SlideShare una empresa de Scribd logo

Check Point Ddos protector

Group of company MUK
Group of company MUK

Check Point Ddos protector

TecnologíaNoticias y política
1 de 26
Building Your Defense Line Against DDoS Attacks Dan Wiley CPX 2013 ©2013 Check Point Software Technologies Ltd. 1 1
Cybercrime Trends for 2012 44% 35% 33% 32% SQL Injections APTs Botnet DDoS 65% of Businesses Experienced Attacks Average $214,000 of Damage Per Attack Ponemon Institute, May 2012 ©2013 Check Point Software Technologies Ltd. 2 2
Victims of Recent DDoS Attacks ―Amazon.com claims its widely publicized DDoS attack resulted in a loss of $600,000 during the 10 hours it was down…‖ — Amazon.com ©2013 Check Point Software Technologies Ltd. 3 3
Today’s Attacks Are More Sophisticated More DDoS attacks today than ever before More damage with application attacks No need to flood network bandwidth ©2013 Check Point Software Technologies Ltd. 4 4
DDoS Attacks by Type TCP SYN Flood Application Layer Attacks Network Layer Attacks More attacks are targeted at the Application Layer Radware 2011 ©2013 Check Point Software Technologies Ltd. 5 5
DDoS Attack Examples  Volumetric Attacks – Fill the pipe  DNS Amplification Attacks – Using critical applications as attack source  SYN Attacks – Simple way to use resources  Application Attack – Overrun SSL Logins ©2013 Check Point Software Technologies Ltd. 6 6
Volumetric Attacks Mixture of Valid Traffic and Spoofed Traffic Limited Pipe Attack Target Victim ©2013 Check Point Software Technologies Ltd. 7 7
DNS Amplification Attack Example Attacker Simple DNS Request Open DNS Server Attack Target Able to amplify DNS request to victim Victim ©2013 Check Point Software Technologies Ltd. 8 8
SYN Attacks Spoofed Traffic, Random Sources Random SYN Packets Attack Target Utilize State Table on Firewalls and Servers Victim ©2013 Check Point Software Technologies Ltd. 9 9
Application Layer DDoS Attacks New Application Attacks Are Stealthier…  Exploit application weakness with Low&Slow attacks  Utilize relatively low volume and fewer connections  Used in conjunction with volume-based attacks Undetectable by threshold ‒ or volume-based solutions ©2013 Check Point Software Technologies Ltd. 10 10
Application Attacks Examples SSL Login Attack Network and Server Resource Consumption Really Simple – Thousands of login requests to web login page, consuming web and database resources Repeated PDF Get Attack – Find a large PDF and download it thousands of times ©2013 Check Point Software Technologies Ltd. 11 11
Real World of Real Attacks  US Banking attacks – Volumetric – Application – Continues and Dynamic  DNSSEC Attack Example – Ability to execute DDoS Amplification attack via US Gov  Application low and slow attack – Lets hold those HTTP connections open forever – Very hard to find ©2013 Check Point Software Technologies Ltd. 12 12
Layers Work Together Protection Layers Flow Network Flood Server Flood Application Low & Slow Attacks Allowed Traffic ©2013 Check Point Software Technologies Ltd. 13 13
DDoS Mitigation Options Attack Type Firewall Network Cleaning Appliance Volumetric Attacks Limited Effective Effective up to bandwidth Network Attacks Limited Effective Effective Application Attacks Limited Limited Effective ©2013 Check Point Software Technologies Ltd. 14 14
DDoS Protection The Right DDoS Solution Should Have… Network Layer Protection Adaptable Application Layer Protections Fast Response Time ©2013 Check Point Software Technologies Ltd. 15 15
Check Point DDoS Protector™ Customized multi-layered DDoS protection Protects against attacks within seconds Integrated security management and expert support ©2013 Check Point Software Technologies Ltd. 16 16
Multi-Vectored DDoS Attacks Network Flood Server Flood Application Low & Slow Attacks High volume of packets High rate of new sessions Web / DNS connectionbased attacks Advanced attack techniques ©2013 Check Point Software Technologies Ltd. 17 17
Multi-Layered Protections Network Flood Server Flood Application Low & Slow Attacks Behavioral High volume of network packets analysis Automatic and High rate of pre-defined new sessions signatures Web / DNS Behavioral connectionHTTP and based attacks DNS Advanced Granular attack custom filters techniques Stateless and behavioral engines Protections against misuse of resources Challenge / response mitigation methods Create filters that block attacks and allow users ©2013 Check Point Software Technologies Ltd. 18 18
Where to Protect Against DDoS Scenarios: 1 2 3 On-Premise Deployment DDoS Protector Appliance + Off-Site Deployment DDoS Protector Appliance ©2013 Check Point Software Technologies Ltd. 19 19
Flexible Deployment Options Ready to Protect in Minutes Fits to Existing Network Topology Optional Learning Mode Deployment Low Maintenance and Support ©2013 Check Point Software Technologies Ltd. 20 20
Emergency Response and Support Emergency Response Team Check Point Customer Support  Help from security experts when under DoS attacks  Leverage experience gathered from real-life attacks  World-class support infrastructure  Always-on support 7x24  Flexible service options ©2013 Check Point Software Technologies Ltd. 21 21
Summary Blocks DDoS Attacks Within Seconds Customized multi-layered DDoS protection Ready to protect in minutes Integrated with Check Point Security Management ©2013 Check Point Software Technologies Ltd. 22 22
What It Takes to Deal with DDoS  Have a plan  Test the plan  Determine what the impact will be to operations  Brief management on impact of DDoS attack ©2013 Check Point Software Technologies Ltd. 23 23
DDoS Is a Team Sport DDoS is a team activity  Application – Web Team, Database Team  Network – Networking team  ISP/Clean Service – Make sure you test cut-overs ©2013 Check Point Software Technologies Ltd. 24 24
Business Impact  Make sure management will know what happens during a DDoS  What will it cost you if you have a DDoS – Operational Costs – Business Costs – PR Costs  Be prepared for the long haul  Don’t expect the attackers will go away  Map impact to all business units ©2013 Check Point Software Technologies Ltd. 25 25
Thank You ©2013 Check Point Software Technologies Ltd. 26 26

