Huawei Anti-DDoS Pre-sales Specialist Training · 2015-06-26 · Huawei Anti-DDoS Pre-sales...
42
Huawei Anti-DDoS Pre-sales Specialist Training Version: V1.1(20130204)
Transcript of Huawei Anti-DDoS Pre-sales Specialist Training · 2015-06-26 · Huawei Anti-DDoS Pre-sales...
Huawei Anti-DDoS Pre-sales Specialist
Training
Version: V1.1(20130204)
1
Contents
Click to add Title4 Success Stories
Click to add Title2 Product Highlights
Click to add Title3 Competitive Analysis
Click to add Title5 How to Obtain Documents
Click to add Title1 Market Overview and Positioning
2
Anti-DDoS Market Conditions
2011 saw 52 percent growth in the global anti-DDoS market over 2010.
Over the next five years, the anti-DDoS sub-markets are projected to reach a 23
percent annual compound growth rate. The mobile market is expected to grow
by 42 percent.
Traditional bearer networks constitute the single biggest sector of the anti-DDoS
market.
The demand for anti-DDoS solutions for data centers has been growing and is
expected to surpass mobile networks to become the largest subdivision of the
DDoS market by 2012.
Global market size by region
Japan, China, Germany, the United States, and Russia rank
top five in the world in DDoS market size, whereas Japan
and China account for 35% and 18.65% of the global market,
respectively.
The Huawei anti-DDoS solution has been sold to China,
Middle East and North Africa (MENA), and other areas.
3
Market Opportunities and Sales Strategy
IDCsGovernment
and Financial
InstitutionsLarge ISPs
and ICPs Carriers
Binding sales with Huawei products
Independent exploration
Agent development
Sales strategy
4
Application Scenario: Anti-DDoS for IDC Services
Service area 1
Service area 3
Service area 2
Entrusted server
Entrusted server
Entrusted server
Entrusted server
Entrusted server
Entrusted server
Entrusted server
Firewall
Anti-DDoS
device
Legitimate network
Botnet
Legitimate traffic
Attack traffic
•With value-added security services, the Internet Data Center
(IDC) administrator can configure multiple zones or customers
on one Huawei anti-DDoS device, in addition to specific
defense policies for services, accordingly. This secures the
IDC’s entrusted services.
5
Application Scenario: Government
Anti-DDoS
Device
Attack traffic
Legitimate network
Botnet
Legitimate traffic
Legitimate network
Firewall
Legitimate traffic
DMZ
Trust zone
Portal server
Legitimate traffic
Attack traffic
•Besides traditional anti-DDoS, Huawei provides anti-
DDoS specific to portals and e-government to stand
against User Datagram Protocol (UDP)/Internet Control
Message Protocol (ICMP) composite network floods,
HTTP retransmission, and Call Control (CC) attacks.
6
Application Scenario: Finance
Anti-DDoS
device
Attack traffic
Legitimate network
Botnet
Legitimate traffic
Legitimate network
Firewall
Legitimate traffic
DMZ
Trust
zone
Online services, such as eBanking
and securities
Legitimate traffic
Attack traffic
•Online service systems, such as credit cards, eBanking, and portals
are vulnerable to UDP/ICMP composite flood attacks (occupying
bandwidths) and application attacks, such as HTTP flood attacks (on
eBanking), DNS query flood attacks (on DNS services), HTTP floods,
and CC attacks (on web services).
•Huawei’s anti-DDoS solution effectively defends against DDoS
attacks specific to online financial systems.
7
Application Scenario — DNS Defense
Anti-DDoS
device
Attack traffic
Legitimate network
Botnet
Legitimate traffic
Legitimate network
Firewall
Legitimate traffic
DMZ
DNS server
Legitimate traffic
Attack traffic
•In addition to traditional anti-DDoS, Huawei rolls out a dedicated
defense for Domain Name System (DNS) services, such as DNS
vulnerability filtering, query flood attack defense against both forged
and real source IP addresses, rate limiting over DNS request packets
by type, and DNS service access monitoring; moreover, Huawei
provides intelligent caching to guarantee user access efficiency during
massive DDoS attacks.
