Networks ∙ Services ∙ People www.geant.org GEANT Information & Infrastructure Security Team TNC16 – Networking Conference Introduction DDoS at GÉANT Prague.

Slides:



Advertisements
Similar presentations
Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.
Advertisements

Prepared By Naieem Khan & Ummiya Rahman Presentation On.
NORDUnet Nordic Infrastructure for Research & Education DDoS Mitigation at NORDUnet Lars Fischer (w/ big thanks to Martin Aldrin) TF-MSP Meeting Malta,
Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.
COPYRIGHT © 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED. ALCATEL-LUCENT — CONFIDENTIAL — SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW — PROPRIETARY.
0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.
0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.
By: Ashwin Vignesh Madhu
Arbor Multi-Layer Cloud DDoS Protection
Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg
0-1 Team ?? Status Report (1 of 3) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team 1: Auraria.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Firewall on Demand A multidomain approach Leonidas Poulopoulos, Yannis Mitsos – GRNET NOC Firewall on Demand workshop TF-MSP meeting.
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.
By Chris Versaci CLOUD SECURITY. WHAT IS CLOUD COMPUTING? Cloud computing is a concept that involves a large number of computers connected through a real-time.
99ATS Turbocharge your Hiring Process !!. ON TARGET Solution offered by 99ATS Overview Introduction Gaps in Recruitment Process Screenshot overview of.
Alberto Rivai Teknologi pemantauan jaringan internet untuk pendeteksian dini terhadap ancaman dan gangguan Alberto Rivai
SECURITY WG Paul Howell, Eric Boyd Internet2 © 2015 Internet2.
Networks ∙ Services ∙ People Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.
DDOS. Methods – Syn flood – Icmp flood – udp Common amplification vectors – NTP 557 – CharGen 359 – DNS 179 – QOTD 140 – Quake 64 – SSDP 31 – Portmap28.
DoS/DoS Detection and Mitigation Mujahid Khan
Connect. Communicate. Collaborate Implementing Multi-Domain Monitoring Services for European Research Networks Szymon Trocha, PSNC A. Hanemann, L. Kudarimoti,
Connect communicate collaborate GÉANT3 Services Connectivity and Monitoring Services by and for NRENs Ann Harding, SWITCH TNC 2010.
Remote Trigger Black Hole 111. Remotely Triggered Black Hole Filtering We use BGP to trigger a network wide response to a range of attack flows. A simple.
FOR INTERNAL USE ONLY [Your business] exceeds with COLT Network Response to DDoS attacks – TNC 2006 Nicolas FISCHBACH Senior Manager, Network Engineering.
Introduction and Feature Highlights
ISSA June 2005 Luncheon Are You Ready for VOIP? Tim McCreight – CISSP CPP ARC Business Solutions Inc.
Catania, 16 May 2006 Reaching both institutions and users Educating the educators Elise Roders, SURFnet bv.
Introduction & Vision. Introduction MANTICORE provides a software implementation and tools for providing and managing routers and IP networks as services.
Project FENIX by NIX.CZ Tomas Marsalek APRICOT 2015 Fukuoka,
Networks ∙ Services ∙ People 1 European Workshop on Trust and Identity Date: 30 November – 3 December 2015 Location: Vienna, Austria Organisers:
GÉANT - Implementing Security at Terabit Speed
Internet2 Abilene & REN-ISAC Arbor Networks Peakflow SP Identification and Response to DoS Joint Techs Winter 2006 Albuquerque Doug Pearson.
Introduction We at Sydney IT Solutions provide a plethora of various kinds of services to the clients. The services provided depend upon the requirement.
WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.
DDoS Mitigation Using BGP Flowspec
Regional Telecommunications Workshop on FMRANS 2015 Presentation.
Working in the clouds Making cloud computing work Brian Breslin CEO Infinimedia June 5, 2009.
DKNOG6 - DDoS Mitigation Using BGP Flowspec - Mikkel Troest1.
Online Services You need to know some more types of online services...
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Best DDoS Protected Colocation Services
OARsec 17 Feb 2016 OARnet Agenda 17 Feb 2016 Call to Order & Introductions OARnet Updates Security Operations and Response Standards.
Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia
NETCONFish: Speaking the network language Leonidas Poulopoulos GRNET NOC TNC2013 Maastricht, Netherlands, 3-6 June 2013 config = “
Networks ∙ Services ∙ People Jari Miettinen Andrew Mackarel and Nadia Sluer VC #1 Jan 2016 SCOPE SIG June 8 th 2016.
CLASSe PROJECT: IMPROVING SSO IN THE CLOUD Alejandro Pérez Rafael Marín Gabriel López
Networks ∙ Services ∙ People Jan Meijer TNC 2016, Prague A WebRTC roadmap for European R&E G4-1 SA8 T2 14 June 2016 GÉANT4, SA8, Task 2 (WebRTC)
Networks ∙ Services ∙ People Di4R Network. Services. People. GÉANT 28 th September, Krakow.
Aligning Business Strategy and IT Strategy Gerhard Barth
Firewall on Demand Introduction SA3-T1 Meeting Vienna March 7th 2016
Cyber-crisis exercises
E-commerce companies Here the focus is on the different business models for selling online: Business-to-consumer (B2C): when a company sells to an individual;
Higher Information Systems
Hush mail Customer Tech Support Number Hush mail Customer Tech Support Number Call Now : Toll Free Call Now : Toll Free.
THANK YOU… Welcome to Norton Internet Security Welcome to Norton Internet Security For More Visit on:
Get The Best Networking Services In Dubai
5 MAJOR BENEFITS OF CLOUD TESTING. Cloud testing is a mode of testing web applications which use cloud computing and infrastructure. It includes both.
AKAMAI INTELLIGENT PLATFORM™
Consideration on IPv6 Address Management
Outsourcing.
Network Security Use Case
Terabit Scale Edge DDoS Protection
Introduction to e-Business Chapter 1

