Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.
|
|
- Prudence Barton
- 5 years ago
- Views:
Transcription
1 Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.
2 Copyright Huawei Technologies Co., Ltd All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Website: Huawei Industrial Base Bantian, Longgang Shenzhen People's Republic of China Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. i
3 Contents Contents 1 Concepts What Is? What Are a SYN Flood Attack and an ACK Flood Attack? What Is a CC Attack? What Is a Slow HTTP Attack? What Are a UDP Attack and a TCP Attack? What Is a Black Hole? What Is the Million-level IP Address Blacklist Database? What Restrictions Does Have? What Services Can I Use In? How Do I Use? What Kinds of Attacks Does Defend Against? Will I Be Promptly Notified When an Attack Is Detected? What Service Can I Use When My Service Traffic Is Larger Than the Defense Limit? What Should I Do If My Service Is Frequently Attacked? What Is the Difference Between ELB Defense and EIP Defense? What Is the Maximum Protection Bandwidth for Regions in China? Why Is the Number of Times of Cleaning Different from the Number of Attacks for the Same Instance IP Address? Is Enabled by Default? Is the Free Protection Capability of 5 Gbit/s for a Region or a Single IP Address? Will a Black Hole Be Triggered for My Business According to the Displayed Black Hole Threshold? How Do I Temporarily Disable? Do I Need to Clear the Resources of When I Deregister an Account?... 7 Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. ii
4 1 Concepts 1 Concepts 1.1 What Is? The traffic cleaning service ( for short) defends resources (Elastic Cloud Servers (ECSs), Elastic Load Balance (ELB) instances, and Bare Metal Servers (BMSs)) on HUAWEI CLOUD against network- and application-layer distributed denial of service (DDoS) attacks and sends alarms immediately when detecting an attack. In addition, improves the utilization of bandwidth and ensures the stable running of users' services. monitors the service traffic from the Internet to ECSs, ELB instances, and BMSs to detect attack traffic in real time. It then cleans abnormal traffic according to userconfigured defense policies without affecting service running. In addition, monitoring reports are generated, presenting users with clear network security evaluations. 1.2 What Are a SYN Flood Attack and an ACK Flood Attack? A SYN flood attack is a typical denial of service (DoS) attack. Utilizing the loop hole in the Transmission Control Protocol (TCP), the attacker sends a huge number of forged TCP connection requests to the target to exhaust its resources (fully loaded CPU or insufficient memory). Consequently, the target fails to respond to normal connection requests. An ACK flood attack works in a similar mechanism as a SYN flood attack. 1.3 What Is a CC Attack? In a challenge collapsar (CC) attack, the attacker uses a proxy server to generate and send disguised requests to the target host. In addition, the attacker controls other hosts in the Internet and makes them send large numbers of data packets to the target server to exhaust its resources. In the end, the target server stops responding to requests. As you know, when many users access a web page, the page opens slowly. So in a CC attack, the attacker simulates a scenario where a large number of users (a thread represents a user) are accessing pages all the time. Because the accessed pages all require a lot of data operations (consuming many CPU Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 1
5 1 Concepts resources), the CPU usage is kept at the 100% level for a long time until normal access requests are blocked. You can use the CC defense function to control the HTTP request rate. 1.4 What Is a Slow HTTP Attack? Slow HTTP attacks are a variation of CC attacks. Here is how slow HTTP attacks work: The attacker establishes a connection to the target server which allows HTTP access. Then the attacker specifies a large content length and sends packets in an extremely low rate, such as one byte per one to ten seconds. The connection is maintained this way. If the attacker keeps establishing such connections, available connections on the target server are slowly consumed and the server will stop responding to valid requests. 1.5 What Are a UDP Attack and a TCP Attack? Exploiting the interaction characteristics of UDP and TCP, attackers use botnets to send large numbers of various TCP connection packets or UDP packets to exhaust the bandwidth resources of target servers. As a result, the servers become low in processing capability and fail to work properly. 1.6 What Is a Black Hole? A black hole refers to a period of time when external communication to an attacked server is limited. When your server is under a massive-traffic attack, will trigger a carrier's black hole, that is, traffic is discarded on the carrier side and external access requests to the server are blocked, to relieve the traffic pressure on the equipment room. When the attack stops, as detected by the system, the black hole is removed automatically. Because carriers have strict limits on the removal time and frequency of black holes, black holes cannot be manually removed and you have to wait for the system to remove them automatically. 1.7 What Is the Million-level IP Address Blacklist Database? The million-level IP address blacklist database refers to the database of millions of malicious IP addresses collected by experts in the past years. When users' services are attacked by these IP addresses, responds to those attacks first to defend your servers in a timely manner. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 2
