Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
-
Upload
radware -
Category
Technology
-
view
1.041 -
download
2
Transcript of Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
![Page 1: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/1.jpg)
Radware DefenseFlow
The SDN Application That Programs Networks for DoS Security
Sales Presentation
April 2013
![Page 2: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/2.jpg)
• DDoS Threat is Evolving• Limitations of Legacy Out-Of-Path
Deployments• Radware DefenseFlow Solution• Summary
![Page 3: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/3.jpg)
US Banks Under Attack: From The News
3
![Page 4: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/4.jpg)
Anonymous Attacks Grow
4
Industry Security SurveyWhich of the following motivation(s) are behind the DDoS/DoS
attacks that you experienced?
Motivation is unknown
57%Political/Hacktivism
22%
Angry users10%
Competition6%
Ransoms5%
![Page 5: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/5.jpg)
Ponemon Research 2012:DDoS Attacks are Mainstream
5
of organizations had an average of 3 DDoS attacks in the past 12 months65%
Minutes average downtime during one DDoS attack54 MinAverage cost per minute of downtime$22,000Average annual cost of DDoS attacks
$3,000,000
![Page 6: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/6.jpg)
6
Limitations of Netflow Based Mitigation
CapabilityNetflow Based
Mitigation
Detection Network DDoS flood attacks Full coverage
Mitigation Mitigation response time Slow – 5 Minutes
Network OperationRequires BGP announcement, GRE
tunneling and several detectorsComplicated
Diversion Traffic granularity Low Granularity
Cost Effective
Requires hardware detectors
Requires scrubbing center
Consumes routers CPU and ports
Expensive
Slow
Complicated
Inaccurate
Expensive
![Page 7: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/7.jpg)
7
Introducing Radware DefenseFlow
Controller
DefensePro
SDN Data Plane
SDN Controller
SDN Applications
The SDN Application That Programs Networks for DDoS Protection
OpenFlow API
API
![Page 8: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/8.jpg)
Slide 8
DefensePro
Internet
“Flow Diversion” - Control
Detection Analyze & Decide
Programmable Probe – Collect
Security Service provisioning
Attack!!!
SDN Controller
Create baselines per: IP Address, Protocol &
Service (Port)
DefenseFlow: The SDN Application That Programs Networks for DoS Security
Configure DefensePro with learned baselines
![Page 9: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/9.jpg)
9
CapabilityNetflow Based
MitigationRadware DefenseFlow
Detection Network DDoS flood attacks Full coverage Full Coverage
MitigationMitigation response time
Slow – 5 MinImmediate –
seconds
Network Operation
Requires BGP announcement, GRE tunneling and several detectors
ComplicatedSimple -
diversion is a
network service
Diversion Traffic granularity Low GranularityHigh Granularity
– divert only
suspicious traffic
Cost Effective
Requires hardware detectors
Requires scrubbing center
Consumes routers CPU and ports
Expensive Low cost
DefenseFlow Vs. Netflow
Slow
Complicated
Inaccurate
Expensive
![Page 10: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/10.jpg)
10
Operator Benefits
• Designed for attack mitigation– Attack detection is performed out of path– During attack period only suspicious traffic is
diverted through mitigation device
• Scalable solution – DefensePro mitigation devices can be placed
in any location– DefenseFlow diverts the traffic to the nearest
mitigation device
• Easy provisioning– Adding protection policy to a customer in a
few seconds
• Lowest cost solution– Detection as a native SDN stats collection– Diversion as a native SDN control operation
![Page 11: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/11.jpg)
11
Summary
• DDoS attacks are prevalent threat to every business and agency
• Current Netflow based solutions fail to offer cost effective solution
• DefenseFlow is a SDN application that programs networks for DDoS Protection, gaining:– Easy provisioning– Immediate attack detection– Low cost
![Page 12: Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security](https://reader035.fdocuments.in/reader035/viewer/2022062420/55d53649bb61eba10f8b4575/html5/thumbnails/12.jpg)
Thank Youwww.radware.com