![4
Arbor - a Trusted & Proven Vendor Securing the World’s
Largest and Most Demanding Networks
90%
Percentage
of
world’s
Tier
1
service
providers
who
are
Arbor
customers
107
Number
of
countries
with
Arbor
products
deployed
47.1
Tbps
Amount
of
global
traffic
monitored
by
the
ATLAS
security
intelligence
ini3a3ve
right
now
–
25%
of
global
Internet
traffic!
#1
Arbor
market
posi3on
in
Carrier,
Enterprise
and
Mobile
DDoS
equipment
market
segments
–
61%
of
total
market
[Infone3cs
Research
Dec
2011]
Number
of
years
Arbor
has
been
delivering
innova3ve
security
and
network
visibility
technologies
&
products
13
$16B
2011
GAAP
revenues
[USD]
of
Danaher
–
Arbor’s
parent
company
providing
deep
financial
backing](https://image.slidesharecdn.com/btr2013-simoncartwright-131008052821-phpapp02/85/Nas-nie-zaatakuja-3-320.jpg)
![Attack Mitigation. In Poland
1. Detect
(Network wide: CP using Flow)
2. Activate Mitigation (TMS)
4. Clean the Traffic and forward the legitimate
(Network wide: using ON-Ramp Technique [e.g. MPLS, GRE, VLAN, …])
5. Protected
3. Divert Traffic (Network wide: BGP OFF-Ramp announcement)
CP
TMS](https://image.slidesharecdn.com/btr2013-simoncartwright-131008052821-phpapp02/85/Nas-nie-zaatakuja-24-320.jpg)
Nas nie zaatakują!
- 1. Arbor Networks Poland. 3rd October 2013 Simon Cartwright Director of Security Services!
- 2. Agenda • Who is Arbor ? • What is DDoS • Evolu3on of DDoS • Trends in DDoS • A9ack Traffic Details Poland • Protec3on Op3ons • The Enterprise Ques3on • Visibility & Control • Ne3a/Arbor/NCR Partnership • Ques3ons. At Booth
- 3. 4 Arbor - a Trusted & Proven Vendor Securing the World’s Largest and Most Demanding Networks 90% Percentage of world’s Tier 1 service providers who are Arbor customers 107 Number of countries with Arbor products deployed 47.1 Tbps Amount of global traffic monitored by the ATLAS security intelligence ini3a3ve right now – 25% of global Internet traffic! #1 Arbor market posi3on in Carrier, Enterprise and Mobile DDoS equipment market segments – 61% of total market [Infone3cs Research Dec 2011] Number of years Arbor has been delivering innova3ve security and network visibility technologies & products 13 $16B 2011 GAAP revenues [USD] of Danaher – Arbor’s parent company providing deep financial backing
- 4. Arbor’s proud history of productizing innovation in distributed networks.# Arbor is the most trusted and widely deployed solution for DDoS & Botnets.# Arbor sees more global traffic and threats than anyone else on the planet." Only Arbor has a fully integrated solution to quickly detect & stop advanced threats." • Honored as a top 10 global innovations# • Key patents in networking & security.# • Analyzing over 48TB of data per second# • Monitoring over 110K malware families# • Integrated to detect & stop threats anywhere# • See beyond the network through ATLAS# • Over 90% of the world’s Tier 1 ISPs# • 9 of the top 10 largest business networks# Arbor Networks Overview
- 5. Threat Landscape Era’s Network Protocol Content Advanced Threats 1999-‐2005 2006-‐2010 2010-‐Today § Synflood (Trinoo/TFN) § Code Red § Slammer § Zotob § Conficker (2008) § Web Browser § Web Applications § Doc/PDF/etc. § Flash/Shockwave § Java § Aurora § Operation Payback § Stuxnet/Flame/Duqu § APT § Cyber Warfare
- 6. During a Distributed Denial of Service (DDoS) attack, compromised hosts or bots coming from distributed sources overwhelm the target with illegitimate traffic so that the servers can not respond to legitimate clients. What is a DDoS Attack? 7
- 7. DDoS The DDoS weapon of choice for Anonymous activists LOIC, was downloaded from the internet 1.167.305 times during 2011/12(sourceforge.net)
- 9. Everyone is a Target 10
- 10. DDoS Devastating Costs 11 *Neustar Insights DDoS Survey: Q1 2012 The impact of loss of service availability goes beyond financials: Opera@ons Help Desk Recovery Employee Output Penal@es Lost Business Brand & Reputa@on Damage 35% of those a9acked said it lasted More than a day 67% of retailers said outages cost $100,000 per hour 21% overall said outages cost $50,000 per hour
- 11. Today’s Attacks are More Frequent 12
- 12. Today’s Attacks 13 2012 2013 (so far….) Number of A9acks 713 986 Average Dura3on 38mins 37secs 29mins 50secs Longest A9ack 1day 16hrs 07secs 1day 4hrs 45mins 58secs
- 13. Volumetric DDoS" Bots & Botnets" Mobile Malware" Availability# Confidentiality#IMPACT" THREAT SPECTRUM" The Next Generation of Threats
- 14. Netia’s Unique Threat Ecosystem 16 The ecosystem between smart providers & enterprises to offer comprehensive protec3on from ac3ve threats Enterprise NetworksNetia D Enterprise data center services are now fully available and secure from advanced threats!
- 15. Diverse end-points are accessing your network from anywhere." Your assets are distributed everywhere." Corporate Offices" Broadband"Mobile" Content" Corporate Servers & Applications" SaaS" A Global, Hybrid infrastructure" Private Network" Public Clouds" Internet" The Global Network is Your Business
- 16. CDNs" Mobile Carriers" Service Providers" SaaS" Cloud Providers" Enterprise Perimeter" Mobile WiFi" Employees" Corporate Servers" Remote Offices" Internal Apps" Never see the external threat traffic" Can’t withstand a direct attack" Never see the threat already inside enterprise " Existing Solutions Have Critical Gaps
- 17. Cloud" Pravail" Availability Protection System" Pravail" Network Security Intelligence" See and stop the threat anywhere# Stop the threat# See the threat lurking inside the enterprise# CDNs" Mobile Carriers" Service Providers" SaaS" Cloud Providers" Enterprise Perimeter" Mobile WiFi" Employees" Corporate Servers" Remote Offices" Threat Dashboard" Netia’s Solution Bridges the Gaps Internal Apps"
- 18. Users An@-‐Virus IDS/IPS NAC Firewall Secure Trust Perimeter Mobile Users Malware BYOD Internet Mobile Users Secure Trust Perimeter Insider Misuse Home Office(s) Cloud Services VPN Malware Advanced Threats: From Outside AND Inside Network boundaries are harder to define – Cloud based data and applications – Employee mobility / BYOD – Home Working Threats are harder to keep out – Targeted threats – Walk-in threats (on portable devices) – Malicious insider Challenge: Control & Security of business data, applications and services as businesses evolve. Data Center
- 19. Attack Mitigation. In Poland CP TMS
- 20. Attack Mitigation. In Poland CP TMS
- 21. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) CP TMS
- 22. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) CP TMS
- 23. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) 3. Divert Traffic (Network wide: BGP OFF-Ramp announcement) CP TMS
- 24. Attack Mitigation. In Poland 1. Detect (Network wide: CP using Flow) 2. Activate Mitigation (TMS) 4. Clean the Traffic and forward the legitimate (Network wide: using ON-Ramp Technique [e.g. MPLS, GRE, VLAN, …]) 5. Protected 3. Divert Traffic (Network wide: BGP OFF-Ramp announcement) CP TMS