DNS server
8
Contents
1 Market Overview and Positioning
Click to add Title4 Success Stories
Click to add Title3 Competitive Analysis
Click to add Title5 How to Obtain Documents
2 Product Highlights
9
HUAWEI Anti-DDoS Solution Structure
HUAWEI Anti-DDoSSolution
Anti-DDoSSolution
Management Center
Detection Center
Cleaning Center
10
HUAWEI Anti-DDoS Solution Components
DDoS Detection Center DDoS Cleaning Center Management Center
AntiDDoS8000AntiDDoS1500-D
AntiDDoS8000
AntiDDoS1520
ATIC
<=5 G
<=200 G
<=2 G
<=200 G
Managerment Center Software and Management
ServersAntiDDoS1550
<=5 G
11
Huawei Anti-DDoS Solution
Accurate and All-rounded:• Defends against more than 100
types of DDoS attacks
IPv6 attack defense capabilities
• Zero false positives
Value-added operation:• Fine-grained policies
• Protection for 100,000 VIPs
• Diversified self-services
Efficient and speedy:• 200 Gbit/s processing capability
• Response in seconds
Large-traffic
attacks
Application-layer
attacks
Malformed packet
attacks
Tenant self-help system
Service protection system
Botnet, Trojan, and
worm attacks
12
200 Gbit/s
High Performance and Rapid Response
• Most highly integrated service boards in the
industry
• Four high-performance multi-core CPUs
• Dedicated boards that each defend against
up to 15 million pps DDoS attacks
DDoS defense performance
Number of service boards
Similar industry products
Huawei solution
• Traffic diversion on interface boards,
ensuring load balancing
• Ten times the expansion capability for an
integrated system
• Supports 80 x 10 GB interfaces
• 200 Gbit/s processing for an
integrated system
• Less than two-second attack
response time
• Continuous and reliable protection
for one to three years
13
Accurate and Comprehensive
• Ability to defend against 30 percent more attacks than
similar industry products
• Unique ability to defend against SSL DDoS attacks
• Global first error-free attack identification solution
• Industry-leading IPv6 attack defense capabilities
• Can collect more than 20,000 GB traffic samples
• Seven-layer filtering and credit analysis
• Intelligent IPv4/IPv6 dual stack
• Intelligent redirection
14
Value-added Operation
Diversified
Operation Features
• Various fine-grained defense
policies
• Protects 100,000 tenants
• Protects more than 500,000 IP
addresses
• Tenant self-help portal
• Diversified security operation
reports
Attack Report Display
Self-Help Portal ConfigurationDDoS Protection Services
Provisioned by an IDC
IDC Attack Statistics Report
15
Anti-DDoS Operator Return on Investment
VIP ROI
Service Fees:
Fees: $2,000/Month Fees over three years:
$72,000
Device Purchase costs:
Devices: $150,000Maintenance costs: $150,000
Saved investment costs: 82%
Higher Returns on Investment (ROI):
IDC ROIInvestment Device Costs: $1 M
Service Costs: $0.15 M
Services Income:
Customers: $50 M
Income over three years: $3.6 M
More Customers
ROI:
16
AntiDDoS Operation Mode
¥/月¥/次
Administrator
AntiDDoS OperationCenter
AntiDDoS Devices
Self-Service
Self-Report
Service Order
17
Contents
3 Competitive Analysis
Click to add Title4 Success Stories
Click to add Title1 Market Overview and Positioning
Click to add Title2 Product Highlights
Click to add Title5 How to Obtain Documents
18
Competitive Products: Huawei and Peer Vendors
40G
1G
2G
10G
Performance
5G
ADS1600D: 500 M
TMS1200: 1.5 G
DefensePro506: 500 M
AntiDDoS1520: 2 G
ADS2000D: 1 G
ADS4000: 4 G
ADS6000: 10 G
APS2104: 2 G
TMS2500: 2.5 G
APS2105: 4 G
TMS3050: 5 G
APS2107: 8 G
TMS3100: 10 G
TMS4100: 10 G
TMS4200: 20 G
TMS4400: 40 G
APS2108: 10 G
DefensePro1006: 1 G
DefensePro1016: 1 G
DefensePro2006: 2 G
DefensePro2016: 2 G
DefensePro3016: 3 G
DefensePro4412: 4 G
DefensePro8412: 8 G
DefensePro12412: 12 G
AntiDDoS1550: 5 G
AntiDDoS8030: 10 G
AntiDDoS8030: 20 G
AntiDDoS8080: 40 G
AntiDDoS8160: 100 G
AntiDDoS8160: 200 G
19
20
Introduction to NSFOCUS and DDoS Products
• Founded in April 2000 as one of the earliest Chinese enterprises to
