LDNWebPerf December 2017 - Oliver Adam

Transcript

1. DDoS Protection Why hardware is NOT sufficient anymore Frankfurt, 28.11.2017

   LINK11 // Oliver Adam London Web Performance –Lightning Talks Christmas 2017

2. Questions Whom of you has experienced a DDoS attack already?

   Do you have a solution in place mitigating DDoS attacks? Is it on-premise hardware? Frankfurt, 28.11.2017 LINK11 // Oliver Adam London Web Performance –Lightning Talks Christmas 2017

3. DDoS is an increasing risk Frankfurt, 28.11.2017 London Web Performance

   –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

4. DDoS is an increasing risk Datacenters, DNS infrasctructures and Web

   Applications get flooded daily Frankfurt, 28.11.2017 London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

5. Statistics – A Growing Risk 2016 / 2017 – some

   facts Frankfurt, 28.11.2017 London Web Performance –Lightning Talks Christmas 2017 Q4 / 2016 Q1 / 2017 Q2 / 2017 # Attacks 11.575 11.510 18107 Total Duration 1242h 1354h 2013h Longest Attack 666m 205m 613m Max Size 40.5 Gbps 60.2 Gbps 81.1Gbps Avg Size 764Mbps 1.2Gbps 1.3Gbps LINK11 // Oliver Adam

6. Attacks Landscape Is Changing Continuously Connection: 1Gbps – 10Gbps Cores:

   high end / lots Attacktypes: complex Connection: 10Mbps – 100Mbps Cores: simple / low Attacktypes: simple Mirai, IoTrooper etc IoT Botnet Server-Based Botnet Connection: 10Mbps – 1Gbps Cores: all types Attacktypes: simple and complex #OpBeast, #OpIcarus, #OpMonsanto Volunteer Botnet Connection: 1Gbps – 10Gbps Cores: high end / lots Attacktypes: simple and complex Stealth Raven, DD4BC Ransom Groups Frankfurt, 28.11.2017 London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

7. On-premises Hardware will NOT solve your problems Frankfurt, 28.11.2017 London

   Web Performance –Lightning Talks Christmas 2017 DDoS Solution needed 10G Link 600Mbps legit Buy DDoS Appliance 1 Gpbs legit (max 2) 4 Gbps attack max Admin Training Integrate HW Define Procedures Operator Training DDoS Solution Implemented 1 Gbps attack Buy bigger Appliance Upgrade License 5 Gbps attack Admin Training Update SW New Major Release Operator Training Legit Traffic Close to License Appliance EoS / Not supporting new features etc Appliance Vulnerability Attack > Internet Pipe DDoS Solution NOT Sufficient Anymore Cloud DDoS Solution NEEDED to protect Pipe Limited in every aspect – endless work/upgrade loops are so cool LINK11 // Oliver Adam

8. Cloud Service scale unlimited and do solve problems finally Frankfurt,

   28.11.2017 London Web Performance –Lightning Talks Christmas 2017 DDoS Solution needed 10G Link 600Mbps legit Buy Cloud Solution 1 Gpbs legit Attacks unlimited Admin Training Integrate Cloud Define Procedures Operator Training Cloud DDoS Solution Implemented Upgrade License Legit Traffic Close to Contract - No end of sales / no end of support - Vulnerabilities getting fixed automatically - Upgrades getting done by cloud provider - Cloud provider will scale solution - Attack size does not matter - Internet pipe protected by default - Capacity is multiple Tbps - … LINK11 // Oliver Adam

9. Frankfurt, 28.11.2017 London Web Performance –Lightning Talks Christmas 2017 LINK11

   // Oliver Adam

10. Thx for listening Questions? LINK11 Oliver Adam Head of Presales

    and Consulting Lindleystr. 12 60314 Frankfurt Follow us on: www.twitter.com/link11gmbh www.facebook.com/link11 Frankfurt, 28.11.2017 London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam