SlideShare ist ein Scribd-Unternehmen logo

Stopping DDoS Attacks In South Africa

Als PPTX, PDF herunterladen
Cloudflare
Cloudflare

This document discusses recent DDoS attacks in South Africa and Cloudflare's response. It provides details on: - A major DDoS attack on November 19th that targeted gambling sites and news agencies with over 1 billion requests, peaking at 185,000 requests per second from over 18,000 IPs. - Cloudflare saw a total of 2.676 billion security events in South Africa during this time, with 69% of traffic during the November 19th attack. - Cloudflare used tools like firewall rules, rate-limiting, and its Gatebot and Security Level features to automatically mitigate attacks globally while continuing to serve local South African users. - Additional DDoS attacks on

Technologie
1 von 25
Stopping DDoS Attacks In South Africa February 5, 2020 Omer Yoachimik, DDoS Protection Product Manager Chad Toerien, Account Executive, SA 1
Omer Yoachimik Product Manager, DDoS Protection omer@cloudflare.com Chad Toerien Account Executive, SA ctoerien@cloudflare.com
South Africa: Recent Media Coverage 3
Media Coverage 4
South Africa: What Cloudflare Saw 5
6 Unrelated to the media coverage, this is what Cloudflare saw on its networks
Highlights of L7 events 7 ● 2.676 billion security events ○ 69% of all traffic to SA during the 11/19 attack ○ Following with 15 smaller attacks ● Top mitigating tools ○ Customer-defined: Firewall rules & Rate-limiting ○ Automatic/intelligent based: Gatebot & Security Level ● Mitigated globally ○ Most attack traffic was blocked in US & Europe ○ SA datacenter continued serving local users
11/19 Attack ● Attacks targeted a gambling sites and news agencies ● Totalled at 1.152 billion requests (69% of all traffic to SA sites at the time) ● Peaked at 185,000 HTTP requests per second ● From over 18K unique IPs 8
L3/4 DDoS Attacks on JNB Datacenter ● Peaked just below 600 Kpps ● Top attack vectors: ○ DNS flood (over UDP port 53) ○ SSL flood (port 443) ○ TCP ACK floods to port 443 9
Impact of Breaches on Stock Price ● In the long term, breached companies underperformed the market ● After three years, average share price is up by 32.53% but down against the NASDAQ by -13.27% T-Mobile US TJX Companies Huntsworth Adobe Global Payments Royal Bank of Scotland Group Monster Worldwide Vodafone Group Apple
Cloudflare Services Overview 11
20M+ Internet properties 30 Tbps Of network capacity 200 Cities and 94+ countries 72B Cyber threats blocked each day in Q419 99% Of the Internet-connected population in the developed world population is located within 100 milliseconds of our network Note: Data as of June 28, 2019. Help Build A Better Internet 12
PERFORMANCESECURITY RELIABILITY Domain Name System (DNS) Firewall AnalyticsCloudflare AppsServerless ComputePLATFORM IoT Security Cache Mobile Optimization Load Balancing SSL/TLS Secure Origin Connection Rate Limiting Bot Management DDoS Protection Zero Trust Security Intelligent Routing Content Optimization Image Optimization Mobile SDK Anycast Network Virtual Backbone DNS Resolver Always Online Confidential. Copyright © Cloudflare, Inc. An Integrated Global Cloud Platform 13
Cloudflare DDoS Protection 14
Application Layer 7 Session Layer 5 Presentation Layer 6 Transport Layer 4 Network Layer 3 Datalink Layer 2 Physical Layer 1 Cloudflare DDoS Protection Cloudflare DDoS Protection 15 Layer 7 DDoS Protection Spectrum Magic Transit
Collective Intelligence Secure Edge Architecture Fast Mitigation 16 Cost Effective Cloudflare DDoS Differentiation
Secure Edge Architecture LegaLegacy Cloudflare Network Scale Over 30 Tbps of network capacity spanning across 190+ cities enables to mitigate even the largest DDoS attacks Efficiency Stop L7 attacks at L4, before it even enters the data center, for efficient resource (bandwidth and CPU) utilization Integration Seamless integration between security, performance and reliability products 17
Collective Intelligence IP reputation Security level, Under-Attack- Mode and Firewall rules Request reputation machine learning models Engineering expertise Human intelligence experienced in thwarting significant DDoS attacks 18
Fast Mitigation Measure Cloudflare continuously measures a variety of parameters including TCP flows, UDP packets, requests and more, to protect any Internet asset - on-premise or in the cloud Analyze Cloudflare-built automated systems (gatebot and dosd) analyze attack fingerprints, anomalies, rules, blacklists and more, to quickly identify and triage the attack Mitigate Automated systems recommend 400K+ dynamic rules per second for fast mitigation. These rules are applied locally or globally based on the attack type. In addition, customer-defined static rules enable 0s mitigation <10sTime-to-mitigate for L3/4 DDoS attacks 19
Fast Mitigation: Mitigation Process 20
Cost-effective 21 Unlimited and Unmetered DDoS mitigation
Questions? 22
Security Vendor Checklist ☑ Blocks attacks ☑ Large global network + immediate propagation ☑ Fully self-service UI & API ☑ Bundled with additional services (DNS, CDN, Serverless Compute, Bot Mgmt.) ☑ Single Sign On & VPN ☑ User roles / permissions ☑ SIEM / Log integration ☑ Real-time & historical analytics ☑ Real-time alerts ☑ Quick & efficient customer support ☑ Online docs & community
Scan To Learn More Who DDoS’d Austin? Cloudflare for Teams Announcing Magic Transit
Thank You! 25

