SlideShare ist ein Scribd-Unternehmen logo

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

Als PPTX, PDF herunterladen
PROIDEA
PROIDEA

Adam Obszyński – pracuje w Infoblox jako Senior Systems Engineer odpowiedzialny za CEE. Wcześniej pracował w Cisco, u kilku integratorów (NXO, MCX, ATM) i operatorów (ATMAN, Polbox, Multinet). Posiada doświadczenie w projektowaniu i wdrażaniu rozwiązań sieciowych i aplikacyjnych. W branży od 20 lat. Certyfikowany inżynier CCIE #8557 oraz CISSP. Prowadził prezentacje i warsztaty na wielu konferencjach w kraju i za granicą (m.in. Cisco Live US & EU, Cisco Forum, Cisco Expo, PLNOG). Temat prezentacji:Case Study – Infoblox Advanced DNS Protection Język prezentacji: Polski Abstrakt: Słyszałeś o typach ataków wymienionych poniżej? A może doświadczyłeś ich w swojej sieci? Phantom domain attack NXDomain attack DNS reflection/DrDoS attacks DNS amplification DNS cache poisoning Protocol anomalies DNS tunneling DNS hijacking Na poprzednim PLNOG mówiłem o unikalnej ochronie DNS za pomocą Infoblox ADP. Tym razem opowiem o tym co nowego zrobiliśmy w ramach ochrony DNS oraz zaprezentuje przypadki ze środowisk sieciowych naszych klientów. Opowiem co się działo w sieci klientów i jak uporaliśmy się z problemami ataków na DNS. Rozwiązanie Advanced DNS Protection od Infoblox dostarcza kompleksowe rozwiązanie do ochrony przed wieloma atakami na usługi DNS. System w inteligentny sposób odróżnia poprawny ruch DNS od złośliwego ruchu DDoS generowanego przez atakujących, takich jak DNS, exploity i słabości. Automatycznie usuwa ruch atakujący podczas gdy z pełną wydajnością odpowiada na poprawny ruch DNS. Ponadto, Advanced DNS Protection otrzymuje automatyczne aktualizacje swoich polityk/reguł, zapewniając stałą ochronę przed wszelkimi nowościami w tej dziedzinie. Infoblox jest pierwszym i jedynym producentem, który oferuje tak wyjątkowe i unkalne rozwiązanie dla najwyższej ochrony krytycznych usług DNS. Więcej szczegółów o rozwiązaniach dla operatorów: www.infoblox.com/sp