provide network security services
• Headquartered in Beijing, with about 1,100 employees globally
• Works on network security, application security, and Web security:
• Engaged in security products R&D, sales, delivery, and production
• Offering professional services, such as security consulting and security
Operations, Administration and Maintenance (OAM)
• A popular security brand in China
Products:• Intrusion prevention system
• Anti-DDoS system• Remote security evaluation system
• Web defense system
• Security auditing and log management
Solutions:• Portal website security solution for carriers
• DNS security solution for carriers
• Traffic cleaning solution for metropolitan core networks
• Traffic cleaning solution for Internet cafes and private
carrier Internet access networks
• Traffic cleaning solution for large DCs on Metropolitan
Area Networks (MANs)
• eBanking security system solution
ADS 6000 ADS 4000
Model Performanc
e
Interfaces
1600D 500 Mbit/s/0.8
Mpps
2 x 1 GE (electrical/optical
optional)
2000D 1 Gbit/s/
1.48 Mpps
2 x 1 GE (SFP) + 2 x 1 GE
(electrical)
4000 4 Gbit/s/
5.95 Mpps8 x 1 GE (SFP) + 4 x 1 GE
(electrical) + 4 x 10 GE (optional)
6000 10 Gbit/s2 x 10 GE (SFP+) + 2 x 1 GE
(electrical) + 2 x 1 GE (SFP)
• The Blackhole 6000 hardware platform is unstable with frequent online failure reports.
The mainstream NSFOCUS product features a 3 x Blackhole 4000 cluster that is
purported to support 10 G performance but provides only 8 G small-packet defense
capability.
21
Huawei versus NSFOCUS Basic Element NSFOCUS Huawei Huawei’s Competitive Edge
Performance
The high-end ADS6000 was announced to provide 10
Gbit/s performance, but the hardware platform is
unstable. Instead, NSFOCUS delivers 3 x 4000 cluster
as its mainstream 10 Gbit/s solution.
High-defense performance with an overall capability of
200 Gbit/s/150 Mpps
Higher performance for carriers and
large IDCs can be used to weaken
the peer vendor’s position.
Functions
Does not support zombie/Trojan horse/worm
defense.
Bidirectional defense, downlink anti-DDoS, uplink
DDoS + zombie/Trojan horse/worm filtering; defense
against more than 200 zombies/Trojan
horses/worms
Bidirectional defense can be used to
weaken the peer vendor’s position.
The DNS cache server defense has a defect due to the
Task Clustering (TC) algorithm. The DNS
authorization server defense for non-carrier
customers does not achieve ideal results, resulting in
normal service interruptions.
Combination of redirection, proxy-based defense, and
domain name filtering; acceleration by static caching,
dynamic caching, and intelligent caching;
professional DNS defense
DNS defense can be used to
weaken the peer vendor’s position.
IPv4/IPv6 attack detection and cleaning are not
supported.
IPv4/IPv6 attack detection and cleaning IPv6 support can be used to weaken
the peer vendor’s position.
A lack of session support causes ineffective defense
against application-layer and low-rate connection
attacks.
Seven-layer credibility and session detection
effectively prevents application-layer and low-rate
connection attacks.
Application-layer attack defense can
be used to weaken the peer
vendor’s position.
Scalability
The Blackhole 6000 does not support clustering. The 3
x Blackhole 4000 cluster is used instead for higher
performance but with difficult cluster management.
20 Gbit/s/15 Mpps per Service Processing Unit (SPU),
200 Gbit/s per system, and smooth capacity
expansion at lower upgrade cost
Focus on the peer vendor product's
defective clustering function.
Reliability
Poor hardware capabilities; frequent switchover
between the x86, NP + FPGA, and MIPS platforms;
immature and unreliable hardware and software
platforms; frequent online failure reports on the
Blackhole 6000
Professional hardware and software design teams,
mature hardware and software platforms, and system
reliability as high as 99.999 percent
Higher hardware and software
reliability can be used to weaken the
peer vendor’s position.
