Protecting Our Customers from Massive or Advanced DDoS Attacks
Transcription
Protecting Our Customers from Massive or Advanced DDoS Attacks
Security services ああああ G-9 Resilient Security Technology to Recover Networks Rapidly from Cyber Attacks Protecting Our Customers from Massive or Advanced DDoS Attacks Resilient security technology detects various network attacks and restores the attacked networks autonomously. As an example, we constructed the Resilient Security Engine(RSE), which dynamically detects and mitigates Slow DoS※1 attacks that saturate servers’ resources with a small traffic and Reflection DDoS attacks that causes network congestion with huge traffic. Resilient Security Engine(RSE) detects various attacks automatically with information obtained from networks and takes measures to restore victim networks semi- or fully automatically. Features ■ RSE recommends an effective protecting action in response to the type of detected attack. To detect and mitigate DDoS attacks, it utilizes SDN※2 and virtual appliances. Operator The Internet Reflection DDoS [Against Reflection DDoS] Block specific UDP packets, e.g., DNS and NTP replies, in attacking traffic without blocking normal traffic. Action Trigger: Movie Congestion Server SDN Switch ※1: Slow DoS detecting appliance usable alone ※2: SDN: Software Defined Networking Slow DoS RSE ■ Protecting action against Reflection DDoS: block attacking traffic at distributed boundary routers. Avoid blocking normal traffic by dynamic pass-through mechanism using SDN. Order the actions mirroring order Slow DoS Detector※1 Action Trigger: Full Connection traffic mirror cooperation with Slow DoS Detector, which accurately detects Slow DoS sessions by connection analysis. Recommend protecting actions blocking order ■ Protecting action against Slow DoS: mitigate attacking traffic in Web Server [Against Slow DoS] Execute connection inspection of suspicious traffic. On detection of Slow DoS attack and identify attacker’s source from packet headers and communication patterns. Application Scenarios ■ When our customers are hit by Slow DoS or Reflection DDoS attacks, we mitigate attacking traffic without blocking normal traffic. Taking on challenges toward 2020 Massive or advanced DDoS attacks are anticipated to occur frequently during international events. We can protect our customers from such attacks with these resilient security technologies. 〈Contact〉sv-forum@lab.ntt.co.jp Copyright © 2015 NTT. All Rights Reserved.
Similar documents
DDoS Protection
Denial-of-service (DoS) attacks are happening now and have evolved into complex security challenges for organizations large and small. Although DoS attacks are not a new phenomenon, the methods and resources available to conduct and mask such attacks have dramatically evolved to include distributed (DDoS) and, more recently, distributed reflector (DRDoS) attacks—attacks that simply cannot be addressed by traditional on-premise solutions.
More informationMarc Lampo - Principal Security Consultant
Traffic with protocol errors The attacker generates traffic
More information