Enterprise D/DoS Mitigation Solution offering

Similar documents
THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

Arbor White Paper Keeping the Lights On

DDoS MITIGATION BEST PRACTICES

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

IBM Cloud Internet Services: Optimizing security to protect your web applications

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

Comprehensive datacenter protection

CYBER RESILIENCE & INCIDENT RESPONSE

haltdos - Web Application Firewall

AKAMAI CLOUD SECURITY SOLUTIONS

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses

Neustar Security Solutions Overview

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

DoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action

The Interactive Guide to Protecting Your Election Website

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

Cyber-Threats and Countermeasures in Financial Sector

HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL

Are we breached? Deloitte's Cyber Threat Hunting

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

PULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc

Imperva Incapsula Website Security

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks

DIGITAL TRUST Making digital work by making digital secure

Arbor Solution Brief Arbor Cloud for Enterprises

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks

Combating Cyber Risk in the Supply Chain

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

Imperva Incapsula Product Overview

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

Multi-vector DDOS Attacks

Security for SIP-based VoIP Communications Solutions

locuz.com SOC Services

A GUIDE TO DDoS PROTECTION

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Real-time Communications Security and SDN

to Enhance Your Cyber Security Needs

Accelerate Your Enterprise Private Cloud Initiative

DELIVERING SIMPLIFIED CYBER SECURITY JOURNEYS

External Supplier Control Obligations. Cyber Security

10 FOCUS AREAS FOR BREACH PREVENTION

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

NEXT GENERATION SECURITY OPERATIONS CENTER

SECURITY SERVICES SECURITY

align security instill confidence

Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Key Considerations in Choosing a Web Application Firewall

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

ddos-guard.net Protecting your business DDoS-GUARD: Distributed protection against distributed attacks

CYBER SECURITY AND MITIGATING RISKS

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Deploying a Next-Generation IPS Infrastructure

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

Herding Cats. Carl Brothers, F5 Field Systems Engineer

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

A Guide to Ensuring Security and Resiliency

Dr. Stephanie Carter CISM, CISSP, CISA

Sharing What Matters. Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data

Deploying a Next-Generation IPS Infrastructure

Protect Your End-of-Life Windows Server 2003 Operating System

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

CyberArk Privileged Threat Analytics

Cloudflare Advanced DDoS Protection

DDoS: Coordinated Attacks Analysis

Think You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help.

I D C T E C H N O L O G Y S P O T L I G H T

Protect Your End-of-Life Windows Server 2003 Operating System

Contents. Background. Use Cases. Product Introduction. Product Value

Downtime by DDoS: Taking an Integrated Multi-Layered Approach. Arbor Solution Brief

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016

Cyber Espionage A proactive approach to cyber security

Intelligent and Secure Network

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

F5 Warsaw SOC. Kamil Woniak. Security Operations Manager, F5 Networks

Comprehensive DDoS Attack Protection: Cloud-based, Enterprise Grade Mitigation F5 Silverline

Vulnerability Assessments and Penetration Testing

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

Practical Guide to Choosing a DDoS Mitigation Service WHITEPAPER

Transcription:

Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution minimizes risks, ensure regulatory compliance, manage security operations and proactively protect critical information against emerging threats. ESRM offers a full spectrum of services and solutions in the enterprise security value chain. They are: Managed Security Services (MSS) Governance Risk and Compliance (GRC) Enterprise Vulnerability Management (EVM) Identity and Access management (IAM) Information Protection Figure 1: TCS ESRM Security solutions spectrum Context and Definitions In today s World of Business, Cyber attacks have become unavoidable part of life. The more Businesses are trying to reach out to their customers abolishing physical boundaries by making their presence online, the more rise of cyber attacks are seen. One of the most common types of cyber threat is denial of service (DoS). As the name implies dos attacks prevents the legitimate entities from accessing the websites and other online resources; and the underlying infrastructure. Another flavour of DoS attacks is to exploit vulnerabilities in application and communication protocols (aka protocol abuse). A typical dos attack last for days, weeks or even months in some cases. The larger the duration of the dos attack the extreme destruction to the organization.

