Transcript First Line of Defense

Corero Network Security
First Line of Defense Introduction
© 2014 Corero
www.corero.com
Who is Corero Network Security?
HQ
500+
First Line of Defense®
Hudson, MA, USA
Publicly traded CNS:LN
active customers across
many verticals world-wide
against DDoS attacks
and cyber threats
Corero products and services
PROTECT AND OPTIMIZE your critical infrastructure and online services
HOSTING PROVIDERS
& DATA CENTERS
2
SERVICE PROVIDERS
© 2014 Corero
www.corero.com
ENTERPRISE
Businesses need protection from the Internet
With a first line of defense that:
3
PREVENTS
ASSURES
PROVIDES
EXTENDS
network/service
outages by blocking
attacks in real time
customers can
access online
services
insight into attacks
and evolving threats
the effective life of
your existing
security investments
© 2014 Corero
www.corero.com
DDoS Attacks, 2013-2014
Total Attack Bandwidth Gbps
Data shown represents the top ~2% of reported attacks
DEC 31 2013
AUG 9
2013
400
MAR 29 2014
MAJOR HOSTING
SITES
300
200
100
JUN 1
JUL 1
JUNE 21 2013
AUG 1
SEP 1
OCT 1
NOV 1
DEC 1
JAN 1
2014
FEB 1
MAR 1
APR 1
MAR 17 2014
DEC 4
2013
MAY 1
JUN 1
JUNE 23 2014
HONG KONG
VOTING SITES
€700K
86
20%
€8K
minutes of
is an
per
data
average
per
minute
center
incident
of
isdowntime
the
data
isaverage
the
center
downtime
is caused
due
costaverage
to
of DDoS
by
thisa downtime
cost
DDoS
attacks
ofattack
a DDoS outage
4
© 2014 Corero
JUL 1
www.corero.com
Source: Network Computing/Ponemon Institute
Source: Digital Attack Map - DDoS attacks around the globe
Advanced DDoS/Cyber
Threat Protection
Next Generation
Architecture
5
Comprehensive
Visibility
© 2014 Corero
www.corero.com
Next Generation Architecture
Industry Leading DDoS Protection and Performance
DO-NO-HARM
PROTECTION
6
MODULAR AND
SCALABLE
PURPOSE-BUILT
MULTI-CORE PLATFORM
© 2014 Corero
www.corero.com
AUTOMATED
PROVISIONING
NFV/SDN AND
CLOUD READY
Advanced DDoS/Cyber Threat Protection
FLEXIBLE
POLICY CONTROLS
PRECISE
ENFORCEMENT
INFRASTRUCTURE
PROTECTION
 Inspect / Analyze /
Respond / Mitigate
 Multiple Protection
Groups
 IP Reputation
/Whitelists / Blacklists
 Configurable Rate Limits
 Do No Harm Philosophy
 Volumetric DDoS attack
mitigation
 Reflective / Amplification
DDoS attack mitigation
 Application Layer DDoS
attack mitigation
 Protect firewalls, IPSs,
routers, switches,
servers
 Bandwidth Optimization
 Service Availability
/Optimization
7
© 2014 Corero
www.corero.com
Corero First Line of Defense
ATTACKS & TECHNIQUES
Network Level
DDoS
Reflective Amplified
DDoS
Fragmented Packet
DDoS
Application Layer
DDoS
Specially Crafted
Packet
SYN, TCP, UDP, ICMP
Floods
DNS, NTP, SNMP,
QOTD Floods
Overlapping,
Missing, Too Many
Low and Slow, App
Scripts
Stack, Protocol,
Buffer
THREAT LANDSCAPE
CORERO FIRST LINE OF DEFENSE
Traditional Border
Infrastructure
Critical Network
Services
Other Security
Technologies
Online Business
Integrity
Total System
Failures
Investment
Productivity
Public Image
Lines of Business
Escalating Costs
PROTECTION
8
© 2014 Corero
www.corero.com
Comprehensive Visibility
REAL-TIME SECURITY
EVENT VISUALIZATION
9
ADVANCED SYSLOG
EVENT DATA
BUILT-IN REPORTS &
CUSTOM QUERY
CAPABILITIES
© 2014 Corero
www.corero.com
ARCHIVED EVENT &
PACKET CAPTURE
ANALYTICS, REPORTING
AND FORENSICS
Comprehensive Visibility
Corero First Line of Defense®
Security
Events
Threat
Intelligence
System Health
Data
Forensics
Data
VALUABLE RAW DATA
Powerful
Analytics Engine
Virtual
SOC Portal
10:00 PM
ACTIONABLE SECURITY ANALYTICS & VISUALIZATION
Real-time Dashboards
Historical Reporting
Behavioral Analysis
Powered by
10
© 2014 Corero
www.corero.com
Forensic Analysis
Network
Statistics
Network & Security Level Visibility






Bandwidth
Flows & Setups
Packets
Security Events
Blocked Clients
Targeted Servers & Ports
INSTANTANEOUS attack VISIBILITY and
HISTORICAL view into your environment
11
© 2014 Corero
www.corero.com
Corero SecureWatch® Analytics Portal
Corero SecureWatch Analytics App
DASHBOARD 1
DASHBOARD 2
DASHBOARD 5
DASHBOARD 3
DASHBOARD 4
DASHBOARD 6
Corero Customer
CORERO CUSTOMERS CAN
VIEW DASHBOARDS OF
THEIR OWN DATA
Corero Secure
Operations Center
CORERO SOC CAN
REMOTELY ASSIST
CUSTOMERS AND PARTERS
Corero Partner
CORERO PARTNERS CAN
VIEW DASHBOARDS OF
CUSTOMERS THEY MANAGE
Site A
12
Internet
© 2014 Corero
www.corero.com
Site B
First Line of Defense Applications
In the Cloud
On Premises
Service providers, IT hosting and Cloud providers
Enterprises – financial services, e-commerce providers,
gaming, education
Internet
> 10 Gbps
IPS/APT
SP
SLB/ADC
WAF
< 5Gbps
8
© 2014 Corero
www.corero.com
Protected Critical
Infrastructure
and Services
Corero First Line of Defense Product Family
DDoS Defense
System (DDS)
SmartWall® Threat