6 2.1 What Restrictions Does Have? cleans up to 5 Gbit/s traffic. automatically limits traffic exceeding 5 Gbit/s. Therefore, loss of normal access traffic can occur. For an application with normal service traffic larger than 5 Gbit/s, you are advised to purchase the Advanced service on HUAWEI CLOUD to improve the defense capacity. 2.2 What Services Can I Use In? supports traffic cleaning only for ECSs, ELB instances, and BMSs on HUAWEI CLOUD. 2.3 How Do I Use? works automatically after you enable defense for IP addresses. Step 1 Log in to the management console. Step 2 Click in the upper left corner of the management console and select the region and project. Step 3 Step 4 Choose Security >. The service management page is displayed. On the Instance List page, enable for the desired instance IP address. Enabling for multiple IP addresses Click the Enable for All Instances button for all instance IP addresses that are not protected. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 3
7 Enabling for one IP address a. In the row containing the desired IP address, click Enable. b. Click OK in the displayed dialog box. ----End 2.4 What Kinds of Attacks Does Defend Against? helps users cope with traffic attacks with ease. It can precisely identify connection exhaustion and slow-connection attacks and can help users defend against the following attacks: Web server attacks Such as SYN flood, HTTP flood, Challenge Collapsar (CC), and slow-connection attacks Game attacks Such as User Datagram Protocol (UDP) flood, SYN flood, Transmission Control Protocol (TCP), and fragment attacks HTTPS server attacks Such as SSL DoS and DDoS attacks DNS server attacks Such as attacks targeted at vulnerabilities in the Domain Name Server (DNS) protocol stack, DNS reflection attacks, DNS flood attacks, and DNS cache-miss attacks 2.5 Will I Be Promptly Notified When an Attack Is Detected? Yes, if you enable alarm notification. On the console, click the Alarm Notification tab to enable the alarm notification function, which enables you to receive alarms (by SMS or ) if a DDoS attack is detected. 2.6 What Service Can I Use When My Service Traffic Is Larger Than the Defense Limit? For traffic exceeding 5 Gbit/s, use Advanced on HUAWEI CLOUD, which provides larger protection bandwidth and higher reliability than. Advanced can defend against various large-traffic attacks, so that your services can run stably against DDoS threats from the black market, malicious competitors, and hackers. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 4
8 2.7 What Should I Do If My Service Is Frequently Attacked? In addition to using, you can perform the following actions to improve network security: Install system patches in a timely manner. Regularly back up important system information (such as system configuration). Set complicated passwords for accounts that have high privileges (such as administrator accounts) to reduce risks of being attacked. Regularly check the physical environment of your system and disable unnecessary network services. Make and improve border protection policies to defend against threats from outside your network. Regularly check your system configuration and check daily security logs to discover and handle security risks promptly. Use security devices (such as firewalls) to enhance your network security. Configure security rules on those devices to filter fake data packets. Require your network service provider to control routing access and limit the overall bandwidth. 2.8 What Is the Difference Between ELB Defense and EIP Defense? EIP defense indicates defense for EIPs bound to ECSs or BMSs. ELB defense indicates defense for EIPs bound to ELB instances. To, they are both defense for EIPs against DDoS attacks. 2.9 What Is the Maximum Protection Bandwidth for Regions in China? The maximum defense capability for one instance IP address (EIP) is 5 Gbit/s. The maximum defense capability is 5 Gbit/s for all regions in China Why Is the Number of Times of Cleaning Different from the Number of Attacks for the Same Instance IP Address? Cleaning is triggered automatically when an attack is detected on an IP address. The cleaning lasts for a while. (Only attack traffic is cleaned, and users' services will not be affected.) If, during the cleaning, another attack is detected on the same IP address, the attack will be cleaned together with the previous attack. Consequently, the number of attacks increases by one while the number of times of cleaning does not. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 5