Figuring out CyberSecurity Return On Investment
Network Technology Evolution
Improving Procurement Management Through Better Contract Management Nobody wants to get tangled up in a lawsuit. Even if you are in the right, a breach.
An Application Programming Interface for Interconnection Services
An Application Programming Interface for Interconnection Services
Presentation transcript:

Networks ∙ Services ∙ People GEANT Information & Infrastructure Security Team TNC16 – Networking Conference Introduction DDoS at GÉANT Prague June 13 th 2016 Evangelos Spatharas/Temoor Khan Security Engineer

Networks ∙ Services ∙ People INDEX DDoS Statistics, Highlights and Countermeasures How GÉANT Deals with DDoS Firewall on Demand Future of DDoS 2

Networks ∙ Services ∙ People 3 Who Sees DDoS Attacks?

Networks ∙ Services ∙ People 4 DDoS Profile UDP

Networks ∙ Services ∙ People DDoS – Ramifications Network Performance degradation Services malfunction Outages Staff & Company Productivity reduction Wasted resources Reputation Profit reduction Users Dissatisfaction Change upstream? 5

Networks ∙ Services ∙ People Manual ACLs  Time Consuming  Prone to mistakes  Highly effective RTBH  Fast  Too coarse BGP FlowSpec  Fast  Highly effective DDoS Scrubbing  Highly effective  Very expensive 6 Mitigating DDoS?

Networks ∙ Services ∙ People Manual ACLs  Time Consuming  Prone to mistakes  Highly effective RTBH  Fast  Too coarse BGP FlowSpec  Fast  Highly effective DDoS Scrubbing  Highly effective  Very expensive 7 Mitigating DDoS?

Networks ∙ Services ∙ People Manual ACLs  Time Consuming  Prone to mistakes  Highly effective RTBH  Fast  Too coarse BGP FlowSpec  Fast  Highly effective DDoS Scrubbing  Highly effective  Very expensive 8 Mitigating DDoS?

Networks ∙ Services ∙ People fod.geant.net 9 From RFC to a WEB Based Tool

Networks ∙ Services ∙ People fod.geant.net 9 From RFC to a WEB Based Tool Speed

Networks ∙ Services ∙ People fod.geant.net 9 From RFC to a WEB Based Tool Speed Effectiveness

Networks ∙ Services ∙ People fod.geant.net 9 From RFC to a WEB Based Tool Speed Effectiveness Efficiency

Networks ∙ Services ∙ People 13 Under the hood – Current Status IX A GÈANT Internet IX B NREN A FoD NSHaRP

Networks ∙ Services ∙ People 14 Under the hood – Current Status IX A GÈANT Internet IX B NREN A Flowspec FoD NSHaRP

Networks ∙ Services ∙ People 15 Upgrade – Future Plans IX A GÈANT Internet IX B NREN A Flowspec FoD NSHaRP

Networks ∙ Services ∙ People 16 DDoS in Future

Networks ∙ Services ∙ People In case you have any issues or queries in relation to FoD, please contact GÉANT Infrastructure & Security team at 17 How to Contact us

Networks ∙ Services ∙ People Thank you Networks ∙ Services ∙ People 18 GEANT OPS Security Team

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.