Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

Dns security overview

Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Wird geladen in …3
×

Hier ansehen

1 von 23 Anzeige
Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Andere mochten auch (20)

Anzeige

Ähnlich wie Dns security overview (20)

Anzeige

Dns security overview

  1. 1. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 360°DNS Security Solution To Protect Your Business
  2. 2. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 +40% Cyber Attacks +132% DDoS Attacks 2015 Security Context Symantec: Internet security threat report 2015 Source: Prolexic Quarterly Global DDoS Attack Report Q2 2015 Internet Security Team Report - Symantec & Verizon – 2014 +50 Million New Malwares IN OUT 41% of Internal Attacks Symantec: Internet security threat report 2013 IBM 2015 Cyber Security Intelligence report An Evolving Threat Environment
  3. 3. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Security Threat Landscape Page 3 DNS DDoS Amplification DNS Malware DNS Phishing Zero Day DNS Tunneling Man in the Middle DNS-based Exploits DNS Cache Poisoning DNS Flooding DNS Reflection Protocol Anomaly Water Torture Attacks Pulsar Attacks Phantom Attacks NX Domain Attacks Random Subdomain attacks Lock-up Domain Attacks Sloth Domain Attacks False Positive Triggering ... Greater Variety Greater Sophistication
  4. 4. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 The Hidden Threats In DNS Traffic Page 4 DNS Services Play A Dual Role In the “Kill-Chain” THREAT VECTOR FAVORITE TARGET
  5. 5. Confidential-Property of EfficientIP - All rights reserved-Copyright © 20155Page 5 DNS Attacks Classification Direct DoS, Amplification, Reflection attacks 3 Main Types of DNS Attacks EXPLOITS VOLUMETRIC Random QName, Phantom and Sloth attacks... DNS Tunnelling, poisoning, 0-day !! STEALTH
  6. 6. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Attack Objectives Page 6 Multiple DNS Targets For Many Objectives PUBLIC PRIVATE Business Downtime Embezzlement of Money Intellectual Property Theft Customer Data Theft Damaged Reputation Password Stealing Volumetric Stealth Exploits
  7. 7. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Attacks: Myth or Reality? A Threat for Every Industry *IDC 2014 DNS Security Survey 72% of Companies have Experienced DNS Attacks* Page 7
  8. 8. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Attacks: What Is At Stake? Page 8 Concrete Damages Experienced IDC 2014 DNS Security Survey 31% LOST PROFIT 44% APPLICATION DOWNTIME 41% INTELLECTUAL PROPERTY STOLEN 44% WEB SITE COMPROMISED
  9. 9. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Why Are DNS Attacks So Impacting? Page 9 Traditional Security Solutions Are Not Adapted to Mitigating DNS Attacks Firewall & Next Generation Firewall Anti-DDoS Appliances IPS Secure Web Gateway ... A Specialized Layer of Defense Is Required To Protect Users & DNS Services From Hidden Threats in DNS Traffic
  10. 10. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 EfficientIP DNS Security Vision Page 10 Protect All DNS Services From All Attack Types EXPLOITS PRIVATE PUBLIC VOLUMETRIC !! STEALTH
  11. 11. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015Page 11 EfficientIP Security Solution Strengthen Security Foundation Block 0-Day Vulnerabilities Enforce Best Practices Ensure DNS Continuity with Adaptive Security Advanced Attack Detection Graduated Countermeasures Secure Public DNS Availability Resiliency & Robustness Absorb Extreme DoS Attacks on Cache Servers Cache Security & Performance Protect Users & Block DNS- Based Malware Activity Prevent, Detect & Mitigate
  12. 12. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 SOLIDserver DNS Page 12
  13. 13. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Hardened Appliance Enforce DNS Security Best Practices SmartArchitecture Templates: Stealth DNS, Master-Slave, Multi-master Block Zero-Day Vulnerabilities: Hybrid DNS Engines Three DNS Engines transparently Managed as a single entity Mitigate Amplification & Reflection Threat Response Rate Limiting (RRL) Ensure Data Integrity & Authenticity DNSSEC Automation: “One Click” Deployment Page 13 SOLIDserver DNS IT Night WINNER Best Security Product 2014 Most Innovative Security Solution SOLIDserver Security Foundation PUBLIC & PRIVATE
  14. 14. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Cloud Page 14
  15. 15. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Amazon Route53 Integration Advanced Protection For DDoS & 0-Day 52 DNS Spots – Hybrid DNS engine High-Availability & Performance Anycast resiliency – Ultra Low Latency Simple & Flexible Deployment –Management – Reversibility Cost-Effective Page 15 DNS Services In the Cloud PUBLIC UNIFIED MANAGEMENT OF IN-HOUSE & AMAZON CLOUD DNS
  16. 16. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Firewall Page 16
  17. 17. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Firewall Page 17 PROTECT AGAINST MALWARE AND PHISHING WITH RESPONSE POLICY ZONE PRIVATE DNS SERVICES Prevent Initial Infection Block malicious sites Detect and Block Malware Activity Users & Applications, CnC Communications Mitigate Data Exfiltration Locate Infected Devices to Remediate
  18. 18. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Guardian Page 18
  19. 19. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Guardian Page 19 Inside DNS Transaction Analysis For Accurate Attack Detection Global & Per IP Statistics (cache & recursive) Volumetric, Stealth & Exploit Attacks Detection Tunnelling, RQName attacks, phantom attacks, anomalies Graduated Protection With Smart Countermeasures Block source IPs of the attacks Quarantine suspected source IPs of attacks Patented Rescue Mode: Ensure service continuity even if the attack source is unidentifiable. ADAPTIVE DNS SECURITY PRIVATE DNS SERVICES
  20. 20. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Comprehensive DNS Security Solution Page 20
  21. 21. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Blast: Cache Security & Performance Page 21 Absorbs DoS Attacks on DNS Cache & Eliminates Risks of Blocking Legitimate Clients World’s Fastest DNS Caching Server with 17 million qps High Performance of ACL, RPZ & DNSSEC Ensures Unparalleled High-Availability with Anycast Resilience Decreases Costs & Network Complexity No need to pile up DNS servers and expensive load-balancers Improved User Experience with Ultra Low Latency Unequalled Cache Hit Rate (CHR) with Multicast Cache Sharing Persistent Cache (Restart & Restore)
  22. 22. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 DNS Security Performance & Intelligence Page 22 Complete Coverage of DNS Services Public & Private Comprehensive Attack Type Detection Volumetric, Stealth & Exploit Attacks Smart & Adaptive Threat Protection Block, Quarantine & Rescue Modes Simple to Deploy & Maintain Cost Effective
  23. 23. Confidential-Property of EfficientIP - All rights reserved-Copyright © 2015 Thanks for your attention! Page 23

×