9 2.11 Is Enabled by Default? Yes. The default protection policy is used. To modify this setting, see Configuring an Anti- DDoS Protection Policy. NOTE Once enabled, cannot be disabled. If it is not needed temporarily, perform How Do I Temporarily Disable? Is the Free Protection Capability of 5 Gbit/s for a Region or a Single IP Address? A single IP address Will a Black Hole Be Triggered for My Business According to the Displayed Black Hole Threshold? Currently, the black hole threshold, duration, and security reputation score displayed are only for demonstration purposes. Your business will not be dragged into a black hole based on the displayed threshold, which means you still get a free protection bandwidth of 5 Gbit/s How Do I Temporarily Disable? Procedure You can set the traffic cleaning threshold to 1000 Mbit/s, a value so large that your IP address instances get almost no protection from. NOTE This value is suitable for temporary disabling of protection for commissioning or other special purposes. You are advised not to use it for a long time. Step 1 Log in to the management console. Step 2 Click in the upper left corner of the management console and select the region and project. Step 3 Step 4 Choose Security >. The service management page is displayed. In the instance list, locate the desired instance and click Settings in the Operation column. Step 5 In the dialog box that is displayed, set Protection Settings to Manual and Traffic Cleaning Threshold to 1,000 Mbps. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 6
10 Step 6 Click OK. ----End 2.15 Do I Need to Clear the Resources of When I Deregister an Account? No. does not consume your resources. This service is enabled by default at no additional charge. Therefore you do not need to clear the resources upon deregistration. Issue 11 ( ) Copyright Huawei Technologies Co., Ltd. 7
Anti-DDoS. User Guide (Paris) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2018-08-15 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationAnti-DDoS. User Guide. Issue 05 Date
Issue 05 Date 2017-02-08 Contents Contents 1 Introduction... 1 1.1 Functions... 1 1.2 Application Scenarios...1 1.3 Accessing and Using Anti-DDoS... 2 1.3.1 How to Access Anti-DDoS...2 1.3.2 How to Use
More informationAdvanced Anti-DDoS. User Guide. Issue 17 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 17 Date 2018-08-13 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationElastic Load Balance. User Guide. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2018-04-30 HUAWEI TECHNOLOGIES CO., LTD. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationDatabase Security Service. FAQs. Issue 19 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 19 Date 2019-04-08 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationCDN. Product Description. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 03 Date 2018-08-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationVirtual Private Cloud. User Guide. Issue 21 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 21 Date 2018-09-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationVulnerability Scan Service. User Guide. Issue 20 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 20 Date 2018-08-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationDatabase Security Service. Service Overview. Issue 16 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 16 Date 2019-03-08 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationLive Streaming Accelerator. Quick Start. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 03 Date 2018-08-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationDomain Name Service. Product Description. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 03 Date 2018-08-15 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationAD SSO Technical White Paper
Issue V1.0 Date 2017-02-28 Huawei Technologies Co., Ltd. 2017. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationHuawei esight LogCenter Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 1.0. Date PUBLIC
Huawei esight LogCenter Technical White Paper Issue 1.0 Date 2013-12-03 PUBLIC HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationEudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.
Eudemon 1000E Eudemon 1000E Series Product Quick Reference Huawei Technologies Co., Ltd. Eudemon 1000E The Eudemon 1000E series product is a new generation security gateway of multiple functions, which
More informationHUAWEI AR Series SEP Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 1.0. Date
HUAWEI AR Series SEP Technical White Paper Issue 1.0 Date 2015-01-19 HUAWEI TECHNOLOGIES CO., LTD. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by
More informationAttack Prevention Technology White Paper
Attack Prevention Technology White Paper Keywords: Attack prevention, denial of service Abstract: This document introduces the common network attacks and the corresponding prevention measures, and describes
More informationElastic Load Balance. User Guide. Issue 14 Date
Issue 14 Date 2018-02-28 Contents Contents 1 Overview... 1 1.1 Basic Concepts... 1 1.1.1 Elastic Load Balance... 1 1.1.2 Public Network Load Balancer...1 1.1.3 Private Network Load Balancer... 2 1.1.4
More informationesight V300R001C10 SLA Technical White Paper Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
V300R001C10 Issue 01 Date 2013-12-10 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written
More informationHUAWEI Secospace USG Series User Management and Control White Paper
Doc. code HUAWEI Secospace USG Series User Management and Control White Paper Issue 1.0 Date 2014-03-27 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved.