Detecting device
Netflow-based abnormal traffic detection and
insufficient traffic monitoring and analysis capabilities
Effective identification of application-layer attacks and
low-rate connection attacks through Digital Program
Insertion (DPI); professional abnormal traffic detection
and analysis through Netflow Traffic Analyzer (NFA)
NFA can be used to weaken the
peer vendor’s position.
22
How to Beat NSFOCUS (Low-End Application: ADS2000D and ADS4000)
Low Hardware and
Software Reliability
Poor hardware capabilities;
frequent switchover between the
x86, NP + FPGA, and MIPS
platforms; immature and
unreliable hardware and
software platforms
Example: Tencent encountered
hardware problems using
Blackhole products, complaining
more than once that the
problems remained unresolved.
Highlight NSFOCUS low-end products’ unreliable hardware and software, poor
application-layer attack defense, and poor DNS defense. Highlight Huawei products'
capabilities in bidirectional defense and IPv6 attack defense.
Poor Application-Layer
Attack Defense
Ineffective defense against
application-layer attacks and
low-rate connection attacks
Not supported:
HTTP: HTTP low-rate headers,
low-rate post, and
retransmission attacks
HTTPS: SSL-DoS, SSL-DDoS
Simple Mail Transfer Protocol
(SMTP): Sockstress
Poor DNS Defense
Defective DNS cache server
defense based on the TC
algorithm; poor DNS
authorization server defense for
non-carrier customers and
normal services interruptions
Example: NSFOCUS Blackhole
products failed to provide DNS
defense for Hubei Mobile.
& &
23
How to Beat NSFOCUS (High-End Application: ADS4000 Cluster and ADS6000)
Competitive Advantages Problems with the Blackhole ClusterPerformance
Unstable ADS6000 hardware platform with a
published performance of 10 Gbit/s, 3 x Blackhole
4000 cluster as the mainstream 10 Gbit/s solution.
Reliability
Poor hardware capabilities; frequent platform
switchover; immature and unreliable hardware and
software platforms; unstable Blackhole 6000
hardware platform with frequent online failure reports
Application-layer attack defense
Ineffective defense against application-layer and low-
rate connection attacks
Not supported:
HTTP: HTTP low-rate headers, low-rate post, and
retransmission attack
HTTPS: SSL-DoS, SSL-DDoS
SMTP: Sockstress
DNS defense
Defective DNS cache server defense based on TC
algorithm; poor DNS authorization server defense for
non-carrier customers, with normal services
interruptions
Problem description:
Adding three-device clusters to expand
capacity leads to difficult management.
Providing 80 G small-packet cleaning
capability requires 30 devices.
Eight 1000 M service cables and two
1000 M management cable for each
cluster causes complicated cabling and
maintenance.
The solution uses a number of clustering
devices and complicated maintenance
interfaces
Cluster description:
One active and two standby devices
Master and slave devices linked by four
bound 1000 M interfaces for load
sharing
Power consumption of 300 W per
device and 900 W per 10 G cluster
24
25
Introduction to Arbor
Headquartered in Chelmsford,
Massachusetts, and Miami, Florida
Founded in 2000, Arbor offers anti-DDoS and network visibility and security
solutions to customers around the world.
Arbor aims to become a leading provider of network monitoring and
security solutions.
Headquartered in the United States, Arbor has partnered with world
renowned network equipment providers such as Cisco and Alcatel-
Lucent.
Arbor has more than 250 employees and delivers well-marketed solutions.
Investing heavily in R&D, Arbor has developed the industry-leading
Arbor Threat Level Analysis System (ATLA) and provides global
attack feature sharing.
Arbor traffic monitoring and DDoS solutions have a share of the
international market (the shares Huawei won outside China were from
Arbor and Cisco).
Arbor products are sold worldwide, primarily through agents.
Products and solutions: • Cisco/Arbor Clean Pipes 2.0 solution
• DNS solution
• Data center security solution
• In-Cloud DDoS protection services
• Mobile subscriber visibility and
management
• Protecting and managing the mobile
data infrastructure
• Network behavior analysis
Highlight traffic analysis, monitoring, and cleaning for all products.