Empfohlen

Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Stopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaStopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaCloudflare
 
How to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyHow to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyCloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?Cloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 

Empfohlen

Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Stopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaStopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaCloudflare
 
How to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyHow to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyCloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?Cloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsCloudflare
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Web Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest SpeakerWeb Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest SpeakerCloudflare
 
Going Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking InfrastructureGoing Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking InfrastructureCloudflare
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internetCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Disección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeDisección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeCristian Garcia G.
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS ProtectionMarketingArrowECS_CZ
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsCloudflare
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Web Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest SpeakerWeb Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest SpeakerCloudflare
 
Going Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking InfrastructureGoing Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking InfrastructureCloudflare
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internetCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Disección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeDisección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeCristian Garcia G.
 

Was ist angesagt? (20)

Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
 
Authentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of ThingsAuthentication, Security, and Performance for the Internet of Things
Authentication, Security, and Performance for the Internet of Things
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respond
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
Web Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest SpeakerWeb Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
Web Performance Without Sacrificing Security: Featuring Forrester Guest Speaker
 
Going Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking InfrastructureGoing Beyond the Cloud to Modernize Your Banking Infrastructure
Going Beyond the Cloud to Modernize Your Banking Infrastructure
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security Strategy
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teams
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF Provider
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-service
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
Disección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeDisección de amenazas en entornos de nube
Disección de amenazas en entornos de nube
 

Ähnlich wie Stopping DDoS Attacks In South Africa

F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyNexusguard
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxamalouwarda1
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSASrikrupa Srivatsan
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
DETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSDETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSCristian Garcia G.
 
Introduction of Cloudflare Solution for Mobile Payment
Introduction of Cloudflare Solution for Mobile PaymentIntroduction of Cloudflare Solution for Mobile Payment
Introduction of Cloudflare Solution for Mobile PaymentJean Ryu
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Service Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationService Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationCorero Network Security
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 

Ähnlich wie Stopping DDoS Attacks In South Africa (20)

F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
 
DDoS Report.docx
DDoS Report.docxDDoS Report.docx
DDoS Report.docx
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation Strategy
 
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense StrategyBKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
BKNIX Peering Forum 2017 : DDoS Attack Trend and Defense Strategy
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptx
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
 
DETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSDETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUS
 
Introduction of Cloudflare Solution for Mobile Payment
Introduction of Cloudflare Solution for Mobile PaymentIntroduction of Cloudflare Solution for Mobile Payment
Introduction of Cloudflare Solution for Mobile Payment
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS Attack
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Service Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationService Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS Mitigation
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection Solution
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 

Mehr von Cloudflare

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
Don't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarDon't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarCloudflare
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Cloudflare
 
Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cloudflare
 
Accelerate your digital transformation
Accelerate your digital transformationAccelerate your digital transformation
Accelerate your digital transformationCloudflare
 
Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflare
 
Webinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseWebinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseCloudflare
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 

Mehr von Cloudflare (9)

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware appliance
 
Don't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarDon't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable Webinar
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021
 
Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)
 
Accelerate your digital transformation
Accelerate your digital transformationAccelerate your digital transformation
Accelerate your digital transformation
 
Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策
 
Webinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseWebinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in Japanese
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer Games
 

