Transcript Denial Of Service Mitigator Appliance –Customer presentation

Check Point
DDoS Protector
June 2012
©2012 Check Point Software Technologies Ltd.
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
[PROTECTED] — All rights reserved.
Cybercrime Trends for 2012
44%
35%
33%
32%
SQL
Injections
APTs
Botnet
DDoS
65% Businesses Experienced Attacks
Average $214,000 of Damage Per Attack
Ponemon Institute, May 2012
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
2
Victims of Recent DDoS Attacks
“Amazon.com claims its widely publicized DDoS
attack resulted in a loss of $600,000 during the
10 hours it was down…” Amazon.com
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
3
Today’s Attacks Are
More Sophisticated
More DDoS attacks today than ever before
More damage with application attacks
No need to flood network bandwidth
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
4
DDoS Attacks by Type
Application Layer
Attacks
TCP SYN
Flood
Network Layer
Attacks
More attacks are targeted at the Application Layer
Radware 2011
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
5
Application Layer DDoS Attacks
New Application Attacks Are Stealthier…
 Exploit application weakness with Low&Slow attacks
 Utilize relatively low volume and fewer connections
 Used in conjunction with volume-based attacks
Undetectable by threshold- or volume-based solutions
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
6
DDoS Protection
The Right DDoS Solution Should Have…
Network
Layer
Protection
Adaptable
Application
Layer
Protections
©2012 Check Point Software Technologies Ltd.
Fast Response
Time
[PROTECTED] — All rights reserved.
|
7
Introducing
Check Point DDoS Protector™
Block Denial of Service Attacks Within Seconds!
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
8
Check Point DDoS Protector™
Customized multi-layered DDoS protection
Protects against attacks within seconds
Integrated security management and expert support
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
9
Multi-Vectored DDoS Attacks
Network Flood
Server Flood
Application
Low & Slow
Attacks
High volume of
packets
High rate of
new sessions
Web / DNS
connectionbased attacks
Advanced
attack
techniques
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
10
Multi-Layered Protections
Network Flood
Server Flood
Application
Low & Slow
Attacks
Behavioral
High volume of
network
packets
analysis
Automatic and
High rate of
pre-defined
new sessions
signatures
Web
/ DNS
Behavioral
connectionHTTP and
based
attacks
DNS
Advanced
Granular
attack
custom filters
techniques
Stateless and
behavioral
engines
Protections
against misuse
of resources
Challenge /
response
mitigation
methods
Create filters that
block attacks
and allow users
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
11
DDoS Protector Product Line
Enterprise Grade
 Up to 3 Gbps throughput
 2M concurrent sessions
 1 Mpps max. DDoS flood attack rate
Datacenter Grade
 Up to 12 Gbps throughput
 4M concurrent sessions
 10 Mpps max. DDoS flood attack rate
 7 models to choose from
 1GbE copper and 10GbE fiber connections
 Low latency
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
12
Where to Protect Against DDoS
Scenarios:
1
2
3
On-Premise Deployment
DDoS Protector Appliance
+
Off-Site Deployment
DDoS Protector Appliance
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
13
Appliance Specifications
Model
DP 506
DP 1006
DP 2006
DP 3006
DP 4412
DP 8412
DP 12412
Capacity
0.5Gbps
1Gbps
2Gbps
3Gbps
4GBps
8Gbps
12Gbps
Max Concurrent
Sessions
2 Million
4 Million
Max DDoS
Flood Attack
Protection Rate
1 Million packets per second
10 Million packets per second
Latency
<60 micro seconds
Real-Time
Signatures
Detect and protect against attacks in less than 18 seconds
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
14
Integrated Security Management
Unified Logs and Monitoring
…and Unified Reporting
Leverage SmartView Tracker, SmartLog
and SmartEvent for historic and realtime security status
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
15
Flexible Deployment Options
Ready to Protect in Minutes
Fits to Existing Network Topology
Optional Learning Mode Deployment
Low Maintenance and Support
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
16
Emergency Response and Support
Emergency
Response
Team
Check Point
customer
support
 Help from security experts when under DoS
attacks
 Leverage experience gathered from real-life
attacks
 World-class support infrastructure
 Always-on support 7x24
 Flexible service options
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
|
17
Summary
Blocks DDoS Attacks Within Seconds
Customized
multi-layered
DDoS protection
Ready to protect
in minutes
©2012 Check Point Software Technologies Ltd.
Integrated with
Check Point
Security
Management
[PROTECTED] — All rights reserved.
|
18
Thank You
©2012 Check Point Software Technologies Ltd.
©2012 Check Point Software Technologies Ltd.
[PROTECTED] — All rights reserved.
[PROTECTED] — All rights reserved.