BOTNET DEFENSE FROM THREATSTOP & JUNIPER Stop Botnets Stealing From You! Presenter: Ken Liu, V.P. Business Development ThreatSTOP, Inc.

2 Copyright © 2009 Juniper Networks, Inc. STOP BOTNETS STEALING FROM YOU! Problem  Organized criminals now hacking for profit & malicious intent  Botnets and malware control your machines, steal your valuable data, and cause great damage  Rapidly growing and pervasive threat  ~100 million computers in U.S. “botted” in 2010  88% of F500 networks are “botted”; 100% of ThreatSTOP customers  No one is immune Challenge  Current signature-based solutions inadequate  Chasing the unknown, at the mercy of attackers.  Infinite combinations and sheer volume overwhelms signatures/patching cycle.  Lower catch rate  Slower updates/detection  High false- positives  High overhead to use.

3 Copyright © 2009 Juniper Networks, Inc. CLOUD IP REPUTATION SERVICE ENABLES SRX TO BLOCK BOTNETS/MALWARE AT THE NETWORK EDGE 1. Aggregate threat feeds from public and proprietary monitors 2. Produce predictive, real-time threat list by proprietary correlation engine 3. Deliver IP address block list to SRX via DNS (patent-pending) 4. SRX blocks traffic to/from bad IPs 5. Customer logs become part of ThreatSTOP defense network DNS

4 Copyright © 2009 Juniper Networks, Inc. SRX BLOCKS BOTNETS WITH THREATSTOP Track known bad IP addresses Develop accurate block lists in real time Continually updated and verified Deliver threat lists to SRXs for enforcement via DNS Apply filters provided by ThreatSTOP Leverage high-performance IP address filtering Blocks inbound/outbound traffic to bad addresses, even encrypted SSL traffic All protocols and applications covered. Prevent data theft Day zero protection and reduce attack surface Better network performance and lower burden on other services Reduce help desk calls and reportable events Easy install, immediate protection and lowest TCO Benefits

5 Copyright © 2009 Juniper Networks, Inc. VALUE PROPOSITION  Block “call homes” & SSL traffic  “We found over 1,000 bots thanks to ThreatSTOP.” -- IT Director, County Government Prevent Data Theft  Cut spam by up to 90%  Improve network “goodput”  Offload other filters & save upgrade cost of expensive HW Improve Performance—Save $  Your network “disappears” from criminals’ radar  Reduce more spam and risk of attack Reduce Attack Surface  Use existing equipment, simple script install, immediate use  Eliminate manual maintenance & drudgery, increase IT productivity Easy & Lowest TCO

6 Copyright © 2009 Juniper Networks, Inc. TESTIMONIALS “I had no idea my network printers are talking to China!” -- Gary Woodward Network Administrator W. Memphis Schools  Blocks 1 million+ malware/week  Reduces network saturation  Cuts help desk tickets by 90%  Eliminates manual IP blacklisting and remediation University of Baltimore (SRX 3400) University of Baltimore (SRX 3400) “ThreatSTOP saved us $200,000 on server upgrades that we put into classrooms instead.” -- Steve Gorham CIO Hillsborough College “Now we have no service stoppages, no escalations with the ISP, and no manual cleanups. ThreatSTOP has solved a big headache for us.” --Nikola Nikolic Services & Contracts Manager Bibliotheek Rotterdam (SRX 240H) Bibliotheek Rotterdam (SRX 240H)