DDoS Protection System DPS

DDoS Protection Solution
#Terabit Security LLC, 2016
2015 © Terabit Security - All rights reserved

2015 © Terabit Security, All rights reserved
AGENDA
About DDoS
Terabit Security
DPS
Technical
Specialty
Contact Us
Request a Demo

About DDoS

ABOUT DDoS

SOME FIGURES ABOUT DDoS

IMPACT OF DDoS ATTACKS ON YOUR BUSINESS
Theft
Attacks are becoming more advanced and now
include stolen funds, customer data, and
intellectual property
Productivity loss
When critical network system are shut down,
your workforce’s productivity comes to a halt
Revenue loss
Downtime affects your bottom-line. The average
costs of downtime is $5,600/minute, or over
$300K/hour
Reputation Damage
Your band suffers if customers can't access your
site or became casualties of data breach

Even with a large staff of IT
professionals it is almost impossible
for companies to handle a serious
DDoS attack and recover their
services on their own
Kaspersky Lab
E.Vigovsky, head of DDoS protection
PROFESSIONALS SAYS ABOUT DDoS
Hackers' improving and evolving
techniques are especially obvious
when it comes to distributed-denial-
of-service attacks.
DDos is on a trend that is only
going to continue
Businesses are facing a number of
threats in today's economy. When a
DDoS attack or DNS failure hits a
website or network, companies are
losing significant revenue and
employee productivity, and are likely
seeing decreasing customer
satisfaction and loyalty
Arbor Networks
Matt Moynahan, president
Verisign
Ben Petro, senior VC

Terabit Security DPS

TERABIT SECURITY DPS
Terabit DPS is solution for the detection of
DDoS attacks and their subsequent
treatment. Terabit DPS will help to ensure
maximum availability of your network and
eliminate any disruptions caused by DoS /
DDoS attacks

WHY DPS
Fast Deployment
Disparately fast deployment of DDoS protection
system – 10 minutes to start
Clustering
Clustering option for performance and
redundancy. Sflow capture – up to 10Tbps (1Tbps
per server), traffic mirroring – up to 6.4Tbps
(40Gbps per server)
Premium Support
All support inquiries are answered by experienced
engineers. Terabit DPS Proffesional Support with
SLA 24×5, 24×7, 24×365
Advanced WEB GUI
Web application offers single-point DPS
management, network monitoring and reporting
of data received from Collector, Explorer and
Filters deployed within the network
Affordable DDoS Protection
The most cost-effective on-premise DDoS
mitigation solution on the market! Annual
subscriptions include free support and upgrades.
Traffic Visualization Tool
Visualization of traffic Upstream / Donwstream in
bps and pps for whole network or dedicated host
Short response time
Immediate detection of DoS/DDoS attack in 1-2
seconds
Low hardware requirements
Up to 10GE with 12 Mpps on E5-1650V3 with Intel
NIC 82599 10GE

Primary uplink
Customers
Border
router
Access
switch
Backup uplink
DPS Server
BGP,
BGP Flowspec
NetFlow/IPFIX
sFlow, Port mirror
HOW DPS WORKS
Supported border routers
Extreme X460/X670
Juniper EX, MX series
Cisco ASR-series

HOW DPS WORKS
Traffic Capturing
NetFlow v5, v9
IPFIX
sFlow v4 (dev branch only), v5
Port mirror/SPAN capture with PF_RING (with ZC/DNA
mode), SnabbSwitch, NETMAP and PCAP
DDoS Mitigation
Complete BGP Flowspec support, RFC 5575
Can process incoming and outgoing traffic
Can trigger block script if certain IP loads network with a
large amount of packets/bytes/flows per second
Thresholds could be configured in per subnet basis with
hostgroups feature
Could announce blocked IPs to BGP router with ExaBGP
GoBGP integration for unicast IPv4 announces