Successful denial of service attacks could result in interruption of business services, reputational damage, customer dissatisfaction and potential regulatory interests or fines. Impact of the dos attacks could be different for different organizations i.e. if the target is financial industry then the intention may not be only limited to bring the services down but it could be extended to stealing the valuable data, intellectual property or financial fraudulent activities. DoS vs DDoS It is pertinent to note the difference between DoS and Distributed DoS. Both have unique ways of attacking target system. In DoS attack scenario, attacker uses a single system and a single internet connection. In majority of the cases the purpose of DoS attack is to exploit the vulnerability in the application resulting malfunction of the application or generate low and slow attacks to consume the resources of the target systems with malicious (half open) requests. DoS attacks are launched using in-house developed scripts or DoS tools (LOIC). In distributed DoS attack scenario, attacker uses multiple systems to launch attacks on target system. These (compromised) systems are distributed across internet. The main intention behind the distributed DoS attacks is to target network infrastructure to saturate it with tremendous volume of traffic. DDoS attacks are generally launched using botnets. D/DoS Attack Types There is various D/DoS attack vectors exist at different OSI layers. Those are shown below in graphical way for ease of understanding.

D/DoS Attacks Legends Volumetric attacks Low and slow attacks Figure 2: Layer 3 to Layer 7 D/DoS attack types D/DoS Mitigation Methodology TCS ESRM Approach TCS ESRM experienced Architects have developed a unique methodology D-I-D-R-A - which helps organization building a strong security posture to combat with D/DoS attacks. This is proven methodology which is used across the verticals and in various instances from small to large scale organizations not only to prepare them for any D/DoS attacks but also to deal if the organization is under attack. ESRM Architects are heavily experienced in designing and implementing end-to-end D/DoS mitigation solutions. The methodology explained below is leveraged on the experience gathered from various projects and is fit for any size of organization in any domain. The methodology discussed below is preventive in nature and help organization building a robust security posture to mitigate against the DoS and DDoS attacks. Every organization has different Business goals, different set of assets containing various nature of information carrying different level of data sensitivity labels. Hence the

approach for designing the protection mechanism of this information and assets must be a well thought exercise. For example, in financial organization, there are some Critical Business Process applications for which the Confidentiality and Availability is a key factor. Any impact on these applications not only results in causing organizations facing financial losses but also the reputational damages and legal fines. The fact that an organization cannot stop DDoS attacks. Cyber criminals are always on the hunt for their victims. The survival of the organization depends on how robust the proactive and reactive security posture of the organization is to combat against the D/DoS attacks. The better the security posture the minimum the impact is. This security posture is built using defence-in-depth approach. In defence-in-depth approach every component in end to end journey is utilized in optimum way to provide best possible protection against all kinds of internal and external threats. In case of D/DoS, generally below components provides best possible mitigation: NIPS Network Intrusion Prevention Systems (layer 3 and 4 attacks) Firewalls (layer 3, 4 and 7 based on the features available and enabled) Loadbalancers with inbuilt module/policies (layer 3 and 4 attacks) Solution to protect against DNS DDoS attacks (layer 5 attacks) WAF Web Application Firewalls (layer 7 attacks) Figure 3: ESRM D/DoS mitigation methodology 1

Figure 4: ESRM D/DoS mitigation methodology 2 Below is the security controls strongly proposed by ESRM Architects to defend against network layer (volumetric) DDoS attacks. Network Attacks Mitigation Packet Velocity Accelerator Full Proxy Architecture Protocol Validation SYN Flood Fully Session Aware Protect against SYN Flood type attacks Malformed Data Asymmetri c Attack SYN Proxy Defence SYN Cache and SYN Cookies Figure 5: ESRM recommended network layer DoS attacks mitigation controls

D/DoS Security Roadmap The diagram below helps demonstrating the D/DoS mitigation security roadmap for organization benefitted from TCS ESRM DDoS mitigation methodology. Conclusion Figure 6: as-is to to-be D/DoS mitigation posture The fact is D/DoS attacks cannot be prevented. Cybercriminals are across the globe. Organization must build a strong proactive and reactive security solution posture so that the impact of the D/DoS attacks can be minimum. TCS ESRM Architects has vase experience in designing and deploying robust security solutions which helps customers coping up denial of service attack. Recently, Architects designed layer 7 DoS solution and helped improving layer 3 and 4 DDoS solution for UK s one of the largest financial organizations. The organization has benefitted reducing the risk profile and thus gaining its customer confidence. While designing the D/DoS mitigation solution there are number of things Architects must be careful to ensure that the solutions gives the expected outcome. For example, while choosing cloud based D/DoS mitigation solution, Architect must be careful what DDoS and WAF controls to be configured, what caching policies to be configured,

what contents to be cached in cloud. Failure to do so result not only in impacting business and IT users but may also result in financial, reputational and regulatory impact. Authored by Prashant Jagdish Joshi TCS Enterprise Security and Risk Management

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback