Introduction to Arbor Networks Security Solutionsmedia.gswi.westcon.com/media/WestconSecurityItaly/Dream IT 2016... · Introduction to Arbor Networks Security Solutions ... Enterprise

©2015 ARBOR® CONFIDENTIAL & PROPRIETARY 1

Introduction to Arbor Networks Security Solutions

Ivan Straniero, Regional Manager SE Europe

07.07.2016


WHO IS ARBOR NETWORKS?

100% Percentage of world’s Tier 1 service providers who are Arbor customers

107 Number of countries with Arbor products deployed

120 Tbps

Amount of global traffic monitored by

the ATLAS security intelligence

initiative right now!

#1

Arbor market position in Carrier, Enterprise and Mobile DDoS equipment market segments

– [Infonetics Research June, 2015]

Number of years Arbor has been delivering innovative security and network visibility technologies & products

16

http://Digitalattackmap.com


FACTS ABOUT DDoS ATTACKS and ADVANCED THREATS


Did You Know?

Things You Should Know About DDoS Attacks

• Its never been easier in history to launch a DDoS attack.

• DDoS attacks are increasing in size, frequency and complexity.

• DDoS attacks are used as smoke screens or forms of diversion during advanced threat campaigns2.

• Of the Top 3 causes of unplanned outages, DDoS attacks are the most costly to an organization3.

For $5/hr anyone can launch a DDoS attack an cause $100sK

in damage

…DDoS attack size increasing 1

…Increase in demand for DDoS Protection

services1

…experienced multi-vectored attacks1

$5:$100sK

DDoS for Hire

74% …involved DDOS as a diversion2

400Gbps

42%

78%


Financial Services

Online Retail

Government

Gaming

Cloud Services

Education

EXPOSURE

Any organization can be the target of a DDoS attack Fact:


Over 230,000 cyber professional jobs unfilled TODAY in the US*… 1.5 million cyber jobs worldwide will be unfilled by 2020.

INCREASED PRESSURE ON SECURITY TEAMS

Fact:

Source: Arbor Networks 10th Annual Worldwide Infrastructure Security Report


Source: Arbor Networks 11th Annual WISR

Note: Most respondents didn’t answer this question because they didn’t know!

UNDER ESTIMATED IMPACT

Fact:

Lost Revenue

Operational Costs to Mitigate Attack

Brand repair

Regulatory Fees

Customer Credits

Lost productivity

Lost future business

Others?

Dunn & Bradstreet

Impact can be immediate & severe


ARBOR NETWORKS DDoS Protection Solutions

Proven, Trusted DDoS Protection


STOPPING DDoS ATTACKS

Layered DDoS Attack Protection

Stop application layer DDoS attacks & other advanced threats; detect abnormal outbound activity

2

Your Data Centers/Internal

Networks

The Internet

Application Attack

Scrubbing Center

Your (ISP’s) Network

Stop volumetric attacks In-Cloud

1 Intelligent communication between both environments

3

4 Backed by continuous threat intelligence

Backed by Continuous Threat Intelligence

Volumetric Attack

A Recommended Industry Best Practice:


• Layered, fully integrated, managed, combination of on-premises and in-cloud DDoS attack protection

• Countermeasures to stop all types of DDoS attacks (volumetric, TCP state exhaustion, application layer) and other advanced threats

• Wide range of mitigation platforms and capacities: from 2U appliances (1Gbps-40Gbps) to virtual (sub 1Gbps) to 2TBps of global Arbor Cloud

• Continuously armed with ATLAS Intelligence Feed to detect and stop latest DDoS and advanced threats

Key Features:

Quickly stop all types of DDoS attacks and advanced threats before they impact your business

Choose from a variety of products and services to design a DDoS attack protection solution that fits your organization

Rely upon the expertise of Arbor Networks to optimize your DDoS protection and/or reduce time or size of your DDoS mitigation staff

ARBOR NETWORKS DDoS PROTECTION

Benefits:

Target/Compromised Hosts


On-Prem The Internet

Botnet, DDoS, Malware

Arbor Cloud Scrubbing

Center

In-Cloud

Cloud Signal

Arbor APS

Remote management of on-prem Arbor APS to ensure optimal performance and protection

5

Intelligent coordination between on-prem and in-cloud protection

3 Global, In-Cloud, Volumetric Attack Protection (over 1 TBps Mitigation Capacity)

1

Always on protection from application-layer attacks and advanced threats

2

Backed by global threat intelligence 4

Arbor’s Managed APS Service (mAPS)

ON PREMISE: MANAGED APS SERVICE (mAPS)

Volumetric Attack

Legit Traffic

Application Attack


Network Embedded, Virtual DDoS Protection

Up to 40 Gbps Mitigation per VSM

Attack Mitigation

Arbor Networks TMS running on Cisco ASR9K VSM

+ Arbor Networks SP running on Cisco

UCS

= Cisco ASR 9000

vDDoS Protection Solution

“Powered by Arbor Networks”

Visibility and Attack Detection

Two Best of Breeds Combine


10G

40G

1G

100G

Mit

igat

ion

Cap

acit

y

160G

20G

Cost per Gbps of Mitigation Higher Lower

ARBOR DDOS MITIGATION PLATFORMS

TMS HD 1000 (2U, 20G –

160G)

TMS 5000 (6U, 10-100G)

TMS & APS 2800 (2U, 10G – 40G)

Cisco ASR9K vDDoS

(10-40G/VSM)

TMS 2300 & TMS/APS 2600

(2U, 500M-20G)

vAPS (from 50M)


ARBOR NETWORKS Advanced Threat Protection Solution

Spectrum


Things You Should Know About Advanced Threats

Did You Know?

Used 7 or more toolkits, less than half exploited a

critical vulnerability

…did not involve malware

…of enterprises take > 3 days to

investigate just 1 critical security event

200+ Days

60%

40%

7+ Toolkits

74% …involved DDOS as a diversion2

Average dwell time is greater than

200 days


The Game Has Changed

Advanced threats have evolved from advanced malware to attack campaigns. Attack campaigns are organized human to human campaigns, using multiple tools and techniques.

Fact:


ARBOR’S ADVANCED THREAT PROTECTION SOLUTION

Target / Compromised Hosts

?

Arbor Spectrum

Proactive Investigation and Proof

Armed with Global Visibility & Actionable Threat Intelligence


Shift From “Detect and Respond” Strategies

Security operations and incident response spend 80% of their time trying to determine if indicators created by “detect and prevent” security tools are real attacks.

Fact:


Arbor Networks SpectrumTM

TIME

TOOLS

DETECT ANALYZE / PROVE FORENSICS

$ $ $ $ $ $ $ $ $ $ $

Intuitive Workflows

Traffic Analysis

Threat Intel

Firewall

IPS

AV

Sandbox

Traffic

SIEM

Packet Forensics

End-Point Forensics

Intelligence

More Efficient Security Analytics and Proof Creates Highest ROI and Security Risk Reduction


“We were to uncover and investigate an entire attack timeline in seven minutes.

With our current SIEM it would have taken several days”

Empower Teams to See, Search, Prove Threats At the Speed of Thought


Arbor Networks™ Spectrum Management Console DMZ

Arbor Networks™ Spectrum Flow Collector

Arbor Networks™ Spectrum Packet Collector

Intelligence

Triggered IF

INTERNET

Deployment of Arbor Spectrum


Arbor® DDoS & Advanced Threat Protection Solutions

Internal Network

Enterprise Assets

Packets & Flow

Servers

Packets & Flow

Enterprise Perimeter

Global Internet

Global Network

Threats

Investigate

Prove

Act


QA / THANK YOU

For More Information, Please Contact:

Ivan Straniero, Regional Manager SE Europe

Ph: +39 348 7701054 Email: [email protected]

©2015 ARBOR® CONFIDENTIAL & PROPRIETARY

Documents

Introduction to Arbor Networks Security Solutionsmedia.gswi.westcon.com/media/WestconSecurityItaly/Dream IT 2016... · Introduction to Arbor Networks Security Solutions ... Enterprise