basics
Network Monitoring BasicsNetwork Monitoring Basics
Network Monitoring BasicsRob Dunn
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotServicePilot
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
Minimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file servicesMinimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file servicesDavid Finkelstein
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management MattersManageEngine, Zoho Corporation
 
CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1Sam Bowne
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
PRTG Network Monitor Presentation
PRTG Network Monitor PresentationPRTG Network Monitor Presentation
PRTG Network Monitor PresentationNafaâ TAYACHI
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesThousandEyes
 
RuSIEM overview (english version)
RuSIEM overview (english version)RuSIEM overview (english version)
RuSIEM overview (english version)Olesya Shelestova
 
IT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysisIT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysisManageEngine, Zoho Corporation
 
Dynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in cloudsDynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in cloudsJPINFOTECH JAYAPRAKASH
 
Network characteristics of the cloud
Network characteristics of the cloudNetwork characteristics of the cloud
Network characteristics of the cloudCloud Genius
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxThousandEyes
 
Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring toolManageEngine, Zoho Corporation
 
Fingerprinting healthcare institutions
Fingerprinting healthcare institutionsFingerprinting healthcare institutions
Fingerprinting healthcare institutionssecurityxploded
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager PlusManageEngine, Zoho Corporation
 
Solera Networks
Solera NetworksSolera Networks
Solera Networksgigamon
 
NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?NetBeez, Inc.
 
From SIEM to Business processes
From SIEM to Business processesFrom SIEM to Business processes
From SIEM to Business processesOlesya Shelestova
 
O53 Slideshow
O53 SlideshowO53 Slideshow
O53 Slideshowoliviasat53
 
Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)Eko Supriyadi
 

More Related Content

What's hot

Minimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file servicesMinimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file servicesDavid Finkelstein
 
CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1Sam Bowne
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
PRTG Network Monitor Presentation
PRTG Network Monitor PresentationPRTG Network Monitor Presentation
PRTG Network Monitor PresentationNafaâ TAYACHI
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesThousandEyes
 
RuSIEM overview (english version)
RuSIEM overview (english version)RuSIEM overview (english version)
RuSIEM overview (english version)Olesya Shelestova
 
IT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysisIT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysisManageEngine, Zoho Corporation
 
Dynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in cloudsDynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in cloudsJPINFOTECH JAYAPRAKASH
 
Network characteristics of the cloud
Network characteristics of the cloudNetwork characteristics of the cloud
Network characteristics of the cloudCloud Genius
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxThousandEyes
 
Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
Fingerprinting healthcare institutions
Fingerprinting healthcare institutionsFingerprinting healthcare institutions
Fingerprinting healthcare institutionssecurityxploded
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
Solera Networks
Solera NetworksSolera Networks
Solera Networksgigamon
 
NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?NetBeez, Inc.
 
From SIEM to Business processes
From SIEM to Business processesFrom SIEM to Business processes
From SIEM to Business processesOlesya Shelestova
 

What's hot (20)

Minimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file servicesMinimizing the threat of Ransomware with enterprise file services
Minimizing the threat of Ransomware with enterprise file services
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
 
CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1CNIT 121: Computer Forensics Ch 1
CNIT 121: Computer Forensics Ch 1
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
 
PRTG Network Monitor Presentation
PRTG Network Monitor PresentationPRTG Network Monitor Presentation
PRTG Network Monitor Presentation
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
 
RuSIEM overview (english version)
RuSIEM overview (english version)RuSIEM overview (english version)
RuSIEM overview (english version)
 
IT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysisIT Security: Eliminating threats with effective network & log analysis
IT Security: Eliminating threats with effective network & log analysis
 
Dynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in cloudsDynamic audit services for outsourced storages in clouds
Dynamic audit services for outsourced storages in clouds
 
Network characteristics of the cloud
Network characteristics of the cloudNetwork characteristics of the cloud
Network characteristics of the cloud
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black Box
 
Op Manager7
Op Manager7Op Manager7
Op Manager7
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
 
Fingerprinting healthcare institutions
Fingerprinting healthcare institutionsFingerprinting healthcare institutions
Fingerprinting healthcare institutions
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12
 
5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus
 
Solera Networks
Solera NetworksSolera Networks
Solera Networks
 
NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?NetBeez - What is active network monitoring?
NetBeez - What is active network monitoring?
 
From SIEM to Business processes
From SIEM to Business processesFrom SIEM to Business processes
From SIEM to Business processes
 

Viewers also liked

Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)Eko Supriyadi
 
Gr 10 life sciences environment
Gr 10 life sciences environmentGr 10 life sciences environment
Gr 10 life sciences environmentwheelermariette
 
Contaminación por Jose Campaña 1BGU "A"
Contaminación por Jose Campaña 1BGU "A"Contaminación por Jose Campaña 1BGU "A"
Contaminación por Jose Campaña 1BGU "A"Erick Díaz
 
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...Karakter Kinder- en Jeugdpsychiatrie
 
Building brands in emerging markets
Building brands in emerging marketsBuilding brands in emerging markets
Building brands in emerging marketsfrank45
 
PostgreSQL em projetos de Business Analytics e Big Data Analytics com Pentaho
PostgreSQL em projetos de Business Analytics e Big Data Analytics com PentahoPostgreSQL em projetos de Business Analytics e Big Data Analytics com Pentaho
PostgreSQL em projetos de Business Analytics e Big Data Analytics com PentahoAmbiente Livre
 

Viewers also liked (12)

O53 Slideshow
O53 SlideshowO53 Slideshow
O53 Slideshow
 
Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)Logam mesin machine and process operation 7.18 a, v1 rev (8)
Logam mesin machine and process operation 7.18 a, v1 rev (8)
 