26
Traffic Cleaning ProductsModel Performance Interfaces
TMS1200 1.5 Gbit/s/0.4 Mpps 4 x 1 Gbit/s
TMS2500 2.5 Gbit/s/1.1 Mpps 6 x 1 Gbit/s
TMS3050 5 Gbit/s/1.5 Mpps (software
upgradable to the 3100 series)
2 x 10 Gbit/s, scalable to 3 x 10
Gbit/s
TMS3100 10 Gbit/s/4 MppsUp to 3 x 10 Gbit/s
TMS3110
TMS4000 10 Gbit/s/4 Mpps
8 x 10 Gbit/s, extendable to four
APMs
TMS4100 20 Gbit/s/8 Mpps
TMS4200 30 Gbit/s/12 Mpps
TMS4300 40 Gbit/s/16 Mpps
Model Performance Interfaces
APS2104 2 Gbit/s 2 x 10 Gbit/s (SFP+)
12 x 1 Gbit/s (electrical/optical
optional) APS2105 4 Gbit/s
APS2107 8 Gbit/s/8.5 Mpps
APS2108 10 Gbit/s/8.5 Mpps
Abnormal traffic identification through source authentication, application-layer attack detection through regular expression, and rate limiting for
defense
Cleaning technology:
27
Huawei versus ArborBasic Element Arbor Huawei Huawei’s Competitive Edge
Performance
Terminal Security Management (TMS): The
announced processing performance was 10 Gbit/s,
but the actual small-packet defense performance is
as low as 3 to 4 Mpps (< 3 Gbit/s), and system
performance is about 10 Gbit/s.
Availability Protection System (APS): The
announced maximum performance was 10 Gbit/s,
but the actual small-packet defense performance is
as low as 8.5 Mpps (< 6 Gbit/s), resulting in poor
application-layer attack defense performance.
Defense performance as high as 20 Gbit/s/15
Mpps per board, upgradable to 200 Gbit/s/150
Mpps per system, and smooth capacity
expansion at lower upgrade cost
Use the higher performance for carriers and large
IDCs to weaken the peer vendor’s position.
Functions
TMS: Zombie/Trojan horse/worm defense not
supported
APS: Defense against more than 150
zombies/Trojan horses/worms
Bidirectional defense, downlink anti-DDoS, uplink
DDoS + zombie/Trojan horse/worm filtering, and
defense against more than 200 zombies/Trojan
horses/worms
Supports zombie/Trojan horse/worm defense through
the APS, which is the highlight of the peer vendor’s
product.
Ineffective defense against DNS cache poisoning
and DNS reply reflection attacks based on source
rate limiting, with normal services interrupted
Combination of redirection, proxy-based defense,
and domain name filtering; acceleration with static
caching, dynamic caching, and intelligent caching;
professional DNS defense
Use the DNS defense to weaken the peer vendor’s
position.
Signature- and feature-based application-layer
attack defense, leading to incomplete attack
detection, false positives, and service interruption
Seven-layer credibility and session detection to
effectively prevent application-layer and low-rate
connection attacks
Use the application-layer attack defense to weaken the
peer vendor’s position.
Availability
APS ready for use after simple configuration,
providing real-time attack visibility and flexibility to
change attack defense policy and threshold when
needed
Application-based defense policy, rich reports,
various forensics technologies, visibility, operability,
and traceability
Lower availability and visibility than the peer vendor
Price and
Emergency
Response
High price: About 30 percent higher than Huawei
products of the same class; high annual OAM cost,
20 to 30 percent of total device price; local customer
service unavailable, leading to untimely
emergency response
Timely response to demand and customized
development
Lower product price and OAM cost, in addition to
timely demand response
Detection
Device
Insufficient capability for identifying application-layer
and low-rate connection attacks based on Netflow
detection
Effective identification of application-layer and low-
rate connection attacks through DPI; professional
abnormal traffic detection and traffic analysis
through NFA (Netflow)
Use DPI for attack detection application and NFA for
the Netflow application to weaken the peer vendor’s
position.
28
How to Beat Arbor
Performance (Carriers and Large IDCs)
Application-layer Attack Defense
Price and Emergency Response
• The published processing performance of the
TMS is 10 Gbit/s, but the actual small-packet
defense performance is as low as 3 to 4 Mpps,
and system performance is about 10 Gbit/s.