More informationElastic Load Balancing. User Guide. Date
Date 2018-07-20 Contents Contents 1 Product Description... 4 1.1 What Is Elastic Load Balancing (ELB)?... 4 1.2 Load Balancer Type... 4 1.3 Basic Architecture... 5 1.3.1 Classic Load Balancer... 5 1.3.2
More informationOceanStor 9000 InfiniBand Technical White Paper. Issue V1.01 Date HUAWEI TECHNOLOGIES CO., LTD.
OceanStor 9000 Issue V1.01 Date 2014-03-29 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2014. All rights reserved. No part of this document may be reproduced or transmitted in
More informationDomain Name Service. FAQs. Issue 07 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 07 Date 2019-03-05 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationesdk Storage Plugins 1.0.RC4 Compilation Guide 01(vRO) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
1.0.RC4 Issue 01 Date 2017-04-06 HUAWEI TECHNOLOGIES CO., LTD. 2017. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationCloudflare Advanced DDoS Protection
Cloudflare Advanced DDoS Protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationObject Storage Service. Client Guide (OBS Browser) Issue 02 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 02 Date 2018-01-17 HUAWEI TECHNOLOGIES CO., LTD. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationNIP6000 Next-Generation Intrusion Prevention System
NIP6000 Next-Generation Intrusion Prevention System Thanks to the development of the cloud and mobile computing technologies, many enterprises currently allow their employees to use smart devices, such
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 8 Denial of Service First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Denial of Service denial of service (DoS) an action
More informationChapter 10: Denial-of-Services
Chapter 10: Denial-of-Services Technology Brief This chapter, "Denial-of-Service" is focused on DoS and Distributed Denial-of-Service (DDOS) attacks. This chapter will cover understanding of different
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationSecBlade Firewall Cards Attack Protection Configuration Example
SecBlade Firewall Cards Attack Protection Configuration Example Keywords: Attack protection, scanning, blacklist Abstract: This document describes the attack protection functions of the SecBlade firewall
More informationHG531 V1 300Mbps Wireless ADSL2+ Router Product Description. Issue _01 HUAWEI TECHNOLOGIES CO., LTD.
HG531 V1 300Mbps Wireless ADSL2+ Router Issue 203275_01 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2013. All rights reserved. No part of this document may be reproduced or transmitted
More informationOperation Guide for Security NEs Management
imanager U2000 Unified Network Management System V100R002C01 Operation Guide for Security NEs Management Issue 03 Date 2010-11-19 HUAWEI TECHNOLOGIES CO., LTD. 2010. All rights reserved. No part of this
More informationThird-Party Client (s3fs) User Guide
Issue 02 Date 2017-09-28 HUAWEI TECHNOLOGIES CO., LTD. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationChapter 7. Denial of Service Attacks
Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),
More informationDDoS Testing with XM-2G. Step by Step Guide
DDoS Testing with XM-G Step by Step Guide DDoS DEFINED Distributed Denial of Service (DDoS) Multiple compromised systems usually infected with a Trojan are used to target a single system causing a Denial
More informationSYN Flood Attack Protection Technology White Paper
Flood Attack Protection Technology White Paper Flood Attack Protection Technology White Paper Keywords: flood, Cookie, Safe Reset Abstract: This document describes the technologies and measures provided
More informationSAP HANA. HA and DR Guide. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 03 Date 2018-05-23 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationThird-Party Client (s3fs) User Guide
Issue 02 Date 2017-09-28 HUAWEI TECHNOLOGIES CO., LTD. 2017. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 1 1ST QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2017 4 DDoS
More informationImma Chargin Mah Lazer
Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types
More informationespace SoftConsole V200R001C02 Product Description HUAWEI TECHNOLOGIES CO., LTD. Issue 01 Date
espace SoftConsole V200R001C02 Issue 01 Date 2012-07-10 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationCopyright Huawei Technologies Co., Ltd All rights reserved. Trademark Notice General Disclaimer
Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies
More informationHuawei FusionCloud Desktop Solution 5.1 Resource Reuse Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01.
