©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.

Check Point DDoS Protector

June 2012

2©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Cybercrime Trends for 2012

SQLInjections

44%

APTs

35%

Botnet

33%

DDoS

32%

Ponemon Institute, May 2012

32%

DDoS

65% Businesses Experienced Attacks

Average $214,000 of Damage Per Attack

3©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Victims of Recent DDoS Attacks

Sony “didn’t notice the security breaches that compromised 101 million user accounts because it was distracted by distributed denial of service attacks…” Sony in a letter to US Congress 2011

“Amazon.com claims its widely publicized DDoS attack resulted in a loss of $600,000 during the 10 hours it was down…” Amazon.com

“While Yahoo was down, it suffered a loss of e-

commerce and advertising revenue of about

$500,000…” According to analysts

4©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

More DDoS attacks today than ever before

More damage with application attacks

No need to flood network bandwidth

Today’s Attacks Are More Sophisticated

5©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Application Layer Attacks

Network Layer Attacks

DDoS Attacks by Type

More attacks are targeted at the Application Layer

DNSWeb

Other Application

TCP SYNFlood

Other Network

Radware 2011

6©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Application Layer DDoS Attacks

Exploit application weakness with Low&Slow attacks

Undetectable by threshold- or volume-based solutions

New Application Attacks Are Stealthier…

Utilize relatively low volume and fewer connections

Used in conjunction with volume-based attacks

7©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

DDoS Protection

Fast Response Time

Adaptable Application

Layer Protections

Network Layer

Protection

The Right DDoS Solution Should Have…

8©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Block Denial of Service Attacks Within Seconds!

IntroducingCheck Point DDoS Protector™

9©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Check Point DDoS Protector™

Customized multi-layered DDoS protection

Protects against attacks within seconds

Integrated security management and expert support

10©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Multi-Vectored DDoS Attacks

Network Flood

High volume of packets

Server Flood

High rate of new sessions

Application

Web / DNS connection-

based attacks

Low & Slow Attacks

Advanced attack

techniques

11©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Network Flood

High volume of packets

Server Flood

High rate of new sessions

Application

Web / DNS connection-

based attacks

Low & Slow Attacks

Advanced attack

techniques

Multi-Layered Protections

Behavioral network analysis

Stateless and behavioral

engines

Automatic and pre-defined signatures

Protections against misuse

of resources

BehavioralHTTP and

DNS

Challenge / response mitigation methods

Granular custom filters

Create filters that block attacks

and allow users

12©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

DDoS Protector Product Line

Enterprise Grade Up to 3 Gbps throughput 2M concurrent sessions 1 Mpps max. DDoS flood attack rate

Datacenter Grade Up to 12 Gbps throughput 4M concurrent sessions 10 Mpps max. DDoS flood attack rate

7 models to choose from

1GbE copper and 10GbE fiber connections

Low latency

13©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

+

Where to Protect Against DDoS

On-Premise DeploymentDDoS Protector Appliance

Off-Site Deployment

DDoS Protector Appliance

Scenarios: 1 2 3

14©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Appliance Specifications

Model DP 506 DP 1006 DP 2006 DP 3006 DP 4412 DP 8412 DP 12412

Capacity 0.5Gbps 1Gbps 2Gbps 3Gbps 4GBps 8Gbps 12Gbps

Max Concurrent Sessions 2 Million 4 Million

Max DDoS Flood Attack

Protection Rate1 Million packets per second 10 Million packets per second

Latency <60 micro seconds

Real-Time Signatures Detect and protect against attacks in less than 18 seconds

15©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Unified Logs and Monitoring

…and Unified Reporting

Leverage SmartView Tracker, SmartLog and SmartEvent for historic and real-

time security status

Integrated Security Management

16©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Flexible Deployment Options

Low Maintenance and SupportOptional Learning Mode DeploymentFits to Existing Network Topology

Ready to Protect in Minutes

17©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Emergency Response and Support

Emergency Response

Team

Help from security experts when under DoS attacks

Leverage experience gathered from real-life attacks

Check Point customer support

World-class support infrastructure Always-on support 7x24 Flexible service options

18©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |

Integrated with Check Point

Security Management

Customized multi-layered

DDoS protection

Ready to protect

in minutes

Summary

Blocks DDoS Attacks Within Seconds

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.

Thank You