Internet
1 von 39
Infoblox Advanced DNS Protection Case Study Adam Obszyński | CEE SE PLNOG13 2014.09.29 1 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Agenda 1 DNS in the news 2 DNS: How to prepare? 3 ADP What’s new? 4 ADP Stories 2 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Infoblox and Service Providers Dedicated SP product line • Leads Industry with >1M DNS qps and Advanced DDoS protection • Carrier-grade solution adopted at major Tier 1 providers 220+ Service Providers; 55,000+ systems shipped; 7000+ Enterprises 3 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 3 Dedicated SP Business Unit • EVP from Juniper, Cisco carrier sales • Dedicated Sales, SEs, Marketing, Engineering, Product Mgmt Market leadership • #1 in DNS Caching; First DNS Firewall • Competition in decline IPO April 2012 NYSE (BLOX) $225M Revenue; $2B Market Cap Total Revenue (Fiscal Year Ending July 31) $35.0 $56.0 $61.7 $102.2 $132.8 $169.2 $225.0 $250 $200 $150 $100 $50 $0 FY2007 FY2008 FY2009 FY2010 FY2011 FY2012 FY2013
The Problem DNS is one of the fastest growing attack vectors 4 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Traditional protection is ineffective against evolving threats DNS outage causes network downtime, loss of revenue, and negative brand impact Unprotected DNS infrastructure introduces security risks
DNS Hijackings: 2013 & 2014 5 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
How DNS DDoS is Becoming Easier Attack Apps Being Built • DDoS attacks against major U.S. financial institutions • Launching (DDoS) taking advantage of server bandwidth • 4 types of DDoS attacks: ̶ DNS amplification ̶ Spoofed SYN ̶ Spoofed UDP ̶ HTTP+ proxy support • Script offered for $600-800 6 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Malware/APT Requires DNS Every step of malware life cycle relies on DNS Infection Download Exfiltration 7 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. DNS server Query a malicious domain Query the ‘call home server’ Query Exfiltration destinations
The Rising Tide of DNS Threats Are You Prepared? 8 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. The bottom line is “Organizations should invest in protecting their DNS infrastructure.” – Gartner5 5. Leverage Your Network Design to Mitigate DDoS Attacks, Report ID G00253330, Gartner, July 2013
Advanced DNS Protection: Defend Against DNS Attacks Protection against the Widest Range of DNS Attacks Threat Adapt Technology 9 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. • Intelligently defends against widest range of attacks to ensure secure, resilient, and trustworthy DNS services • Blocks attacks while continuing to respond to legitimate DNS requests • Continuously adapts to evolving threats; automatically updates protection without patching or downtime • Uses latest threat intelligence from analysis and research, and new threats seen in customer networks • Morphs protection to reflect DNS configuration changes Quick Deployment • Deploys easily and runs in any environment • Immediately starts blocking attacks—even if an attack is already in progress
Infoblox Differentiation and Value Infoblox Advanced DNS Protection 10 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Load Balancers Pure DDoS Next-gen Firewalls IPS Cloud Dedicated compute for threat mitigation General DDoS DNS DDoS DNS amplification DNS reflection DNS server OS and application vulnerabilities DNS semantic attacks Cache poisoning DNS tunneling DNS hijacking Volumetric/DDoS Attacks DNS-specific Exploits
DNS Protection is Not Just About DDoS DNS reflection/DrDoS attacks 11 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Using third-party DNS servers (mostly open resolvers) to propagate a DoS or DDoS attack DNS amplification Using a specially crafted query to create an amplified response to flood the victim with traffic TCP/UDP/ICMP floods Denial of service on layer 3 or 4 by bringing a network or service down by flooding it with large amounts of traffic DNS-based exploits Attacks that exploit bugs or vulnerabilities in the DNS software DNS cache poisoning Corruption of DNS server cache data with a rogue domain or IP Protocol anomalies Causing the server to crash by sending malformed DNS packets and queries Reconnaissance Attempts by hackers to get information on the network environment before launching a DDoS or other type of attack DNS tunneling Tunneling of another protocol through DNS port 53 for malware insertion and/or data exfiltration Volumetric/DDoS Attacks DNS hijacking Modifying the DNS record settings to point to a rogue DNS server or domain NXDomain attack Attacks that flood DNS server with requests for non-existent domains, causing it to send NXDomain (non-existent domain) responses Phantom domain attack Attacks where a DNS resolver is forced to resolve multiple non-existent domains, causing it to consume resources while waiting for responses DNS-specific Exploits
12 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Advanced Appliances - Four Models Performance: 50 000 qps 143 000 qps 200 000 qps Authoritative & Cache HW Protect HW Protect HW Protect Caching / Recursive ONLY Done in Hardware Advanced Appliances have next-generation programmable processors that provide dedicated compute for threat mitigation. The appliances offer both AC and DC power supply options. 13 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 500 000 qps (ADP) 1 000 000 qps HW Caching & HW Protect
Deployment Options 14 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 1 Enterprise External Authoritative Caching & Internal Service Provider Caching Hosted/Ext. Authoritative • Advanced appliances PT-1400, PT-2200, PT-4000 can be used in both authoritative and recursive DNS deployments • 4030 appliances offer ‘DNS Hardware Cache Acceleration’ for Caching/Recursive and offer protection against attacks on caching servers
DNS Caching Protection against Attacks on DNS Caching Servers Data Center GRID Master and Candidate (HA) INTERNET Advanced DNS Protection can secure the DNS Caching layer against internal or 15 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. externally generated threats INFRASTRUCTURE - Data Center, - Disaster recovery site(s) Endpoints IB-4030 + Advanced DNS Protection IB-4030 + Advanced DNS Protection
DNS Caching Protection against attacks on caching servers • Large number of bots make more requests of the DNS server than it can handle • Causes the DNS server to drop inbound DNS requests Advanced DNS Protection can secure DNS Caching Servers from DNS Floods 16 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. and other threats
Internal DNS (Service Provider IT) Protection against Internal Attacks on Recursive Servers Advanced DNS Protection can secure internal DNS environments where internal 17 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. user traffic is hostile Data Center GRID Master and Candidate (HA) INTRANET - Campus office - Regional office(s) - Disaster recovery site(s) Endpoints Advanced DNS Protection Advanced DNS Protection