Recomendados

The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 

Recomendados

The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideAndris Soroka
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless TechnologiesCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz Asia Pte Ltd
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018African Cyber Security Summit
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointNextel S.A.
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018African Cyber Security Summit
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterVMUG IT
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfTuPhan66
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 

Más contenido relacionado

La actualidad más candente

Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideAndris Soroka
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless TechnologiesCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointNextel S.A.
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterVMUG IT
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 

La actualidad más candente (20)

Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare data
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security Strategy
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless Technologies
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF Provider
 
Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz corp presentation 2020
Netpluz corp presentation 2020
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation Strategy
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check Point
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacks
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 

Similar a Check Point Ddos protector

ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfTuPhan66
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
Gestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazasGestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazasNextel S.A.
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paperRenny Shen
 
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPROIDEA
 
Why the Edge Isn't an Edge Case.pdf
Why the Edge Isn't an Edge Case.pdfWhy the Edge Isn't an Edge Case.pdf
Why the Edge Isn't an Edge Case.pdfWP Engine
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
The worst of enemies – let’s talk about DDoS and RTC, Sandro Gauci
The worst of enemies – let’s talk about DDoS and RTC, Sandro GauciThe worst of enemies – let’s talk about DDoS and RTC, Sandro Gauci
The worst of enemies – let’s talk about DDoS and RTC, Sandro GauciAlan Quayle
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseNETSCOUT
 
Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015Stephanie Weagle
 
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...Ziv Ichilov
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSASrikrupa Srivatsan
 
A study on securing cloud environment from d do s attack to preserve data ava...
A study on securing cloud environment from d do s attack to preserve data ava...A study on securing cloud environment from d do s attack to preserve data ava...
A study on securing cloud environment from d do s attack to preserve data ava...Manimaran A
 

Similar a Check Point Ddos protector (20)

ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdf
 
Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPs
 
DDoS Report.docx
DDoS Report.docxDDoS Report.docx
DDoS Report.docx
 
Gestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazasGestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazas
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
 
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
 
Why the Edge Isn't an Edge Case.pdf
Why the Edge Isn't an Edge Case.pdfWhy the Edge Isn't an Edge Case.pdf
Why the Edge Isn't an Edge Case.pdf
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respond
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
The worst of enemies – let’s talk about DDoS and RTC, Sandro Gauci
The worst of enemies – let’s talk about DDoS and RTC, Sandro GauciThe worst of enemies – let’s talk about DDoS and RTC, Sandro Gauci
The worst of enemies – let’s talk about DDoS and RTC, Sandro Gauci
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection Solution
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacks
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
 
Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015
 
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
 
A study on securing cloud environment from d do s attack to preserve data ava...
A study on securing cloud environment from d do s attack to preserve data ava...A study on securing cloud environment from d do s attack to preserve data ava...
A study on securing cloud environment from d do s attack to preserve data ava...
 