Huawei FusionCloud Desktop Solution 5.1 Resource Reuse Technical White Paper Issue 01 Date 2014-03-26 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced
More informationDetecting Specific Threats
The following topics explain how to use preprocessors in a network analysis policy to detect specific threats: Introduction to Specific Threat Detection, page 1 Back Orifice Detection, page 1 Portscan
More informationConfiguring Flood Protection
Configuring Flood Protection NOTE: Control Plane flood protection is located on the Firewall Settings > Advanced Settings page. TIP: You must click Accept to activate any settings you select. The Firewall
More informationEnergy Saving Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date
Energy Saving Technology White Paper Issue 01 Date 2012-08-13 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means
More informationHUAWEI OceanStor Enterprise Unified Storage System. HyperReplication Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
HUAWEI OceanStor Enterprise Unified Storage System HyperReplication Technical White Paper Issue 01 Date 2014-03-20 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may
More informationS Series Switch. Cisco HSRP Replacement. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
Cisco HSRP Replacement Issue 01 Date 2013-08-05 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior
More informationObject Storage Service. Client Guide (OBS Browser) Issue 10 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 10 Date 2018-07-15 HUAWEI TECHNOLOGIES CO., LTD. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationTDC DoS Protection Service Description and Special Terms
TDC DoS Protection Service Description and Special Terms Table of contents 1 Purpose of this Product-Specific Appendix... 3 2 Service description... 3 2.1 Attack detection... 3 2.1.1 Managed Objects...
More informationTechnical Specifications
Technical Specifications Processor Quad-core CPU, Quad-core GPU, 11000DMIPS Video Decoding 4K H.265@P30 ultra HD decoding, 1080p full HD coding Operating System Android 4.4 RAM RAM 1G Interface USB 3.0,
More informationTechnical White Paper for NAT Traversal
V300R002 Technical White Paper for NAT Traversal Issue 01 Date 2016-01-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form
More informationBGP/MPLS VPN Technical White Paper
V300R001C10 BGP/MPLS VPN Technical White Paper Issue 01 Date 2013-12-10 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or
More informationH3C SecPath Series Firewalls and UTM Devices
H3C SecPath Series Firewalls and UTM Devices Attack Protection Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: F100 series: ESS 5132 F1000-A-EI: Feature 3722
More informationWorkspace. User Guide (Administrators) Issue 04 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 04 Date 2018-10-12 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationA custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74
Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s
More informationHP High-End Firewalls
HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2650 Software version: F1000-A-EI&F1000-S-EI: R3721 F5000: F3210 F1000-E: F3171 Firewall module: F3171 Document version: 6PW101-20120719
More informationSEP Technology White Paper
Issue 01 Date 2013-05-25 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationImage Recognition. SDK Reference. Issue 09 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 09 Date 2019-01-31 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationCorrigendum 3. Tender Number: 10/ dated
(A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationTable of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1
Table of Contents 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 i 1 Intrusion Detection Statistics Overview Intrusion detection is an important network
More informationMy Account. User Guide. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2018-09-28 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationA (sample) computerized system for publishing the daily currency exchange rates
A (sample) computerized system for publishing the daily currency exchange rates The Treasury Department has constructed a computerized system that publishes the daily exchange rates of the local currency
More informationQuidway S5700 Series Ethernet Switches V100R006C01. Configuration Guide - Ethernet. Issue 02 Date HUAWEI TECHNOLOGIES CO., LTD.
V100R006C01 Issue 02 Date 2011-11-21 HUAWEI TECHNOLOGIES CO., LTD. 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written
More informationHuawei OceanStor ReplicationDirector Software Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date
Huawei OceanStor Software Issue 01 Date 2015-01-17 HUAWEI TECHNOLOGIES CO., LTD. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationObject Storage Service. Product Introduction. Issue 04 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 04 Date 2017-12-20 HUAWEI TECHNOLOGIES CO., LTD. 2017. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationHuawei Cloud Fabric Data Center Security and Application Optimization Solution
Huawei Cloud Fabric Data Center and Application Highly Secure s and High-Performance, High-Efficiency Networks Emerging new technologies such as cloud computing, Big Data, and virtualization drive data
More informationHuawei MZ110 NIC V100R001. White Paper. Issue 07 Date HUAWEI TECHNOLOGIES CO., LTD.