• Poor defense against application-layer attacks
• Signature- and feature-based
application-layer attack defense leads to
incomplete attack detection, false
positives, and service interruptions.
• High price and annual OAM costs (20 to
30 percent of the total device price)
• Local customer service unavailable,
leading to untimely emergency
response
29
30
Introduction to Radware and Its Products• Founded in April 1997
• Initial Public Offering (IPO) in September 1999
• Headquartered in Tel Aviv, Israel, globally, and
Mahwah, New Jersey, in the United States.
• Acquired V-Secure in 2005 and Covelight in 2007
• Acquired Nortel's L4-L7 business in 2007
• More than 700 employees around the world
• USD $144.1 million revenues in the 2010 fiscal year
• More than 10,000 customers around the world
• Radware (NASDAQ: RDWR) is the world’s leading
provider of integrated application delivery solutions.
Radware solutions ensure complete availability, best
performance, and key application security.
Anti-DDoS Products:DefensePro ®, an integrated attack defense
solution, combines IPS, anti-DoS, and
network behavior analysis into a single device,
helping prevent new threats from the Internet.
Smooth upgrades from low-end to high-end
products in the same series
Model Performanc
e
Interfaces
506 500 Mbit/s 4 x 10/100/1000
2 x 1 Gbit/s (SFP)1006 1 Gbit/s
2006 2 Gbit/s
1016 1 Gbit/s 12 x 10/100/1000
4 x 1 Gbit/s (SFP)2016 2 Gbit/s
3016 3 Gbit/s
4412 4 Gbit/s8 x 10/100/1000
4 x 1 Gbit/s (SFP)
4 x 10 Gbit/s (XFP)
8412 8 Gbit/s
12412 12 Gbit/s
31
Radware AMS Solution
Using an all-in-one design, DefensePro combines anti-DDoS, Network Behavioral
Analysis (NBA), Secure Sockets Layer (SSL) attack defense, and IPS functions.
32
Huawei versus RadwareBasic
Element
Radware Huawei Huawei’s Competitive Edge
Performance
The published maximum performance is 12 Gbit/s,
but the actual small-packet defense performance is
as low as 12 Mpps (8 Gbit/s), or even lower with
other applications running. It is applicable to low-
end scenarios but not up to the performance and
scalability requirements of mid-range and high-end
scenarios
Overall defense performance as high as 200
Gbit/s/150 Mpps
Use higher performance for carriers and large IDCs to
weaken the peer vendor’s position.
Functions
The all-in-one design combines anti-DDoS, IPS,
NBA, and bandwidth management functions.
Professional anti-DDoS, DNS defense, and
application-layer attack defense
Better anti-DDoS
DNS attack defense is unavailable. Combination of redirection, proxy-based
defense, and domain name filtering;
accelerating by static caching, dynamic
caching, and intelligent caching;
professional DNS defense
Use the DNS application to weaken the peer vendor’s
position.
Heavy-traffic DDoS attack defense: It is ineffective
defense against application-layer and low-rate
connection attacks.
Seven-layer credibility and session
detection to effectively prevent application-
layer and low-rate connection attacks
Use application-layer attack defense to weaken the peer
vendor’s position.
Availability The solution offers professional and user-
friendly management interfaces with rich
functionality.
Application-based defense policy, rich reports,
various forensics technologies, visibility,
operability, and traceability
Slightly lower visibility than peer vendor
Detection
Device
Lack of a professional detection device means that
only in-line DDoS product deployment is
supported.
Effective identification of application-layer
attacks and low-rate connection attacks
through DPI; professional abnormal traffic
detecting and traffic analysis through NFA
(Netflow)
Use flexible networking and NFA for the Netflow
application to weaken the peer vendor’s position.
33
How to Beat Radware
Performance (Carriers and Large IDCs)
Application-layer Attack Defense
Lack of Professional Detection Device
The announced maximum processing performance
is 12 Gbit/s, but the actual small-packet defense
performance is as low as 12 Mpps (8 Gbit/s), or
even lower when other applications are running.
Huawei can outshine the peer vendor in the mid-
range and high-end markets.
• Heavy-traffic DDoS attack defense
• Ineffective defense against application-layer
and low-rate connection attacks
• DNS defense unavailable
• Lacks professional detection device.
• Supports only in-line DDoS product
deployment.
34
Contents
4 Success Stories
3 Competitive Analysis
Click to add Title1 Market Overview and Positioning
Click to add Title2 Product Highlights
Click to add Title5 How to Obtain Documents
35
Tencent: Defense against Large-Traffic Application-
Layer Attacks
DDoS attacks of more than 40 Gbit/s, including multiple application-layer
attacks, such as DNS flood attacks
Globally distributed IDCs that required an anti-DDoS solution to be
deployed in multiple places with a uniform defense capability
Huawei devices have successfully defended the
IDCs against continuous large-traffic DNS flood
attacks, maintained the normal operation of IDCs,
and ensured service stability and continuity.
So far, we have received no complaints.
— Zong Ze, director of Application O&M Security Center in
Tencent
Challenges
Solution
Deployed 40 Gbit/s gateways in bypass mode on the outgoing gateway
server to protect carriers against more than 100 types of DDoS attacks.
Deployed a centrally managed anti-DDoS solution at multiple levels.
36
Aliyun Cloud Computing Data-Center: High-Traffic
Defense and Increased Profits
Frequent DDoS attacks of 10 to 40 Gbit/s
Diversified attacks and frequent application-layer attacks
Defense against DDoS attacks for thousands of tenants (small and
medium-sized enterprises) and ROI growth
After being deployed, the Huawei anti-DDoS solution
runs reliably and stably to protect the system against
various DDoS attacks.
In addition, the Huawei solution is scalable and can meet our
current and future development demands.— Alibaba Information Security Center Department director
Challenges
Solution
Deployed 40 Gbit/s gateways in bypass mode on the outgoing gateway
server to protect carriers against more than 100 types of DDoS attacks.
Offered operation features, such as fine-grained multi-tenancy
configurations and self-services.
Alibaba Cloud Computing
37
Contents
3 Competitive Analysis
Click to add Title4 Success Stories
Click to add Title1 Market Overview and Positioning
Click to add Title2 Product Highlights
Click to add Title5 How to Obtain Documents
38
Huawei Sales Enablement Resources
1. What is Huawei’s Pre-sales Channel Documentation?
2. Where can I get the documentation?
3. How do I use the documentation?
4. Where can I find and give feedback?
Where can I find and
give feedback?
Resource 1: Enterprise Website
http://enterprise.huawei.com/en/
Resource 2: Email
Partnership Policy
– Learn the Partner Policy.
Partner Query
– Find a partner.
Partnership
– Become a partner.
Partner Support Area
– Get support anytime and anywhere.
Resource 3: Documentation User’s Guide
39
Huawei Document Resources
Where can I find
and give feedback
Web
http://enterprise.huawei.com/en
Product Main Slide (High-
level Version)
Product Main Slide (Tech-
level Version)
Sales Strategy Quick
Reference
Sales Strategy
Guidance
Product Brochure
(Brief edition)
Product
Datasheet
Quick
Reference
Module
Brochure
Feature Brochure
Product Photo
Article
Product Video
Case Study
Certificate Report
Function List
Product Comparison
List
Ordering Guide
EOM&EOS
Notice
Product Description
Product
Hardware Description
Test Report
(3rd party)
User Report
Product Pre-sale
Training Materials
FAQ
White Paper
Presentations Sales GuidesBrochuresBranding Case Studies Bidding Training White Papers
40
Open Discussion
Any Questions?
Copyright©2012 Huawei Technologies Co., Ltd. All Rights Reserved.
The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive
statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time
without notice.
HUAWEI ENTERPRISE ICT SOLUTIONS A BETTER WAY
![Worm DDos Spam - SecurityCN.net · CNCERT/CC CNCERT/CC CNCERTCC_TR_2005-001(Draft) Worm DDos Spam Phishing Spyware Botnet [1] Bot DDos DDos Bot: ±Robo Bot](https://static.fdocuments.in/doc/165x107/5c040e7609d3f203258dac36/worm-ddos-spam-cncertcc-cncertcc-cncertcctr2005-001draft-worm-ddos-spam.jpg)