Más de Group of company MUK

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botGroup of company MUK
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintGroup of company MUK
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Group of company MUK
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data CenterGroup of company MUK
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012Group of company MUK
 

Más de Group of company MUK (20)

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
 
Check Point Products RU
Check Point Products RUCheck Point Products RU
Check Point Products RU
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
 
Check Point Mobile Security
Check Point Mobile SecurityCheck Point Mobile Security
Check Point Mobile Security
 
Check Point: Compliance Blade
Check Point: Compliance BladeCheck Point: Compliance Blade
Check Point: Compliance Blade
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving bot
 
Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual Systems
 
Check Point Threat emulation 2013
Check Point Threat emulation 2013Check Point Threat emulation 2013
Check Point Threat emulation 2013
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security Blueprint
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFW
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
 
Check Point Consolidation
Check Point ConsolidationCheck Point Consolidation
Check Point Consolidation
 
Check Point 2013
Check Point 2013Check Point 2013
Check Point 2013
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012
 
Check Point Report 2013 RU
Check Point Report 2013 RUCheck Point Report 2013 RU
Check Point Report 2013 RU
 
3D Security Report
3D Security Report3D Security Report
3D Security Report
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Check Point Ddos protector

  • 1. Building Your Defense Line Against DDoS Attacks Dan Wiley CPX 2013 ©2013 Check Point Software Technologies Ltd. 1 1
  • 2. Cybercrime Trends for 2012 44% 35% 33% 32% SQL Injections APTs Botnet DDoS 65% of Businesses Experienced Attacks Average $214,000 of Damage Per Attack Ponemon Institute, May 2012 ©2013 Check Point Software Technologies Ltd. 2 2
  • 3. Victims of Recent DDoS Attacks ―Amazon.com claims its widely publicized DDoS attack resulted in a loss of $600,000 during the 10 hours it was down…‖ — Amazon.com ©2013 Check Point Software Technologies Ltd. 3 3
  • 4. Today’s Attacks Are More Sophisticated More DDoS attacks today than ever before More damage with application attacks No need to flood network bandwidth ©2013 Check Point Software Technologies Ltd. 4 4
  • 5. DDoS Attacks by Type TCP SYN Flood Application Layer Attacks Network Layer Attacks More attacks are targeted at the Application Layer Radware 2011 ©2013 Check Point Software Technologies Ltd. 5 5
  • 6. DDoS Attack Examples  Volumetric Attacks – Fill the pipe  DNS Amplification Attacks – Using critical applications as attack source  SYN Attacks – Simple way to use resources  Application Attack – Overrun SSL Logins ©2013 Check Point Software Technologies Ltd. 6 6
  • 7. Volumetric Attacks Mixture of Valid Traffic and Spoofed Traffic Limited Pipe Attack Target Victim ©2013 Check Point Software Technologies Ltd. 7 7
  • 8. DNS Amplification Attack Example Attacker Simple DNS Request Open DNS Server Attack Target Able to amplify DNS request to victim Victim ©2013 Check Point Software Technologies Ltd. 8 8
  • 9. SYN Attacks Spoofed Traffic, Random Sources Random SYN Packets Attack Target Utilize State Table on Firewalls and Servers Victim ©2013 Check Point Software Technologies Ltd. 9 9
  • 10. Application Layer DDoS Attacks New Application Attacks Are Stealthier…  Exploit application weakness with Low&Slow attacks  Utilize relatively low volume and fewer connections  Used in conjunction with volume-based attacks Undetectable by threshold ‒ or volume-based solutions ©2013 Check Point Software Technologies Ltd. 10 10
  • 11. Application Attacks Examples SSL Login Attack Network and Server Resource Consumption Really Simple – Thousands of login requests to web login page, consuming web and database resources Repeated PDF Get Attack – Find a large PDF and download it thousands of times ©2013 Check Point Software Technologies Ltd. 11 11
  • 12. Real World of Real Attacks  US Banking attacks – Volumetric – Application – Continues and Dynamic  DNSSEC Attack Example – Ability to execute DDoS Amplification attack via US Gov  Application low and slow attack – Lets hold those HTTP connections open forever – Very hard to find ©2013 Check Point Software Technologies Ltd. 12 12
  • 13. Layers Work Together Protection Layers Flow Network Flood Server Flood Application Low & Slow Attacks Allowed Traffic ©2013 Check Point Software Technologies Ltd. 13 13
  • 14. DDoS Mitigation Options Attack Type Firewall Network Cleaning Appliance Volumetric Attacks Limited Effective Effective up to bandwidth Network Attacks Limited Effective Effective Application Attacks Limited Limited Effective ©2013 Check Point Software Technologies Ltd. 14 14
  • 15. DDoS Protection The Right DDoS Solution Should Have… Network Layer Protection Adaptable Application Layer Protections Fast Response Time ©2013 Check Point Software Technologies Ltd. 15 15
  • 16. Check Point DDoS Protector™ Customized multi-layered DDoS protection Protects against attacks within seconds Integrated security management and expert support ©2013 Check Point Software Technologies Ltd. 16 16
  • 17. Multi-Vectored DDoS Attacks Network Flood Server Flood Application Low & Slow Attacks High volume of packets High rate of new sessions Web / DNS connectionbased attacks Advanced attack techniques ©2013 Check Point Software Technologies Ltd. 17 17
  • 18. Multi-Layered Protections Network Flood Server Flood Application Low & Slow Attacks Behavioral High volume of network packets analysis Automatic and High rate of pre-defined new sessions signatures Web / DNS Behavioral connectionHTTP and based attacks DNS Advanced Granular attack custom filters techniques Stateless and behavioral engines Protections against misuse of resources Challenge / response mitigation methods Create filters that block attacks and allow users ©2013 Check Point Software Technologies Ltd. 18 18
  • 19. Where to Protect Against DDoS Scenarios: 1 2 3 On-Premise Deployment DDoS Protector Appliance + Off-Site Deployment DDoS Protector Appliance ©2013 Check Point Software Technologies Ltd. 19 19
  • 20. Flexible Deployment Options Ready to Protect in Minutes Fits to Existing Network Topology Optional Learning Mode Deployment Low Maintenance and Support ©2013 Check Point Software Technologies Ltd. 20 20
  • 21. Emergency Response and Support Emergency Response Team Check Point Customer Support  Help from security experts when under DoS attacks  Leverage experience gathered from real-life attacks  World-class support infrastructure  Always-on support 7x24  Flexible service options ©2013 Check Point Software Technologies Ltd. 21 21
  • 22. Summary Blocks DDoS Attacks Within Seconds Customized multi-layered DDoS protection Ready to protect in minutes Integrated with Check Point Security Management ©2013 Check Point Software Technologies Ltd. 22 22
  • 23. What It Takes to Deal with DDoS  Have a plan  Test the plan  Determine what the impact will be to operations  Brief management on impact of DDoS attack ©2013 Check Point Software Technologies Ltd. 23 23
  • 24. DDoS Is a Team Sport DDoS is a team activity  Application – Web Team, Database Team  Network – Networking team  ISP/Clean Service – Make sure you test cut-overs ©2013 Check Point Software Technologies Ltd. 24 24
  • 25. Business Impact  Make sure management will know what happens during a DDoS  What will it cost you if you have a DDoS – Operational Costs – Business Costs – PR Costs  Be prepared for the long haul  Don’t expect the attackers will go away  Map impact to all business units ©2013 Check Point Software Technologies Ltd. 25 25
  • 26. Thank You ©2013 Check Point Software Technologies Ltd. 26 26