Secure DNS Deployment 18 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Centralized Visibility: Reporting Intelligence Needed to Take Action • Attack details by category, member, rule, severity, and time • Visibility into source of attacks for blocking, to understand scope and severity • Early identification and isolation of issues for corrective action 19 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
20 © 2013 Infoblox | 2014 IInncc.. AA2llll RRiigghhttss RReesseerrvveedd.. 0 © 2013 Infoblox Inc. All Rights Reserved. SIEM / Syslog LOGGING • Threat Protection events are logged to syslog using CEF format e.g 2014-09-05T03:24:59+00:00 daemon (none) threat-protect-log[5986]: err CEF:0|Infoblox|NIOS Threat|6.10.0- 225023|5053001|Blacklist:abc.com|7|src=10.32.2.52 spt=45242 dst=10.35.1.98 dpt=53 act="DROP" cat="BLACKLIST FQDN lookup UDP" - Syslog severity: Error (Corresponds to rule severity “Major”) - Device product: NIOS Threat - NIOS version: 6.10.0-225023 - Rule ID: 5053001 - Rule name: Blacklist:abc.com - CEF Severity: 7 - Source IP address: 10.32.2.52 - Source Port: 45242 - Destination IP address: 10.35.1.98 - Destination port: 53 - Action: Drop - Rule category: Blacklist FQDN lookup UDP 20
21 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Co NOWEGO?
Monitor mode • What is it? ̶ This is like the ‘what-if’ mode where the product will function by generating logs and dashboard to drop the packets that are malicious and will trigger attack detection. However, it will not actually drop any packets. So the result is as if the box is put in the monitor only mode. ̶ Caution: There is no actual mitigation for the attack. This is Passive mode more/less like IDS. 22 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
4030 & PT-xxxx: NIC Failover • Problem to be solved ̶ Provides port level protection on IB-4030/PT appliances • Feature Description ̶ Allows user configure LAN1 and LAN2 in ACTIVE-PASSIVE mode: - Provides port-level (layer-2) redundancy between LAN1 and LAN2 ports on appliances. - If a link to one of the ports fails, the appliance will fail over to the other port, avoiding a service disruption. • Benefit ̶ Improves the overall product resiliency 23 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
High Availability Failover (VRRP) for 4030 & ADP 24 © 2013 Infoblox | © 20 124 I0nfo1bl3ox IInnIccn.. AAflloll RRbiigghhlottss xRRee ssIeenrrvveecdd... All 2
Nxdomain - Rate limiting • What is it? ̶ There are attacks that cause the DNS servers in recursion mode to be overwhelmed due to the need to do NXdomain for non existent domain requests generated by the attacker. ̶ If a client has generated a large number of Nxdomain responses, we block requests coming from that particular client for a configurable period of time. • How can NXdomain rate limiting help? ̶ Clients generating this response are blocked so other legit DNS queries are addressed. ̶ Rate limiting on the NXdomain can prevent the outbound WAN bandwidth choke in case the server is being used as an attacker. 25 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Black listed domain names • What are black list domains? ̶ Independently, Infoblox research team that writes the threat rules receives Peta bytes of traffic from various tap ports from different geo locations mine this data to figure out the bad/phantom domains that showed symptoms of these types of attacks. ̶ As a result of this effort, we are updating Threat rules ruleset with these newly identified bad domains. • From customer's perspective ̶ All you need is to keep the subscription updates ON. This will automatically add new domains to the rule set. 26 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
DNS Integrity: Check • What it is? ̶ Provides a way to check parent name servers to ensure that domains are not hijacked ensuring DNS integrity. • Where it is application ̶ This is a feature that is useful for all our authoritative DNS server use cases. ̶ This feature applies to authoritative servers and only checks for top level domains (TLDs). • Notification provided by ̶ Syslog ̶ Email notification ̶ SNMP notification ̶ Dashboard 27 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
DNS Integrity: Types of alerts • There may be different types of discrepancies between the parent and the authoritative NS RRs. They could be of type: ̶ CRITICAL- Where the authoritative and the delegated NS RRsets are completely disjoint (the New York Times attack use case). Disjoint set- {A} {D} ̶ SEVERE- Authoritative and delegated NS RRsets overlap but are different. (This is a use case of partial compromise or honest mistake of broken delegation.) Slight overlap- {A {overlap} D} ̶ WARNING- Authoritative NS RRset is a subset of the delegated RRset. (Possibility of someone adding the wrong IP address to the list at the registrar) A as a subset of D- {D(A)} ̶ INFORMATIONAL- Delegated NS RRset is a subset of the authoritative RRset. (Use case where there is a delay in registration.) D as a subset of A- {A(D)} 28 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Czas na opowieść 29 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. http://mlpeters.com
For Whom the Bell Tolls? • Support ticket for DNS under stress? • Name of the company in the news  • Compliance requirements? ̶ Finance and Banking! • Insurance & Risk 30 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
If not ADP - Options Today? • Over provisioning infrastructure ̶ Costly, in-efficient • Put an IPS device or a next-gen firewall in front of DNS server ̶ +1 point of failure, turning on so many services is compute intensive ̶ No deep understanding of DNS protocol ̶ No deep DNS specific attack coverage • Cloud based solutions ̶ Basic rate limiting, focused on volumetric attacks ̶ Privacy concerns (and data mining concerns) ̶ Latency 31 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
A jaka będzie twoja 32 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. historia? http://mlpeters.com
Zapraszam na sesję o DNSSEC. Wtorek: 33 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Plotki w sieci. Czyli gdzie warto zajrzeć? 34 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
DNS Security Risk Assessment 1. Analyzes an organization’s DNS setup to assess level of risk of exposure to DNS threats 2. Provides DNS Security Risk Score and analysis based on answers given 3. www.infoblox.com/dnssecurityscore Higher the score, higher the DNS Security Risk!! 35 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Best Practices Poster http://www.infoblox.com/downloads/resources/securing-dns-best-practices 36 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
37 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
Videos 38 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. • Advanced DNS Protection Demo • Provide technical validation – show what UI looks like before and during simulated attacks, • Show fine-tuning capabilities and reports • https://www.youtube.com/watch?v=Mg6jC7ljtnw • Executive Video • Provide technical validation – show that Advanced DNS Protection responds to all of the “good” DNS queries even under attack, while BIND and Microsoft get overwhelmed • https://www.youtube.com/watch?v=PR6Sv-buoP8
39 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Q&A