Kürzlich hochgeladen

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

Stopping DDoS Attacks In South Africa

  • 1. Stopping DDoS Attacks In South Africa February 5, 2020 Omer Yoachimik, DDoS Protection Product Manager Chad Toerien, Account Executive, SA 1
  • 2. Omer Yoachimik Product Manager, DDoS Protection omer@cloudflare.com Chad Toerien Account Executive, SA ctoerien@cloudflare.com
  • 3. South Africa: Recent Media Coverage 3
  • 5. South Africa: What Cloudflare Saw 5
  • 6. 6 Unrelated to the media coverage, this is what Cloudflare saw on its networks
  • 7. Highlights of L7 events 7 ● 2.676 billion security events ○ 69% of all traffic to SA during the 11/19 attack ○ Following with 15 smaller attacks ● Top mitigating tools ○ Customer-defined: Firewall rules & Rate-limiting ○ Automatic/intelligent based: Gatebot & Security Level ● Mitigated globally ○ Most attack traffic was blocked in US & Europe ○ SA datacenter continued serving local users
  • 8. 11/19 Attack ● Attacks targeted a gambling sites and news agencies ● Totalled at 1.152 billion requests (69% of all traffic to SA sites at the time) ● Peaked at 185,000 HTTP requests per second ● From over 18K unique IPs 8
  • 9. L3/4 DDoS Attacks on JNB Datacenter ● Peaked just below 600 Kpps ● Top attack vectors: ○ DNS flood (over UDP port 53) ○ SSL flood (port 443) ○ TCP ACK floods to port 443 9
  • 10. Impact of Breaches on Stock Price ● In the long term, breached companies underperformed the market ● After three years, average share price is up by 32.53% but down against the NASDAQ by -13.27% T-Mobile US TJX Companies Huntsworth Adobe Global Payments Royal Bank of Scotland Group Monster Worldwide Vodafone Group Apple
  • 12. 20M+ Internet properties 30 Tbps Of network capacity 200 Cities and 94+ countries 72B Cyber threats blocked each day in Q419 99% Of the Internet-connected population in the developed world population is located within 100 milliseconds of our network Note: Data as of June 28, 2019. Help Build A Better Internet 12
  • 13. PERFORMANCESECURITY RELIABILITY Domain Name System (DNS) Firewall AnalyticsCloudflare AppsServerless ComputePLATFORM IoT Security Cache Mobile Optimization Load Balancing SSL/TLS Secure Origin Connection Rate Limiting Bot Management DDoS Protection Zero Trust Security Intelligent Routing Content Optimization Image Optimization Mobile SDK Anycast Network Virtual Backbone DNS Resolver Always Online Confidential. Copyright © Cloudflare, Inc. An Integrated Global Cloud Platform 13
  • 15. Application Layer 7 Session Layer 5 Presentation Layer 6 Transport Layer 4 Network Layer 3 Datalink Layer 2 Physical Layer 1 Cloudflare DDoS Protection Cloudflare DDoS Protection 15 Layer 7 DDoS Protection Spectrum Magic Transit
  • 17. Secure Edge Architecture LegaLegacy Cloudflare Network Scale Over 30 Tbps of network capacity spanning across 190+ cities enables to mitigate even the largest DDoS attacks Efficiency Stop L7 attacks at L4, before it even enters the data center, for efficient resource (bandwidth and CPU) utilization Integration Seamless integration between security, performance and reliability products 17
  • 18. Collective Intelligence IP reputation Security level, Under-Attack- Mode and Firewall rules Request reputation machine learning models Engineering expertise Human intelligence experienced in thwarting significant DDoS attacks 18
  • 19. Fast Mitigation Measure Cloudflare continuously measures a variety of parameters including TCP flows, UDP packets, requests and more, to protect any Internet asset - on-premise or in the cloud Analyze Cloudflare-built automated systems (gatebot and dosd) analyze attack fingerprints, anomalies, rules, blacklists and more, to quickly identify and triage the attack Mitigate Automated systems recommend 400K+ dynamic rules per second for fast mitigation. These rules are applied locally or globally based on the attack type. In addition, customer-defined static rules enable 0s mitigation <10sTime-to-mitigate for L3/4 DDoS attacks 19
  • 23. Security Vendor Checklist ☑ Blocks attacks ☑ Large global network + immediate propagation ☑ Fully self-service UI & API ☑ Bundled with additional services (DNS, CDN, Serverless Compute, Bot Mgmt.) ☑ Single Sign On & VPN ☑ User roles / permissions ☑ SIEM / Log integration ☑ Real-time & historical analytics ☑ Real-time alerts ☑ Quick & efficient customer support ☑ Online docs & community
  • 24. Scan To Learn More Who DDoS’d Austin? Cloudflare for Teams Announcing Magic Transit