Upgrade to Pro — share decks privately, control downloads, hide ads and more …

LDNWebPerf December 2017 - Oliver Adam

LDNWebPerf December 2017 - Oliver Adam

DDoS attacks are becoming more and more prevalent – they become a challenge for every enterprise out there. Every enterprise is a potential victim and should invest in protection now. There are various approaches to protect but not all of them a sufficient anymore.
In this talk Oliver discusses DDoS today and why hardware can not be the solution to protect mission critical infrastructure and applications anymore.

London Web Performance Group

December 05, 2017
Tweet

More Decks by London Web Performance Group

Other Decks in Technology

Transcript

  1. DDoS Protection
    Why hardware is NOT sufficient anymore
    Frankfurt, 28.11.2017 LINK11 // Oliver Adam
    London Web Performance –Lightning Talks Christmas 2017

    View Slide

  2. Questions
    Whom of you has experienced a DDoS attack already?
    Do you have a solution in place mitigating DDoS attacks?
    Is it on-premise hardware?
    Frankfurt, 28.11.2017 LINK11 // Oliver Adam
    London Web Performance –Lightning Talks Christmas 2017

    View Slide

  3. DDoS is an increasing risk
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

    View Slide

  4. DDoS is an increasing risk
    Datacenters, DNS infrasctructures and Web Applications get flooded daily
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

    View Slide

  5. Statistics – A Growing Risk
    2016 / 2017 – some facts
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017
    Q4 / 2016 Q1 / 2017 Q2 / 2017
    # Attacks 11.575 11.510 18107
    Total Duration 1242h 1354h 2013h
    Longest Attack 666m 205m 613m
    Max Size 40.5 Gbps 60.2 Gbps 81.1Gbps
    Avg Size 764Mbps 1.2Gbps 1.3Gbps
    LINK11 // Oliver Adam

    View Slide

  6. Attacks Landscape Is Changing Continuously
    Connection: 1Gbps – 10Gbps
    Cores: high end / lots
    Attacktypes: complex
    Connection: 10Mbps – 100Mbps
    Cores: simple / low
    Attacktypes: simple
    Mirai, IoTrooper etc
    IoT Botnet Server-Based Botnet
    Connection: 10Mbps – 1Gbps
    Cores: all types
    Attacktypes: simple and complex
    #OpBeast, #OpIcarus, #OpMonsanto
    Volunteer Botnet
    Connection: 1Gbps – 10Gbps
    Cores: high end / lots
    Attacktypes: simple and complex
    Stealth Raven, DD4BC
    Ransom Groups
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

    View Slide

  7. On-premises Hardware will NOT solve your problems
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017
    DDoS Solution needed
    10G Link
    600Mbps legit
    Buy DDoS Appliance
    1 Gpbs legit (max 2)
    4 Gbps attack max
    Admin Training Integrate HW
    Define Procedures
    Operator Training
    DDoS Solution
    Implemented
    1 Gbps attack
    Buy bigger Appliance
    Upgrade License
    5 Gbps attack
    Admin Training
    Update SW
    New Major Release
    Operator Training
    Legit Traffic Close to License
    Appliance EoS / Not supporting new features etc
    Appliance Vulnerability
    Attack > Internet Pipe DDoS Solution NOT
    Sufficient Anymore
    Cloud DDoS Solution
    NEEDED
    to protect Pipe
    Limited in every aspect – endless work/upgrade loops are so cool
    LINK11 // Oliver Adam

    View Slide

  8. Cloud Service scale unlimited and do solve problems finally
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017
    DDoS Solution needed
    10G Link
    600Mbps legit
    Buy Cloud Solution
    1 Gpbs legit
    Attacks unlimited
    Admin Training Integrate Cloud
    Define Procedures
    Operator Training
    Cloud DDoS Solution
    Implemented
    Upgrade License
    Legit Traffic Close to Contract
    - No end of sales / no end of support
    - Vulnerabilities getting fixed automatically
    - Upgrades getting done by cloud provider
    - Cloud provider will scale solution
    - Attack size does not matter
    - Internet pipe protected by default
    - Capacity is multiple Tbps
    - …
    LINK11 // Oliver Adam

    View Slide

  9. Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

    View Slide

  10. Thx for listening
    Questions?
    LINK11
    Oliver Adam
    Head of Presales and Consulting
    Lindleystr. 12
    60314 Frankfurt
    Follow us on:
    www.twitter.com/link11gmbh
    www.facebook.com/link11
    Frankfurt, 28.11.2017
    London Web Performance –Lightning Talks Christmas 2017 LINK11 // Oliver Adam

    View Slide