Empfohlen

Distributed Ledger PowerPoint Presentation Slides
Distributed Ledger PowerPoint Presentation SlidesDistributed Ledger PowerPoint Presentation Slides
Distributed Ledger PowerPoint Presentation Slides
SlideTeam
 
Public ripple (payment protocol) for blockchain - Anil Nayak
Public ripple (payment protocol) for blockchain - Anil NayakPublic ripple (payment protocol) for blockchain - Anil Nayak
Public ripple (payment protocol) for blockchain - Anil Nayak
Anil Nayak
 
Ripple for Financial Institutions
Ripple for Financial InstitutionsRipple for Financial Institutions
Ripple for Financial Institutions
XRPTalk
 
Ripple – payment protocol
Ripple – payment protocolRipple – payment protocol
Ripple – payment protocol
Nikhil Bhide
 
Blockchain - HyperLedger Fabric
Blockchain - HyperLedger FabricBlockchain - HyperLedger Fabric
Blockchain - HyperLedger Fabric
Araf Karsh Hamid
 
Real time trade surveillance in financial markets
Real time trade surveillance in financial marketsReal time trade surveillance in financial markets
Real time trade surveillance in financial markets
Hortonworks
 
Anti Money Laundering Framework
Anti Money Laundering FrameworkAnti Money Laundering Framework
Anti Money Laundering Framework
nikatmalik
 
Data driven approach to KYC
Data driven approach to KYCData driven approach to KYC
Data driven approach to KYC
Pankaj Baid
 

Empfohlen

Distributed Ledger PowerPoint Presentation Slides
Distributed Ledger PowerPoint Presentation SlidesDistributed Ledger PowerPoint Presentation Slides
Distributed Ledger PowerPoint Presentation Slides
SlideTeam
 
Public ripple (payment protocol) for blockchain - Anil Nayak
Public ripple (payment protocol) for blockchain - Anil NayakPublic ripple (payment protocol) for blockchain - Anil Nayak
Public ripple (payment protocol) for blockchain - Anil Nayak
Anil Nayak
 
Ripple for Financial Institutions
Ripple for Financial InstitutionsRipple for Financial Institutions
Ripple for Financial Institutions
XRPTalk
 
Ripple – payment protocol
Ripple – payment protocolRipple – payment protocol
Ripple – payment protocol
Nikhil Bhide
 
Blockchain - HyperLedger Fabric
Blockchain - HyperLedger FabricBlockchain - HyperLedger Fabric
Blockchain - HyperLedger Fabric
Araf Karsh Hamid
 
Real time trade surveillance in financial markets
Real time trade surveillance in financial marketsReal time trade surveillance in financial markets
Real time trade surveillance in financial markets
Hortonworks
 
Anti Money Laundering Framework
Anti Money Laundering FrameworkAnti Money Laundering Framework
Anti Money Laundering Framework
nikatmalik
 
Data driven approach to KYC
Data driven approach to KYCData driven approach to KYC
Data driven approach to KYC
Pankaj Baid
 
List of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain TechnologyList of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain Technology
101 Blockchains
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture
Solace
 
IP Address Management Best Practices
IP Address Management Best PracticesIP Address Management Best Practices
IP Address Management Best Practices
SolarWinds
 
Apache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial ServicesApache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial Services
confluent
 
Software Defined Networks
Software Defined NetworksSoftware Defined Networks
Software Defined Networks
Shreeya Shah
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
Hernan Huwyler
 
Why Treasurers Should Adopt Multilateral Netting
Why Treasurers Should Adopt Multilateral NettingWhy Treasurers Should Adopt Multilateral Netting
Why Treasurers Should Adopt Multilateral Netting
Kyriba Corporation
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WAN
Toshal Dudhwala
 
DDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacksDDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacks
MyNOG
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
HostedbyConfluent
 
Introduction to sandvine dpi
Introduction to sandvine dpiIntroduction to sandvine dpi
Introduction to sandvine dpi
Mohammed Abdallah
 
Global Payment System- Reference Architecture
Global Payment System- Reference ArchitectureGlobal Payment System- Reference Architecture
Global Payment System- Reference Architecture
Ramadas MV
 
IT Service Intelligence Hands On
IT Service Intelligence Hands OnIT Service Intelligence Hands On
IT Service Intelligence Hands On
Splunk
 
Challenges in AML Implementation in Bangladesh
Challenges in AML Implementation in Bangladesh Challenges in AML Implementation in Bangladesh
Challenges in AML Implementation in Bangladesh
Abhishek Bali
 
Event Driven Architecture
Event Driven ArchitectureEvent Driven Architecture
Event Driven Architecture
Chris Patterson
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
 
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Clare Nelson, CISSP, CIPP-E
 
Implementing error budgets
Implementing error budgetsImplementing error budgets
Implementing error budgets
Yaroslav Molochko
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQ
Araf Karsh Hamid
 
Elements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and RelationshipsElements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and Relationships
Alessa
 
PLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new Down
PROIDEA
 
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
PROIDEA
 

Weitere ähnliche Inhalte

Was ist angesagt?

List of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain TechnologyList of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain Technology
101 Blockchains
 
Apache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial ServicesApache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial Services
confluent
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
HostedbyConfluent
 
Global Payment System- Reference Architecture
Global Payment System- Reference ArchitectureGlobal Payment System- Reference Architecture
Global Payment System- Reference Architecture
Ramadas MV
 
Elements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and RelationshipsElements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and Relationships
Alessa
 

Was ist angesagt? (20)

List of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain TechnologyList of Top 50 Companies Using Blockchain Technology
List of Top 50 Companies Using Blockchain Technology
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture
 
IP Address Management Best Practices
IP Address Management Best PracticesIP Address Management Best Practices
IP Address Management Best Practices
 
Apache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial ServicesApache Kafka® Use Cases for Financial Services
Apache Kafka® Use Cases for Financial Services
 
Software Defined Networks
Software Defined NetworksSoftware Defined Networks
Software Defined Networks
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
 
