Radware Attack Mitigation System
-
Upload
radware -
Category
Technology
-
view
1.431 -
download
1
Transcript of Radware Attack Mitigation System
Radware Attack Mitigation System
Current Trends
19% of attacks are considered “constant” in 2014
52% of organizations expect to be able to fight attacks for
only a day or less.
Only 17.46% acknowledge being able to fight a month
long attack.
DDoS is the attack that will cause most harm.
*2014-2015 Global Application & Network Security Report
The Threat Landscape
3
Risk is on the rise for some unexpected targets: Healthcare
and Education.
Likelihood of attacks is also heating up for Gaming, Hosting
and ISP companies
Only one – Financial Services – actually moved from “High” to
“Medium” risk
– Enhanced protection based on prior year experiences helped
No one is Immune – Unexpected Targets
4
Extra-large attacks are seen on a daily basis
Attacks are targeting all types of organizations
Enabled by “better” technology via reflective attacks, at attacker’s
disposal
Point of Failure
The Internet pipe is now the organization’s #1 point of failure
5
Multi-Vector Attacks Integrated, hybrid solution to mitigate all types of attacks
IPS/IDS
“Low & Slow” DoS attacks (e.g.Sockstress)
Large volume network flood attacks
Syn Floods
Network Scan
HTTP Floods
SSL Floods App Misuse
Brute Force
Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
6
Radware Attack Mitigation System (AMS)
Integrated hybrid security solution
– On-premise detection and mitigation
– Cloud scrubbing to mitigate beyond the perimeter
Backed by Radware’s Emergency
Response Team
Also available as a fully-managed
service
Radware Attack Mitigation System (AMS) Dedicated hardware for attacks
Dedicated hardware for legitimate traffic
Behavior-based detection to
prevent service-level impact of
legit traffic
8
Emergency Response Team (ERT)
Protecting against top attack campaigns
Emergency Response Team (ERT) - 24x7 team of security experts for fast mitigation under attack
9
Behavior-based Detection
To prevent service-level impact of legit traffic
Behavior-based traffic analysis Rather than Superficial rate-based analysis
10
Dynamic Mitigation Engagement
to minimize security impact on service-level
In-Line when you must Out-of-Path when you can
11
Augmented Security via Collaboration
12
All security and application delivery elements exchange Defense Messaging for more accurate detection and protection and minimal impact on service-level
Distributed Architecture
Mitigation Mitigation Detection
12
AMS - Hybrid DDoS Mitigation Solution
Cloud Perimeter LAN
DefensePro
Defense Messaging
ADC
13
• Full coverage - Detects all types of SSL encrypted attacks
– SSL Negotiation Floods
– HTTPS Floods
– Encrypted Web Attacks
• Stateless solution - Non-vulnerable mitigation architecture
• Lowest latency approach - Legitimate transactions go through without decryption
• FIPS compliant & common criteria certified solution
• Single vendor, integrated management
AMS – Mitigating the SSL Threat
Unique SSL attack mitigation solution
14
AMS Elements
APSolute Vision
AppWall
DefensePro
15
Global Network of Scrubbing Centers
US US
UK Germany
Russia
Hong Kong
Brazil
16
Attack Mitigation System
Customers own and manage on-premises
components of AMS
DefensePipe cloud scrubbing service is used to
protect against internet pipe saturation
Customers are notified of attacks that require the
ERT involvement
Attack Mitigation Service
Radware owns and implements on-premises
components of AMS
DefensePipe cloud scrubbing service is used to
protect against internet pipe saturation
Customers are notified of attacks that require the
ERT involvement
Flexible Attack Mitigation Offerings
17
“Radware's Attack Mitigation System (AMS) mitigates both known and new forms of attack
while allowing legitimate business traffic to be handled as normal, so the business
continuity of our hosted cloud customers is preserved even while under attack.”
Nathaniel Kemberling, CTO, Brinkster
What Customers Say
“Radware’s Attack Mitigation System (AMS) fits perfectly within our secure cloud hosting architecture. The ability to stop a variety of multi-level attacks at the edge of our networks in North America and Europe empowers FireHost to provide the best protection in the industry.”
Chris Drake, Chief Executive Officer, FireHost
18
Summary
•Able to detect and mitigate the full scope of DDoS attacks Widest Coverage
•Minimal false positives with patent-protected behavioral analysis technology
•Real-time signatures and selective challenge-response mechanism for high mitigation accuracy
High Accuracy
•All attacks are detected on-premise in real-time
•Protection starts in seconds – shortest time to protect in the industry Shortest Time
•ERT’s security experts to manage attacks
•Fully-managed service option
• Integrated reporting system Complete Solution
Hybrid, integrated security solution with widest coverage and high quality of protection
19