OUR SOLUTIONS
DPS SOFTWARE APPLIENCE DPS VIRTUAL APPLIENCE DPS HARDWARE APPLIENCE
GET FULL FUNCTIONALITY OF DPS
Install DPS on your own server
Protection up to 400Gbps
Most popular OS supported
GET SAFETY WITHIN 15 MINUTES
Restore image to your hypervisor
Protection up to 400Gbps
Most popular hypervisors supported
GET ENTERPRISE LEVEL SOLUTION
Guaranteed SLA
Protection up to 6.4Tbps
Advanced support included

PROFESSIONAL SUPPORT
Basic Intermediate Advanced
8×5 support service | 20 cases per year 12×7 support service | unlimited cases per year 24×7 support service | unlimited cases per year
Provides an engaged response for
small companies with a limited
number of cases
Provides professional support for
non-critical systems based on 12x7
schedule
Provides an enterprise level 24x7
support for critical systems with
unlimited number of cases

OUR CUSTOMERS
1000+ customers
20+ countries
Terabits of protected traffic
* Includes community version
What people say about us

Technical Specialty

DDoS MITIGATION HOW IT WORKS W/O FLOWSPEC
o Еаsy of implementation and uses well
understood constructs
o Requires high degree of co-ordination
between customer and provider
o Cumbersome to scale in a large network
perimeter
o Mis-configuration possible and expansive
Destination Remotely Triggered
Black Hole (D/RTBH)

o RFC 5635 circa 2009
o Requires pre-configuration of discard route
and uRPF on all edge routers
o Victim`s destination address is still useable
o Only works for single (or small number)
source
Source Remotely Triggered Black
Hole (S/RTBH)
DDoS MITIGATION HOW IT WORKS W/O FLOWSPEC

WHY BGP FLOWSPEC
 FlowSpec Leverages the BGP Control-plane to simplify the distribution
of ACL's, greatly improving operations.
• Inject new filter/firewall rules to all routers at the same time
without changing router config
• Reuse existing BGP operational knowledge and best practices
• Control policy propagation via BGP communities
 Improve response time to mitigate DDOS attacks
 Same Automation as RTBH
 Route validation is performed for eBGP sessions.
RFC5575
BGP Flowspec

BGP FLOWSPEC SPECIFICATION
Flowspec is very useful feature against today’s
DDOS.
Rule was too long, so forwarding router could not
apply filter as the result not only DDOS but also
normal traffic down.
This is defined in RFC 5575 . Specific information
about the flow can now be distributed using a BGP
NLRI.
AFI/SAFI = 1/133: Unicast Traffic Filtering
Applications
AFI/SAFI = 1/134 : VPN traffic filtering applications.
BGP Flow Specification can include the
following information
Type 1 - Destination Prefix
Type 2 - Source Prefix
Type 3 - IP Protocol
Type 4 - Source or Dest. Port
Type 5 - Destination Port
Type 6 - Source Port
Type 7 - ICMP Type
Type 8 - ICMP Code
Type 9 - TCP flags
Type 10 - Packet length
Type 11 - DSCP
Type 12 - Fragment Encodins
Actions are defined using BGP
Extended Communities
0x8006 - traffic-rate (set to 0 to drop all traffic)
0x8007 - traffic-action (sampling)
0x8008 - redirect to VRF (route target
0x8009 - traffic-marking (DSCP value)

BGP FLOWSPEC VENDOR SUPPORT
Supported by router vendors
SR OS 9.0R1 JUNOS 7.3 ASR and CRS
Supported by DDoS protection vendors
Peakflow SP 3.5 DDoS Secure 5.14.2-0 Defense Pro
since

CONTACT US
Sales Office
Rocklin CA, USA
Development Office
Kiev, Ukraine
https://terabitsecurity.com/
Sales
+1 650 460 14 86
sales@terabitsecurity.com
Terabit Security LLC
Rocklin CA, USA
Support
Support Center
http://support.terabitsecurity.com/
support@terabitsecurity.com

KEEP
CALM
AND
ENJOY
WORK
Request
a Demo

REQUEST A DEMO
Request
A Demo

DDoS Protection System DPS

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to DDoS Protection System DPS

Similar to DDoS Protection System DPS (20)

Recently uploaded

Recently uploaded (20)

DDoS Protection System DPS