Why Treasurers Should Adopt Multilateral Netting
Why Treasurers Should Adopt Multilateral NettingWhy Treasurers Should Adopt Multilateral Netting
Why Treasurers Should Adopt Multilateral Netting
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WAN
 
DDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacksDDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacks
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
 
Introduction to sandvine dpi
Introduction to sandvine dpiIntroduction to sandvine dpi
Introduction to sandvine dpi
 
Global Payment System- Reference Architecture
Global Payment System- Reference ArchitectureGlobal Payment System- Reference Architecture
Global Payment System- Reference Architecture
 
IT Service Intelligence Hands On
IT Service Intelligence Hands OnIT Service Intelligence Hands On
IT Service Intelligence Hands On
 
Challenges in AML Implementation in Bangladesh
Challenges in AML Implementation in Bangladesh Challenges in AML Implementation in Bangladesh
Challenges in AML Implementation in Bangladesh
 
Event Driven Architecture
Event Driven ArchitectureEvent Driven Architecture
Event Driven Architecture
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
 
Implementing error budgets
Implementing error budgetsImplementing error budgets
Implementing error budgets
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQ
 
Elements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and RelationshipsElements of Customer Risk: Profiles and Relationships
Elements of Customer Risk: Profiles and Relationships
 

Andere mochten auch

PLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new Down
PROIDEA
 
4Developers: Kacper Gunia- Embrace Events and let CRUD die
4Developers: Kacper Gunia- Embrace Events and let CRUD die4Developers: Kacper Gunia- Embrace Events and let CRUD die
4Developers: Kacper Gunia- Embrace Events and let CRUD die
PROIDEA
 
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption TheoryAtmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
PROIDEA
 
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firmaPLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
PROIDEA
 
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And ProfitJDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
PROIDEA
 
JDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
JDD 2016 - Tomasz Lelek - Machine Learning With Apache SparkJDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
JDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
PROIDEA
 
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go WrongJDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
PROIDEA
 

Andere mochten auch (17)

PLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new Down
 
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
JDD2014: Behaviour driven development, BDD, with cucumber for JAVA - Thomas S...
 
PLNOG 17 - Grzegorz Kornacki - F5 and OpenStack
PLNOG 17 - Grzegorz Kornacki - F5 and OpenStackPLNOG 17 - Grzegorz Kornacki - F5 and OpenStack
PLNOG 17 - Grzegorz Kornacki - F5 and OpenStack
 
4Developers: Kacper Gunia- Embrace Events and let CRUD die
4Developers: Kacper Gunia- Embrace Events and let CRUD die4Developers: Kacper Gunia- Embrace Events and let CRUD die
4Developers: Kacper Gunia- Embrace Events and let CRUD die
 
[CONFidence 2016] Andrey Plastunov - Simple bugs to pwn the devs
[CONFidence 2016] Andrey Plastunov - Simple bugs to pwn the devs [CONFidence 2016] Andrey Plastunov - Simple bugs to pwn the devs
[CONFidence 2016] Andrey Plastunov - Simple bugs to pwn the devs
 
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption TheoryAtmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
Atmosphere 2016 - Berk Dulger - DevOps Tactical Adoption Theory
 
JDD 2016 - Maciej Hryszniak - Webpack and Friends
JDD 2016 - Maciej Hryszniak - Webpack and FriendsJDD 2016 - Maciej Hryszniak - Webpack and Friends
JDD 2016 - Maciej Hryszniak - Webpack and Friends
 
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
 
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firmaPLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
PLNOG 17 - Michał Rosiak - Świadomy Klient to bezpieczna firma
 
PLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurachPLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurach
 
PLNOG 17 - Emil Gągała - DMZ po nowemu - krok po kroku - jak uruchomić SDN w ...
PLNOG 17 - Emil Gągała - DMZ po nowemu - krok po kroku - jak uruchomić SDN w ...PLNOG 17 - Emil Gągała - DMZ po nowemu - krok po kroku - jak uruchomić SDN w ...
PLNOG 17 - Emil Gągała - DMZ po nowemu - krok po kroku - jak uruchomić SDN w ...
 
DOD 2016 - Kamil Szczygieł - Patching 100 OpenStack Compute Nodes with Zero-d...
DOD 2016 - Kamil Szczygieł - Patching 100 OpenStack Compute Nodes with Zero-d...DOD 2016 - Kamil Szczygieł - Patching 100 OpenStack Compute Nodes with Zero-d...
DOD 2016 - Kamil Szczygieł - Patching 100 OpenStack Compute Nodes with Zero-d...
 
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
 
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And ProfitJDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
JDD 2016 - Pawel Szulc - Writing Your Wwn RDD For Fun And Profit
 
JDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
JDD 2016 - Tomasz Lelek - Machine Learning With Apache SparkJDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
JDD 2016 - Tomasz Lelek - Machine Learning With Apache Spark
 
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go WrongJDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
JDD 2016 - Grzegorz Rozniecki - Java 8 What Could Possibly Go Wrong
 
JDD 2016 - Jedrzej Dabrowa - Distributed System Fault Injection Testing With ...
JDD 2016 - Jedrzej Dabrowa - Distributed System Fault Injection Testing With ...JDD 2016 - Jedrzej Dabrowa - Distributed System Fault Injection Testing With ...
JDD 2016 - Jedrzej Dabrowa - Distributed System Fault Injection Testing With ...
 