Gr 10 life sciences environment
Gr 10 life sciences environmentGr 10 life sciences environment
Gr 10 life sciences environment
 
Vroeg herkend is snel begeleid - dr. Iris Servatius-Oosterling
Vroeg herkend is snel begeleid - dr. Iris Servatius-OosterlingVroeg herkend is snel begeleid - dr. Iris Servatius-Oosterling
Vroeg herkend is snel begeleid - dr. Iris Servatius-Oosterling
 
Amaris Lodge_WEB
Amaris Lodge_WEBAmaris Lodge_WEB
Amaris Lodge_WEB
 
Fraçao
FraçaoFraçao
Fraçao
 
GladiatorsRules(web)
GladiatorsRules(web)GladiatorsRules(web)
GladiatorsRules(web)
 
Contaminación por Jose Campaña 1BGU "A"
Contaminación por Jose Campaña 1BGU "A"Contaminación por Jose Campaña 1BGU "A"
Contaminación por Jose Campaña 1BGU "A"
 
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...
Transitie in de zorg, zorg naar voren - dr. B. Lahuis, GGZ Kennisdag septembe...
 
Building brands in emerging markets
Building brands in emerging marketsBuilding brands in emerging markets
Building brands in emerging markets
 
ASS en ADHD onderzoek binnen Karakter, februari 2017
ASS en ADHD onderzoek binnen Karakter, februari 2017ASS en ADHD onderzoek binnen Karakter, februari 2017
ASS en ADHD onderzoek binnen Karakter, februari 2017
 
PostgreSQL em projetos de Business Analytics e Big Data Analytics com Pentaho
PostgreSQL em projetos de Business Analytics e Big Data Analytics com PentahoPostgreSQL em projetos de Business Analytics e Big Data Analytics com Pentaho
PostgreSQL em projetos de Business Analytics e Big Data Analytics com Pentaho
 

Similar to momentum dns security case study

Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Mouaz Alnouri
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPROIDEA
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlowAuditor
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...Jisc
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Webinar: Five Problems Facing Business-Critical NFS Deployments
Webinar: Five Problems Facing Business-Critical NFS DeploymentsWebinar: Five Problems Facing Business-Critical NFS Deployments
Webinar: Five Problems Facing Business-Critical NFS DeploymentsStorage Switzerland
 
DNS Measurements
DNS MeasurementsDNS Measurements
DNS MeasurementsAFRINIC
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber securityKAMALI PRIYA P
 
Tune Up Your Network for the New Year
Tune Up Your Network for the New YearTune Up Your Network for the New Year
Tune Up Your Network for the New YearSavvius, Inc
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
TM - product overview
TM - product overviewTM - product overview
TM - product overviewJason Pears
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 
Network Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdfNetwork Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdftalkaton
 
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptxNetwork Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptxtalkaton
 

Similar to momentum dns security case study (20)

Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
 
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
ION Hangzhou - Why Deploy DNSSEC?
ION Hangzhou - Why Deploy DNSSEC?ION Hangzhou - Why Deploy DNSSEC?
ION Hangzhou - Why Deploy DNSSEC?
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
 
Webinar: Five Problems Facing Business-Critical NFS Deployments
Webinar: Five Problems Facing Business-Critical NFS DeploymentsWebinar: Five Problems Facing Business-Critical NFS Deployments
Webinar: Five Problems Facing Business-Critical NFS Deployments
 
DNS Measurements
DNS MeasurementsDNS Measurements
DNS Measurements
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 
Tune Up Your Network for the New Year
Tune Up Your Network for the New YearTune Up Your Network for the New Year
Tune Up Your Network for the New Year
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Next-Gen DDoS Detection
Next-Gen DDoS DetectionNext-Gen DDoS Detection
Next-Gen DDoS Detection
 
TM - product overview
TM - product overviewTM - product overview
TM - product overview
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General Info
 
Network Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdfNetwork Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdf
 
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptxNetwork Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptx
 

Recently uploaded

ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 

Recently uploaded (20)

ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 

momentum dns security case study

  • 1. TERILOGY momenutm Case Study momentum Solves DNS Monitoring Problem For Large ISP Firm The creative Security monitoring Tool One of the largest ISP based in the Taiwan, this firm serves over 10 millions of customers in Taiwan, including individuals, institutions. Challenge: • Monitoring the traffic of large) number of DNS servers • Precision Burst analyst • Constant DNS attack Resolution: DNS Traffic Visibility from momentum DNS viewer Benefits: • Capture and Record all packets • DNS Reporting capability independent from specific DNS software vendor • Support historical trend of DNS traffic with one second granularity. • Detect the attack with traffic trend or domain statistic This organization maintains a large, complex, mission-critical DNS servers that require constant monitoring for security, performance, and capacity. It had deployed a wide variety of different network monitoring and security tools, including syslog analysis system , IPS In some cases, collecting the syslog from DNS servers for analyzing, it is hard to get detail information to find what happened in the DNS traffic burst, what is the root reason for slow response time or security incident. By deploying the momentum DNS viewer in the network, it gives visibility the trend of DNS traffic and drill down the root reason from pcap, and analyze the traffic burst from the one second granularity pcap Eventually, the IPS deployed in the front of DNS Servers, when DNS attack happened, it is difficult to grasp the attack detail information before it affects the DNS servers performance. momentum DNS viewer find the attack from the traffic trend and pcap analysis, and to apply the countermeasure to reduce the minimum DNS servers performance impact Copyright © 2016 Terilogy Co., Ltd. All Rights Reserved.