V100R001 Issue 07 Date 2016-11-21 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent
More informationAgile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
V100R002C10 Permission Control Technical White Paper Issue 01 Date 2016-04-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form
More informationHP Load Balancing Module
HP Load Balancing Module Security Configuration Guide Part number: 5998-2686 Document version: 6PW101-20120217 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part
More informationGrandstream Networks, Inc. UCM6100 Security Manual
Grandstream Networks, Inc. UCM6100 Security Manual Index Table of Contents OVERVIEW... 3 WEB UI ACCESS... 4 UCM6100 HTTP SERVER ACCESS... 4 PROTOCOL TYPE... 4 USER LOGIN... 4 LOGIN TIMEOUT... 5 TWO-LEVEL
More informationAdditional Security Services on AWS
Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer
More informationWorkspace. User Guide (Administrators) Issue 19 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 19 Date 2018-10-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationDoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action
DoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action 1 Table of Content Preamble...3 About Radware s DefensePro... 3 About Radware s Emergency Response
More informationhaltdos - Web Application Firewall
haltdos - DATASHEET Delivering best-in-class protection for modern enterprise Protect your website against OWASP top-10 & Zero-day vulnerabilities, DDoS attacks, and more... Complete Attack Protection
More informationAPT Protection.
Sangfor NGAF v7.4 Professional APT Protection tech.support@sangfor.com www.sangfor.com What is APT Gartner: Defining Advanced Persistent Threats Page 2 What is APT SANGFOR: APT is Not An Attack, But a
More informationWorkspace. User Guide (Administrators) Issue 18 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 18 Date 2018-08-17 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationH3C S10500 Attack Protection Configuration Examples
H3C S10500 Attack Protection Configuration Examples Copyright 2015 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any
More informationData Sheet. DPtech Anti-DDoS Series. Overview. Series
Data Sheet DPtech Anti-DDoS Series DPtech Anti-DDoS Series Overview DoS (Denial of Service) leverage various service requests to exhaust victims system resources, causing the victim to deny service to
More informationUser s Manual. How to configure and use FortGuard Professional Anti-DDoS Firewall
Anti-DDoS Firewall User s Manual How to configure and use FortGuard Professional Anti-DDoS Firewall Copyright 2003-2009 FortGuard Software Technology Co., Ltd. http://www.fortguard.com Regarding Installation
More informationEnterprise D/DoS Mitigation Solution offering
Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationsnoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection
Snoc DDoS Protection Fast Secure Cost effective sales@.co.th www..co.th securenoc Introduction Snoc 3.0 Snoc DDoS Protection provides organizations with comprehensive protection against the most challenging
More informationHUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date
HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN Issue 1.1 Date 2014-03-14 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or
More informationHuawei FusionSphere 6.0 Technical White Paper on OpenStack Integrating FusionCompute HUAWEI TECHNOLOGIES CO., LTD. Issue 01.
Technical White Paper on OpenStack Integrating Issue 01 Date 2016-04-30 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or
More informationCheck Point DDoS Protector Introduction
Check Point DDoS Protector Introduction Petr Kadrmas SE Eastern Europe pkadrmas@checkpoint.com Agenda 1 (D)DoS Trends 2 3 4 DDoS Protector Overview Protections in Details Summary 2 (D)DoS Attack Methods
More informationWHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks
WHITE PAPER 2017 DDoS of Things SURVIVAL GUIDE Proven DDoS Defense in the New Era of 1 Tbps Attacks Table of Contents Cyclical Threat Trends...3 Where Threat Actors Target Your Business...4 Network Layer
More informationMPLS OAM Technology White Paper
MPLS OAM Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationExit from Hell? Reducing the Impact of Amplification DDoS Attacks Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz
Exit from Hell? Reducing the Impact of Amplification DDoS Attacks Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz Presented By : Richie Noble Distributed Denial-of-Service (DDoS) Attacks
More informationHerding Cats. Carl Brothers, F5 Field Systems Engineer
Herding Cats Carl Brothers, F5 Field Systems Engineer Agenda Introductions Security is easy, right Trivia Protecting your apps, one layer at a time How to survive an Attack Time permitting F5 Networks,
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and
More informationUSG2110 Unified Security Gateways
USG2110 Unified Security Gateways The USG2110 series is Huawei's unified security gateway developed to meet the network security needs of various organizations including the small enterprises, branch offices,
More informationCustomer Support: For more information or support, please visit or at Product Release Information...
Product Release Information Product: Cyberoam Release Number: 9.3.0 build 5 Release Date: 19th July 2006 Compatible versions: 9.2.0 build 2 Upgrade Mode: Manual 1 Important note Upgrade removes all the
More informationSam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF
Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF Who am I? Sam Pickles Senior Engineer for F5 Networks WAF Specialist and general security type Why am I here? We get to see the pointy end of a lot of
More information