Security professionals analyzing network traffic in real time stop distributed denial of service (DDoS) attacks faster than pre-programmed and automated mitigation equipment – and at far less risk to an organization’s bottom line. Find out why.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Man, Machine and DDoS Mitigation: The Case for Human Cyber Security Expertise
1. Man, Machine and DDoS Mitigation
The case for human cyber security expertise
www.prolexic.com
2. Automated DDoS mitigation poses risks
• Distributed denial of service (DDoS) attacks can
overwhelm DDoS appliances
• Today’s DDoS attacks are larger and more complex
than in the past
• Experienced security professionals block DDoS
attacks faster than machines
• Human eyes and creativity are needed to stop
attacks from live attackers
2
www.prolexic.com
3. What is a DDoS attack?
• A DDoS attack tries to make a computer resource
unavailable to its users
• It succeeds by overwhelming the target with data,
requests or both
• Hackers boost their attacks by calling on hoards of
compromised Internet devices
• The zombie devices have fallen under the control
of an attacker through a virus or malware
3
www.prolexic.com
4. It’s important to choose the right DDoS
mitigation strategy
• Outages caused by DDoS attacks are increasing and
damaging to businesses
• As a result, many organization have made big
investments in DDoS mitigation technology
–
–
–
–
Firewalls
Intrusion prevention systems (IPS)
Intrusion detection systems (IDS)
Router appliances
• But often these devices fail to stop DDoS attacks
4
www.prolexic.com
5. It’s cheap to rent a botnet to crash a DDoS
mitigation appliance
• For a few hundred dollars a day anyone can rent a
botnet that can command up to 50,000 computers
• That’s more than enough to take down a very wellprotected Internet-facing asset such as a router,
load balancer or website
5
www.prolexic.com
6. Mitigation appliances are no match for the size
of today’s DDoS attacks
• A local DDoS mitigation appliance can typically stop
less than 10 gigabits per second (Gbps) of attack traffic
• A firewall offered by an ISP can usually handle less
than 20 Gbps
• A cloud-hosting provider can usually handle less than
40 Gbps
• Many of today’s DDoS attacks are too big for these
solutions
– 100 Gbps: Prolexic has blocked multiple attacks of this size
– 179 Gbps: Largest attack mitigated by Prolexic as of
December 2013
6
www.prolexic.com
7. Mitigation appliances are no match for the
complexity of today’s DDoS attacks
• DDoS attacks continue to increase in complexity
• Attacks can target three different areas in one
campaign
– Network layer, described in the Open Systems
Interconnection model (OSI model) as Layer 3
– Transport layer (Layer 4)
– Application layer (Layer 7)
• Layer 7 attacks often look like legitimate traffic
– Even simple application attacks can critically overload
web servers and databases
7
www.prolexic.com
8. All online companies and industries are at risk
– regardless of size
• Many company executives think it won’t happen to
their organization – but they are attacked
• High-bandwidth attacks against the financial
industry hit in 2012 and 2013
• Gartner predicts a 10 percent growth in the
financial impact that cybercrime will have on
online businesses through 2016*
• Reason for an attack vary: extortion, corporate
revenge or simply malicious hackers
* “Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond,” December 1, 2011
8
www.prolexic.com
9. Learn more in the white paper
• Download the DrDoS white paper: Man, Machine and
DDoS Mitigation
• In this white paper, find out why you need human
cyber security expertise:
– Understand the current and future DDoS threatscape
– Learn the capabilities and limitations of specific types of
DDoS mitigation appliances
– Find out how live attackers overwhelm automated systems
– Understand the weaknesses of the new breed of intelligent
DDoS mitigation device
– Avoid blocking legitimate traffic when under attack
– Learn about Prolexic’s Security Operations Center
9
www.prolexic.com
10. About Prolexic
• Prolexic Technologies is the world’s largest and
most trusted provider of DDoS protection and
mitigation services
• Prolexic has successfully stopped DDoS attacks for
more than a decade
• Our global DDoS mitigation network and 24/7
security operations center (SOC) can stop even the
largest attacks that exceed the capabilities of other
DDoS mitigation service providers
10
www.prolexic.com