Notas del editor

  1. http://voices.yahoo.com/denial-service-attacks-rise-ugly-trend-10842457.html?cat=15
  2. Application layer attacks can be targeted at specific server vulnerabilities and might cause more damageRequire less bandwidth and resources from the attackerNo need to fill-up the target’s Internet connection
  3. Low & Slow attacks exploit application implementation weaknessesUsing relatively low volume and low number of connections In many cases, targeted application DoS attacks are used in parallel to volumetric DDoS attacksThis kind of attacks can go undetected by solutions that are based only on thresholds and volume-based measures
  4. -- stock-photo-17737715-speedometer.jpg -- stock-photo-19499609-data-protection.jpg -- stock-photo-19422828-lock.jpgThe right solution for DDoS protection should have:Fast response time to minimizeDDoS damages Application adaptation for customer’s specific environmentNetwork layer protections for volume-based attacks
  5. DDoS Protector’s customized multi-layered DDoS protection blocks a wide range of attacksBehavioral analysis comparing typical vs. abnormal trafficAutomatically generated and pre-defined signatures Using advanced challenge/response techniquesCustomized protection optimized to meet specific network environment and security needs  DDoSProtectorTM is ready to protect any size network in minutesProduct line of 7 new appliances offering:Low-latency (less than 60 microseconds)High-performance (up to 12 Gbps)Port density of up to 16 ports (both 1 GE and 10 GE options available)On premise inline deployment for immediate response to attacksTransparent network device easily fits into existing network topology (layer 2 bridge)Filter traffic before it reaches the firewall to protect networks, servers and block exploits Integrated with Check Point security management suite Leverage SmartEvent, SmartLog and SmartViewTracker for real-time and historic view of overall network security and DDoS attack status Policy management with both Web UI and command line interfaceTeam of security experts provide immediate help for customers facing DoS
  6. There are 3 DDoS protection deployment types: on the customer premises, off-site, or bothOn-Premise solutions can have better response times and can be customized to each networkOff-Site deployment helps with moving the problem away from the protected network - Fits when attack is on bandwidthA deployment of both types of solution can leverage advantages of the two deployment options