Cisco Firepower with Radware DDoS Mitigation Business Decision Maker Presentation Eric Grubel VP Business development, Radware February 2017
DDoS in the news French hosting firm flooded with 1 Tbps traffic largest attack ever
Global Trends in Threats & Attacks Cyber ransom #1 motivation Especially in Europe 39% suffered an SSL-based attack 10% increase from 2015 Increased attacks on governments & financials Politically affiliated cyber protests and year-long campaigns against financial orgs Availability & data are the top business concerns These are, the main targets of hackers, too IoT botnets open the 1Tbps Floodgates 50% of orgs feel IoT increases attack surface 3
Example: application DDoS attack Situation: Bots, posing as buyers, reserve all available seats, never completing reservations Bookings stop, exposing the attack Target: Major US Airline Solution: Radware s behavioral DDoS detection technology is brought on-line It successfully filters and blocks the dynamic IP attack 4
Monumental Volumetric Attack on Dyn DNS 6% of Fortune 500 companies; Amazon, Netflix, Twitter, CNN, Spotify and more were unreachable Insecure IoT devices enslaved by Mirai malware became a massive botnet Massive distinct IP addresses made traditional mitigation techniques ineffective
DDoS attacks are often multi-faceted Low & Slow DoS attacks (e.g. Slowloris) Large volume network flood attacks HTTP Floods SSL Floods App Misuse Network Scan Syn Floods IPS/IDS Internet Pipe Firewall Applications Under Attack SQL Server Cloud DDoS Protection DDoS Protection Behavioral Analysis IPS SSL protection 6
a hybrid in-line & cloud mitigation strategy is required Where DDoS Strikes: 36% Internet Pipe 26% Firewall 10% IDS/IPS 3% Load Balancer 28% Server Under Attack 2% SQL Server Cloud DDoS Protection Cloud: For volumetric DDoS attack mitigation In-Line: In-Line DDoS Protection For network and application mitigation
Cisco transforms security service integration Integrated Radware Virtual DefensePro (vdp) in-line DDoS mitigates attacks Available on Cisco Firepower 4100 Series and Firepower 9300 platforms Lower latency than a stand-alone DDoS solution Consolidation with simplified support and procurement Key: Cisco Service Data Packet 1001 000101 111000 101110 URL DDoS SSL FW NGIPS AMP Filtering 3 rd Party Service Unified Threat Platform with Integrated Security Maximum Protection Low Latency Scalable processing
Always-on Radware DDoS mitigation Always-On Protection Behavioral Analysis Technology Detect and Mitigate within Seconds 24x7 Emergency Response Team Immediate in-line protection Protect against 0-day, 0-min attacks Transfer signatures to cloud scrubber On-call experts let you focus on business Low latency Low false positives Automated mitigation You re not alone
Enterprise use case: in-line & cloud mitigation Internet Perimeter Data Center Volumetric attack mitigation with any cloud-based DDoS solution No protection gap with Radware Defense Messaging Firepower 9300 Solution highlights: Network and Application DDoS mitigation Most accurate (low false positives) detection & mitigation Shortest mitigation time ADC Unified Communications CRM BI Web Portals Mail 10
Next steps 1 2 3 Learn more about what Radware Virtual DefensePro on Cisco Firepower can do for you Schedule a demo today for a hands-on experience Do a Proof of Value (POV) and see how we can improve your network resiliency and threat defense