Defense System (TDS)
 Large Enterprise, Service/Hosting Providers
 On Premises or Cloud deployments
 Protection in modular increments of 10 Gbps
 Small to medium sized Enterprises
 On Premises deployments
 < 2 Gbps performance
KEY COMPONENTS
ADVANCED DDOS & CYBER
THREAT DEFENSE TECHNOLOGY
14
BUILT ON NEXT GENERATION
ARCHITECTURE
© 2014 Corero
www.corero.com
COMPREHENSIVE ATTACK
VISIBILITY & NETWORK FORENSICS
Customer Testimonial: Hosting Provider
PROBLEM:
SOLUTION:
Proactively planning for security needs is one thing,
but this Hosting Company felt the pain of being
unprepared for a DDoS attack. Experiencing 24 hours
of downtime at one point, impacting their customers
and SLA agreements. Initially, they tried to work with
their providers to block IPs to fend off the attack, but
that was totally ineffective. The company was only
able to get out from under the attack by temporarily
redirecting its DNS to an outside filtering company.
Once the attack ended, the Company vowed to
never lose control like that again.
The Company wanted an on premises solution to
control and manage themselves. The Corero First
Line of Defense solution was quickly identified as the
best overall solution. Other products and services
were not or purpose-built for the DDoS challenge.
Multiple solutions were evaluated and none
compared to the advanced DDoS protection and
comprehensive visibility into the network traffic. In
addition to the advanced protection they receive,
the Company plans to offer value-added services
around security based on the Corero reporting
capabilities.
“The most important thing is that Corero protects our customers’ networks and their data. That is critical to our clients, which makes
it critical to us. The second thing is that it helps our security department run more smoothly. We now have we have less unwanted
traffic coming in, allowing us cut our bandwidth costs, and we have a faster network with reduced latency. And not only do we save
money, but the added security that Corero provides helps us generate revenue through new solution offerings.”
- Vice President, Hosting Company
15
© 2014 Corero
www.corero.com
Customer Testimonial: Banking Institution
PROBLEM:
SOLUTION:
This High Profile Wall Street firm experienced
relentless DDoS attacks. The firewall was taking the
brunt of the attack traffic causing overload at 95%
utilization, shutting down all network traffic. It would
re-boot, and traffic would flow for a few minutes,
then grind to a halt again. The attempt at a
resolution was to perform reverse lookups to
attempt to manually block the attacking source IPs.
That was time-consuming, labor intensive and, worst
of all, ineffective, as the firm was hit by 10,000
attackers from almost every country in the world.
The First Line of Defense solution was deployed, and
almost instantly removed the attack traffic from the
equation. The power of the Corero device is in its
design, ease of use and single purpose to provide
the First Line of Defense to proactively stop attacks
while moving legitimate traffic without delay. With
the firewall and other downstream IT security
devices back to functioning as intended, this Wall
Street Financial Institution was quickly back to
delivering online banking services to their
customers.
“The Corero First Line of Defense solution was installed in 45 minutes, and it was like shutting off a water faucet. Hackers stopped,
traffic delays were gone, and the firewall was back down to single digits. System downtime frequently results in lost productivity, lost
revenue, lost customers and lost opportunities. If a system is down, the staff cannot work and goals cannot be accomplished. Since we
now know and understand this, we know we can call on Corero to prevent downtime.”
16
© 2014 Corero
www.corero.com
OPERATIONAL
STRATEGIC
First Line of Defense
Extensible Platform
Actionable Intelligence
Modular and scalable architecture makes your
DDoS protection investment timeless. And it
evolves with industry trends (NFV/SDN) so you
can utilize off-the shelf hardware that best fits
your needs.
Real-time visibility and historical analysis provide
actionable intelligence so you can not only stop
threats today but also be better prepared for
the future.
Infrastructure Optimization
Operational Uptime
Broad protection at all layers protects critical
infrastructure & optimizes its performance.
Service availability protects business integrity,
increases productivity, and reduces costs.
TECHNOLOGY
17
BUSINESS
© 2014 Corero
www.corero.com
NEXT STEPS
Arrange for a proof of concept
Learn more at: www.corero.com
First name, Last name
Email
Phone
Partner contact details
If applicable
18
© 2014 Corero
www.corero.com
Thank You!