Ähnlich wie PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

Building Resilient Applications with Cloudflare DNS
Building Resilient Applications with Cloudflare DNSBuilding Resilient Applications with Cloudflare DNS
Building Resilient Applications with Cloudflare DNS
DevOps.com
 
The DNS of Things
The DNS of ThingsThe DNS of Things
The DNS of Things
F5 Networks
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
Haltdos
 

Ähnlich wie PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection (20)

Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS Protection
 
Infoblox Secure DNS Solution
Infoblox Secure DNS SolutionInfoblox Secure DNS Solution
Infoblox Secure DNS Solution
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
 
Denial of Service - Service Provider Overview
Denial of Service - Service Provider OverviewDenial of Service - Service Provider Overview
Denial of Service - Service Provider Overview
 
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr Wojciechowski
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMCómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
 
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
SecurityDAM - Hybrid DDoS Protection for MSSPs and Enterprises (Infosecurity ...
 
Building Resilient Applications with Cloudflare DNS
Building Resilient Applications with Cloudflare DNSBuilding Resilient Applications with Cloudflare DNS
Building Resilient Applications with Cloudflare DNS
 
F5 Intelligent DNS Scale
F5 Intelligent DNS ScaleF5 Intelligent DNS Scale
F5 Intelligent DNS Scale
 
F5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS Scale
 
DNS DDoS Attack and Risk
DNS DDoS Attack and RiskDNS DDoS Attack and Risk
DNS DDoS Attack and Risk
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
 
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security toolInfoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security tool
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation Strategy
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 
PLNOG16: DNS – przyjaciel e-szpiegów i e-złodziei. Analityka w służbie jej DN...
PLNOG16: DNS – przyjaciel e-szpiegów i e-złodziei. Analityka w służbie jej DN...PLNOG16: DNS – przyjaciel e-szpiegów i e-złodziei. Analityka w służbie jej DN...
PLNOG16: DNS – przyjaciel e-szpiegów i e-złodziei. Analityka w służbie jej DN...
 
The DNS of Things
The DNS of ThingsThe DNS of Things
The DNS of Things
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
 
Intelligent DNS Scale
Intelligent DNS ScaleIntelligent DNS Scale
Intelligent DNS Scale
 

Kürzlich hochgeladen

VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
kojalkojal131
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
SUHANI PANDEY
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
tanu pandey
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
Escorts Call Girls
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Delhi Call girls
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
nilamkumrai
 

Kürzlich hochgeladen (20)

VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 

PLNOG 13: Adam Obszyński: Case Study – Infoblox Advanced DNS Protection

  • 1. Infoblox Advanced DNS Protection Case Study Adam Obszyński | CEE SE PLNOG13 2014.09.29 1 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 2. Agenda 1 DNS in the news 2 DNS: How to prepare? 3 ADP What’s new? 4 ADP Stories 2 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 3. Infoblox and Service Providers Dedicated SP product line • Leads Industry with >1M DNS qps and Advanced DDoS protection • Carrier-grade solution adopted at major Tier 1 providers 220+ Service Providers; 55,000+ systems shipped; 7000+ Enterprises 3 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 3 Dedicated SP Business Unit • EVP from Juniper, Cisco carrier sales • Dedicated Sales, SEs, Marketing, Engineering, Product Mgmt Market leadership • #1 in DNS Caching; First DNS Firewall • Competition in decline IPO April 2012 NYSE (BLOX) $225M Revenue; $2B Market Cap Total Revenue (Fiscal Year Ending July 31) $35.0 $56.0 $61.7 $102.2 $132.8 $169.2 $225.0 $250 $200 $150 $100 $50 $0 FY2007 FY2008 FY2009 FY2010 FY2011 FY2012 FY2013
  • 4. The Problem DNS is one of the fastest growing attack vectors 4 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Traditional protection is ineffective against evolving threats DNS outage causes network downtime, loss of revenue, and negative brand impact Unprotected DNS infrastructure introduces security risks
  • 5. DNS Hijackings: 2013 & 2014 5 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 6. How DNS DDoS is Becoming Easier Attack Apps Being Built • DDoS attacks against major U.S. financial institutions • Launching (DDoS) taking advantage of server bandwidth • 4 types of DDoS attacks: ̶ DNS amplification ̶ Spoofed SYN ̶ Spoofed UDP ̶ HTTP+ proxy support • Script offered for $600-800 6 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 7. Malware/APT Requires DNS Every step of malware life cycle relies on DNS Infection Download Exfiltration 7 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. DNS server Query a malicious domain Query the ‘call home server’ Query Exfiltration destinations
  • 8. The Rising Tide of DNS Threats Are You Prepared? 8 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. The bottom line is “Organizations should invest in protecting their DNS infrastructure.” – Gartner5 5. Leverage Your Network Design to Mitigate DDoS Attacks, Report ID G00253330, Gartner, July 2013
  • 9. Advanced DNS Protection: Defend Against DNS Attacks Protection against the Widest Range of DNS Attacks Threat Adapt Technology 9 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. • Intelligently defends against widest range of attacks to ensure secure, resilient, and trustworthy DNS services • Blocks attacks while continuing to respond to legitimate DNS requests • Continuously adapts to evolving threats; automatically updates protection without patching or downtime • Uses latest threat intelligence from analysis and research, and new threats seen in customer networks • Morphs protection to reflect DNS configuration changes Quick Deployment • Deploys easily and runs in any environment • Immediately starts blocking attacks—even if an attack is already in progress
  • 10. Infoblox Differentiation and Value Infoblox Advanced DNS Protection 10 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Load Balancers Pure DDoS Next-gen Firewalls IPS Cloud Dedicated compute for threat mitigation General DDoS DNS DDoS DNS amplification DNS reflection DNS server OS and application vulnerabilities DNS semantic attacks Cache poisoning DNS tunneling DNS hijacking Volumetric/DDoS Attacks DNS-specific Exploits
  • 11. DNS Protection is Not Just About DDoS DNS reflection/DrDoS attacks 11 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Using third-party DNS servers (mostly open resolvers) to propagate a DoS or DDoS attack DNS amplification Using a specially crafted query to create an amplified response to flood the victim with traffic TCP/UDP/ICMP floods Denial of service on layer 3 or 4 by bringing a network or service down by flooding it with large amounts of traffic DNS-based exploits Attacks that exploit bugs or vulnerabilities in the DNS software DNS cache poisoning Corruption of DNS server cache data with a rogue domain or IP Protocol anomalies Causing the server to crash by sending malformed DNS packets and queries Reconnaissance Attempts by hackers to get information on the network environment before launching a DDoS or other type of attack DNS tunneling Tunneling of another protocol through DNS port 53 for malware insertion and/or data exfiltration Volumetric/DDoS Attacks DNS hijacking Modifying the DNS record settings to point to a rogue DNS server or domain NXDomain attack Attacks that flood DNS server with requests for non-existent domains, causing it to send NXDomain (non-existent domain) responses Phantom domain attack Attacks where a DNS resolver is forced to resolve multiple non-existent domains, causing it to consume resources while waiting for responses DNS-specific Exploits
  • 12. 12 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 13. Advanced Appliances - Four Models Performance: 50 000 qps 143 000 qps 200 000 qps Authoritative & Cache HW Protect HW Protect HW Protect Caching / Recursive ONLY Done in Hardware Advanced Appliances have next-generation programmable processors that provide dedicated compute for threat mitigation. The appliances offer both AC and DC power supply options. 13 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 500 000 qps (ADP) 1 000 000 qps HW Caching & HW Protect
  • 14. Deployment Options 14 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. 1 Enterprise External Authoritative Caching & Internal Service Provider Caching Hosted/Ext. Authoritative • Advanced appliances PT-1400, PT-2200, PT-4000 can be used in both authoritative and recursive DNS deployments • 4030 appliances offer ‘DNS Hardware Cache Acceleration’ for Caching/Recursive and offer protection against attacks on caching servers
  • 15. DNS Caching Protection against Attacks on DNS Caching Servers Data Center GRID Master and Candidate (HA) INTERNET Advanced DNS Protection can secure the DNS Caching layer against internal or 15 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. externally generated threats INFRASTRUCTURE - Data Center, - Disaster recovery site(s) Endpoints IB-4030 + Advanced DNS Protection IB-4030 + Advanced DNS Protection
  • 16. DNS Caching Protection against attacks on caching servers • Large number of bots make more requests of the DNS server than it can handle • Causes the DNS server to drop inbound DNS requests Advanced DNS Protection can secure DNS Caching Servers from DNS Floods 16 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. and other threats
  • 17. Internal DNS (Service Provider IT) Protection against Internal Attacks on Recursive Servers Advanced DNS Protection can secure internal DNS environments where internal 17 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. user traffic is hostile Data Center GRID Master and Candidate (HA) INTRANET - Campus office - Regional office(s) - Disaster recovery site(s) Endpoints Advanced DNS Protection Advanced DNS Protection
