Radware's Attack Mitigation System (AMS) is a real-time network and application security solution that protects the application infrastructure against network and application downtime, application vulnerability exploitation, malware spread, information theft, web service attacks and web defacement.
AMS is a set of patented technologies for the most advanced internet-borne cyber-attacks. It extends the "network" of attack detection and mitigation capabilities beyond the data center for:
-- Cloud-hosted business services and applications
-- A mobile work force increasingly depend on remote access to internal business applications and SaaS
-- Protection for tools, servers and applications within a virtualized environment
-- Advanced detection and mitigation techniques for tomorrow's open network fabrics
AMS contains these key components:
~ DefensePro and AppWall, for Denial-of-service (DoS) protection, Network Behavioral Analysis (NBA), Intrusion Prevention System (IPS), Reputation Engine and Web Application Firewall (WAF) - to fully safeguard networks, servers and applications against known and emerging network security threats.
~ DefensePipe - cloud-based service for end-to-end attack mitigation (on-premise and in the cloud) with volumetric DDoS attack protection and Internet pipe saturation defense measures.
~ Emergency Response Team (ERT) - specialized security experts who provide 24x7 instantaneous services to restore network and service operational status for customers facing a denial-of-service (DoS) attack
~ InFlight - anti-scraping, data theft protection device that includes a combination of several tools for transforming raw Internet traffic to meaningful business intelligence.
3. 19% of attacks are considered “constant” in 2014
52% of organizations expect to be able to fight attacks for
only a day or less.
Only 17.46% acknowledge being able to fight a month
long attack.
DDoS is the attack that will cause most harm.
*2014-2015 Global Application & Network Security Report
The Threat Landscape
3
4. Risk is on the rise for some unexpected targets: Healthcare
and Education.
Likelihood of attacks is also heating up for Gaming, Hosting
and ISP companies
Only one – Financial Services – actually moved from “High” to
“Medium” risk
– Enhanced protection based on prior year experiences helped
No one is Immune – Unexpected Targets
4
5. Extra-large attacks are seen on a daily basis
Attacks are targeting all types of organizations
Enabled by “better” technology via reflective attacks, at attacker’s
disposal
Point of Failure
The Internet pipe is now the organization’s #1 point of failure
5
6. Multi-Vector Attacks
Integrated, hybrid solution to mitigate all types of attacks
IPS/IDS
“Low & Slow” DoS
attacks (e.g.Sockstress)
Large volume network
flood attacks
Syn
Floods
Network
Scan
HTTP Floods
SSL Floods App Misuse
Brute Force
Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
6
8. Integrated hybrid security solution
– On-premise detection and
mitigation
– Cloud scrubbing to mitigate
beyond the perimeter
Backed by Radware’s Emergency
Response Team
Also available as a fully-managed
service
Radware Attack Mitigation System (AMS) Dedicated
hardware
for attacks
Dedicated hardware
for legitimate traffic
Behavior-based
detection to
prevent service-
level impact of
legit traffic
8
9. Emergency Response Team (ERT)
Protecting against top
attack campaigns
Emergency Response Team (ERT) - 24x7
team of security experts for fast
mitigation under attack
9
10. Behavior-based Detection
To prevent service-level impact of legit traffic
Behavior-based traffic analysis Rather than Superficial rate-based analysis
10
12. Augmented Security via Collaboration
12
All security and application delivery elements exchange Defense Messaging
for more accurate detection and protection and minimal impact on service-level
Distributed Architecture
MitigationMitigation Detection
12
16. Global Network of Scrubbing Centers
US US
UK
Germany
Russia
Hong Kong
Brazil
16
17. Attack Mitigation System
Customers own and manage on-premises
components of AMS
DefensePipe cloud scrubbing service is used to
protect against internet pipe saturation
Customers are notified of attacks that require the
ERT involvement
Attack Mitigation Service
Radware owns and implements on-premises
components of AMS
DefensePipe cloud scrubbing service is used to
protect against internet pipe saturation
Customers are notified of attacks that require the
ERT involvement
Flexible Attack Mitigation Offerings
17
18. “Radware's Attack Mitigation System (AMS) mitigates both known and new forms of attack
while allowing legitimate business traffic to be handled as normal, so the business
continuity of our hosted cloud customers is preserved even while under attack.”
Nathaniel Kemberling, CTO, Brinkster
What Customers Say
“Radware’s Attack Mitigation System (AMS) fits perfectly within our secure cloud hosting
architecture. The ability to stop a variety of multi-level attacks at the edge of our networks in
North America and Europe empowers FireHost to provide the best protection in the industry.”
Chris Drake, Chief Executive Officer, FireHost
18
19. Summary
•Able to detect and mitigate the full scope of DDoS attacksWidest Coverage
•Minimal false positives with patent-protected behavioral analysis technology
•Real-time signatures and selective challenge-response mechanism for high
mitigation accuracy
High Accuracy
•All attacks are detected on-premise in real-time
•Protection starts in seconds – shortest time to protect in the industryShortest Time
•ERT’s security experts to manage attacks
•Fully-managed service option
•Integrated reporting system
Complete Solution
Hybrid, integrated security solution with widest coverage and high quality of protection
19