Presentation is loading. Please wait.

Presentation is loading. Please wait.

Re-writing the Playbook for DDoS Mitigation Strategies

Similar presentations


Presentation on theme: "Re-writing the Playbook for DDoS Mitigation Strategies"— Presentation transcript:

1 Re-writing the Playbook for DDoS Mitigation Strategies
Dave Larson, COO Corero Network Security

2 No Pitch Presentation Policy
Please help us produce more relevant content in the future by rating this session using our event app! Each presenter signs a speaker agreement certifying that their presentation will be educational and not a sales pitch. Attendees have a right to report speakers not adhering to the policy.

3 DDoS Attacks – 2015 Snapshot
Total Attack Bandwidth Gbps Data shown represents the top ~2% of reported attacks JAN 2015 DEC 2014 MAR 2015 DEC 2015 JUN 2015 DD4BC (Banks) SEP 2015 400 300 200 100 DEC JAN FEB 1 MAR 1 APR 1 MAY 1 JUN 1 JUL 1 AUG 1 SEP 1 OCT 1 NOV 1 DEC 1 AUG 2015 OCT 2015 $1.5m per annum is the average cost to deal with DDoS attacks 82% Of companies reported DDoS attacks shut down or partially shut down their data centers 49% of companies expect DDoS attacks to increase in next 12 months Source: Ponemon Institute – Cost of DDoS Attacks – March 2015 Source: Digital Attack Map - DDoS attacks around the globe

4 The Problem is Real – and Pervasive
Our average customer sees almost 4.5 attacks per day! Some customers see many more Across all verticals and segments No one is immune!

5 Increase in Low Bandwidth, Short Duration Attacks

6 Evolution of DDoS Defense

7 DDoS Defense 1.0 - Null Route
DDoS Detection (NetFlow Collector/Analyzer) NetFlow Native Traffic Path Attack Traffic Non-Attack Traffic Null Route on Destination IP Unprotected Customer All traffic discarded © 2016 Corero

8 DDoS Defense 2.0 - Scrubbing
DDoS Detection (NetFlow Collector/Analyzer) NetFlow Native Traffic Path Attack Traffic Non-Attack Traffic Non-Attack Traffic New Route via BGP Diverted Traffic Path GRE Tunnel to Customer Partially Protected Customers TMS Industry Leader’s Scrubbing Approach

9 DDoS Defense 3.0 - Inline, Always-On
Comprehensive DDoS Analytics Real-time Alerting and Reporting Attack Traffic Non-Attack Traffic Non-Attack Traffic DDoS Traffic Blocked Inline Completely Protected Customers

10 DDoS Defense 3.0 - Subscriber Edge Deployment
Comprehensive DDoS Analytics Real-time Alerting and Reporting Completely Protected ISP, Hosting, and Enterprise Customers Attack Traffic Non-Attack Traffic Non-Attack Traffic DDoS Traffic Blocked at Subscriber Edge

11 Automatic Mitigation In-line, automatic mitigation protecting >200Gbps of Internet bandwidth

12 Hosting Provider Challenge & Opportunity

13 Typical Subscriber Protection
Many enterprises take advantage of more than one defense technique: Current Mitigation Techniques (multi-select) Response Percent On-Premises DDoS mitigation product 26.7% Cloud based scrubbing technology or service 11.1% Home grown or Open Source solutions 16.7% Traditional security infrastructure products (firewall, IPS, load balancers) 68.9% Rely on upstream service providers to eliminate the attacks Survey conducted in August/September Survey respondents are network and network security representatives that represent cross industry, global organizations.

14 Subscribers are Demanding More
74% of respondents would like to see their provider implement additional services to eliminate DDoS traffic from entering their networks. 52% indicate that they would even pay for a premium service offering to eliminate the DDoS challenge to their environment. ISP provide additional security services to eliminate DDoS Response Percent Yes 74.4% No 6.7% Unsure 18.9% Would you pay your ISP for a premium service that removes DDoS attack traffic before it is delivered to you? Response Percent Yes 52.2% No 14.4% Unsure 33.3%

15 The Opportunity 90% of respondents indicate that they would be willing to pay for a premium DDoS defense offering from their provider and a majority would be willing to allocate from 5% to 10% of their overall ISP spend to secure that service. What percentage increase of your current provider spend would you allocate to subscribe to this type of service? Response Percent Less than 5% 39.0% 5%-10% 50.6% 10-25% 2.6% More 1.3% © 2016 Corero

16 Capitalizing on the Opportunity
Integrate into existing carrier operational and billing systems: REST based API's for north and southbound integration Leveraging Tail-F for centralized management and scalability Per customer visibility charts providing ease of validation Per customer attack bandwidth utilization which can be mapped into customer records, ensuring accurate per customer billing information Virtualized Management framework

17 Value-Add or Revenue-Add
Infrastructure hosting companies are in a highly competitive marketplace: Customers are intolerant of downtime and service interruptions Instantaneous DDoS mitigation reduces downtime Reduces churn and improves new-business win rates Is a powerful differentiator Providers looking to add service lines: DDoS defence can provide an opportunity to keep prices up Can serve as an additional revenue stream to end users © 2016 Corero

18 DDoS Defense-as-a-Service Benefits
Zero Downtime Service Offerings Corero’s instant mitigation vs a human NOC/SOC agent enables rapid response to alarms, real-time analysis of traffic, reroute to scrubbing center, re-inject traffic… Customer Premises Based Deployment Corero’s simplicity, resiliency, and the ability to remotely manage and monitor, enables appliance(s) to be deployed in-line at high value customers, or at high risk customers such as gaming or financial organizations. Unlimited Scalability Corero enables massive scale for extreme high bandwidth customers A New DDoS Economic Model Corero’s pricing model and reduced CAPEX/OPEX enables immediate ROI

19 Per Customer Security and Visibility
Provider view

20 Thank you Dave Larson


Download ppt "Re-writing the Playbook for DDoS Mitigation Strategies"

Similar presentations


Ads by Google