  • 18. Secure DNS Deployment 18 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 19. Centralized Visibility: Reporting Intelligence Needed to Take Action • Attack details by category, member, rule, severity, and time • Visibility into source of attacks for blocking, to understand scope and severity • Early identification and isolation of issues for corrective action 19 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 20. 20 © 2013 Infoblox | 2014 IInncc.. AA2llll RRiigghhttss RReesseerrvveedd.. 0 © 2013 Infoblox Inc. All Rights Reserved. SIEM / Syslog LOGGING • Threat Protection events are logged to syslog using CEF format e.g 2014-09-05T03:24:59+00:00 daemon (none) threat-protect-log[5986]: err CEF:0|Infoblox|NIOS Threat|6.10.0- 225023|5053001|Blacklist:abc.com|7|src=10.32.2.52 spt=45242 dst=10.35.1.98 dpt=53 act="DROP" cat="BLACKLIST FQDN lookup UDP" - Syslog severity: Error (Corresponds to rule severity “Major”) - Device product: NIOS Threat - NIOS version: 6.10.0-225023 - Rule ID: 5053001 - Rule name: Blacklist:abc.com - CEF Severity: 7 - Source IP address: 10.32.2.52 - Source Port: 45242 - Destination IP address: 10.35.1.98 - Destination port: 53 - Action: Drop - Rule category: Blacklist FQDN lookup UDP 20
  • 21. 21 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Co NOWEGO?
  • 22. Monitor mode • What is it? ̶ This is like the ‘what-if’ mode where the product will function by generating logs and dashboard to drop the packets that are malicious and will trigger attack detection. However, it will not actually drop any packets. So the result is as if the box is put in the monitor only mode. ̶ Caution: There is no actual mitigation for the attack. This is Passive mode more/less like IDS. 22 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 23. 4030 & PT-xxxx: NIC Failover • Problem to be solved ̶ Provides port level protection on IB-4030/PT appliances • Feature Description ̶ Allows user configure LAN1 and LAN2 in ACTIVE-PASSIVE mode: - Provides port-level (layer-2) redundancy between LAN1 and LAN2 ports on appliances. - If a link to one of the ports fails, the appliance will fail over to the other port, avoiding a service disruption. • Benefit ̶ Improves the overall product resiliency 23 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 24. High Availability Failover (VRRP) for 4030 & ADP 24 © 2013 Infoblox | © 20 124 I0nfo1bl3ox IInnIccn.. AAflloll RRbiigghhlottss xRRee ssIeenrrvveecdd... All 2
  • 25. Nxdomain - Rate limiting • What is it? ̶ There are attacks that cause the DNS servers in recursion mode to be overwhelmed due to the need to do NXdomain for non existent domain requests generated by the attacker. ̶ If a client has generated a large number of Nxdomain responses, we block requests coming from that particular client for a configurable period of time. • How can NXdomain rate limiting help? ̶ Clients generating this response are blocked so other legit DNS queries are addressed. ̶ Rate limiting on the NXdomain can prevent the outbound WAN bandwidth choke in case the server is being used as an attacker. 25 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 26. Black listed domain names • What are black list domains? ̶ Independently, Infoblox research team that writes the threat rules receives Peta bytes of traffic from various tap ports from different geo locations mine this data to figure out the bad/phantom domains that showed symptoms of these types of attacks. ̶ As a result of this effort, we are updating Threat rules ruleset with these newly identified bad domains. • From customer's perspective ̶ All you need is to keep the subscription updates ON. This will automatically add new domains to the rule set. 26 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 27. DNS Integrity: Check • What it is? ̶ Provides a way to check parent name servers to ensure that domains are not hijacked ensuring DNS integrity. • Where it is application ̶ This is a feature that is useful for all our authoritative DNS server use cases. ̶ This feature applies to authoritative servers and only checks for top level domains (TLDs). • Notification provided by ̶ Syslog ̶ Email notification ̶ SNMP notification ̶ Dashboard 27 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 28. DNS Integrity: Types of alerts • There may be different types of discrepancies between the parent and the authoritative NS RRs. They could be of type: ̶ CRITICAL- Where the authoritative and the delegated NS RRsets are completely disjoint (the New York Times attack use case). Disjoint set- {A} {D} ̶ SEVERE- Authoritative and delegated NS RRsets overlap but are different. (This is a use case of partial compromise or honest mistake of broken delegation.) Slight overlap- {A {overlap} D} ̶ WARNING- Authoritative NS RRset is a subset of the delegated RRset. (Possibility of someone adding the wrong IP address to the list at the registrar) A as a subset of D- {D(A)} ̶ INFORMATIONAL- Delegated NS RRset is a subset of the authoritative RRset. (Use case where there is a delay in registration.) D as a subset of A- {A(D)} 28 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 29. Czas na opowieść 29 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. http://mlpeters.com
  • 30. For Whom the Bell Tolls? • Support ticket for DNS under stress? • Name of the company in the news  • Compliance requirements? ̶ Finance and Banking! • Insurance & Risk 30 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 31. If not ADP - Options Today? • Over provisioning infrastructure ̶ Costly, in-efficient • Put an IPS device or a next-gen firewall in front of DNS server ̶ +1 point of failure, turning on so many services is compute intensive ̶ No deep understanding of DNS protocol ̶ No deep DNS specific attack coverage • Cloud based solutions ̶ Basic rate limiting, focused on volumetric attacks ̶ Privacy concerns (and data mining concerns) ̶ Latency 31 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 32. A jaka będzie twoja 32 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. historia? http://mlpeters.com
  • 33. Zapraszam na sesję o DNSSEC. Wtorek: 33 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 34. Plotki w sieci. Czyli gdzie warto zajrzeć? 34 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 35. DNS Security Risk Assessment 1. Analyzes an organization’s DNS setup to assess level of risk of exposure to DNS threats 2. Provides DNS Security Risk Score and analysis based on answers given 3. www.infoblox.com/dnssecurityscore Higher the score, higher the DNS Security Risk!! 35 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 36. Best Practices Poster http://www.infoblox.com/downloads/resources/securing-dns-best-practices 36 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 37. 37 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd..
  • 38. Videos 38 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. • Advanced DNS Protection Demo • Provide technical validation – show what UI looks like before and during simulated attacks, • Show fine-tuning capabilities and reports • https://www.youtube.com/watch?v=Mg6jC7ljtnw • Executive Video • Provide technical validation – show that Advanced DNS Protection responds to all of the “good” DNS queries even under attack, while BIND and Microsoft get overwhelmed • https://www.youtube.com/watch?v=PR6Sv-buoP8
  • 39. 39 © 2013 Infoblox | 2014 IInncc.. AAllll RRiigghhttss RReesseerrvveedd.. Q&A