Protecting Our Customers from Massive or Advanced DDoS Attacks

Transcription

Protecting Our Customers from Massive or Advanced DDoS Attacks
Security
services
ああああ
G-9
Resilient Security Technology to Recover Networks Rapidly from Cyber Attacks
Protecting Our Customers from Massive or Advanced
DDoS Attacks
Resilient security technology detects various network attacks and restores the attacked networks autonomously. As an example,
we constructed the Resilient Security Engine(RSE), which dynamically detects and mitigates Slow DoS※1 attacks that saturate
servers’ resources with a small traffic and Reflection DDoS attacks that causes network congestion with huge traffic.
Resilient Security Engine(RSE) detects various attacks automatically with
information obtained from networks and takes measures to restore victim
networks semi- or fully automatically.
Features
■ RSE recommends an effective protecting action in response to the
type of detected attack. To detect and mitigate DDoS attacks, it
utilizes SDN※2 and virtual appliances.
Operator
The Internet
Reflection
DDoS
[Against Reflection DDoS]
Block specific UDP packets,
e.g., DNS and NTP replies,
in attacking traffic without
blocking normal traffic.
Action Trigger:
Movie Congestion
Server
SDN Switch
※1: Slow DoS detecting appliance usable alone
※2: SDN: Software Defined Networking
Slow
DoS
RSE
■ Protecting action against Reflection DDoS: block attacking traffic
at distributed boundary routers. Avoid blocking normal traffic by
dynamic pass-through mechanism using SDN.
Order the actions
mirroring order
Slow DoS
Detector※1
Action Trigger:
Full Connection
traffic mirror
cooperation with Slow DoS Detector, which accurately detects
Slow DoS sessions by connection analysis.
Recommend
protecting actions
blocking order
■ Protecting action against Slow DoS: mitigate attacking traffic in
Web
Server
[Against Slow DoS] Execute connection inspection
of suspicious traffic. On detection of Slow DoS
attack and identify attacker’s source from packet
headers and communication patterns.
Application Scenarios
■ When our customers are hit by Slow DoS or Reflection DDoS
attacks, we mitigate attacking traffic without blocking normal traffic.
Taking on challenges toward 2020
Massive or advanced DDoS attacks are anticipated to occur
frequently during international events. We can protect our
customers
from such attacks with these resilient security
technologies.
〈Contact〉[email protected]
Copyright © 2015 NTT. All Rights Reserved.

Similar documents

DDoS Protection

DDoS Protection Denial-of-service (DoS) attacks are happening now and have evolved into complex security challenges for organizations large and small. Although DoS attacks are not a new phenomenon, the methods and resources available to conduct and mask such attacks have dramatically evolved to include distributed (DDoS) and, more recently, distributed reflector (DRDoS) attacks—attacks that simply cannot be addressed by traditional on-premise solutions.

More information

Marc Lampo - Principal Security Consultant

Marc Lampo - Principal Security Consultant Traffic with protocol errors The attacker generates traffic

More information

Mark Shtern

Mark Shtern  Throughput, response time, CPU utilization

More information