SlideShare ist ein Scribd-Unternehmen logo

PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji internetowych (DDoS, WAF, SSL) - bezpieczeństwo jako funkcja sieciowa czy rozwiązania punktowe?

Als PPTX, PDF herunterladen
PROIDEA
PROIDEA

Na przykładzie rozwiązania AMS (Attack Mitigation System) firmy RADWARE niniejsza prezentacja przedstawi różne modele skutecznej ochrony aplikacji internetowych zarówno w modelu „chmurowym” jak również mieszanym (hybrydowym). Prezentacja przedstawi również zalety implementacji mechanizmów bezpieczeństwa w formie natywnych funkcji sieciowych oraz odpowie na pytanie w jaki sposób zapewnić najlepszą ochronę przy jednoczesnym zachowaniu najwyższego poziomu SLA aplikacji.

Technologie
1 von 30
Radware Mity i fakty skutecznej ochrony aplikacji internetowych Marek Karczewski
What do we protect ? 2 Internet Users Protected Organization – Data CenterInternet Service ProviderServers farm and Applications
DDoS Attacks Landscape 10% 16% 6% 18% Network 51% TCP- Other UDP IPv6 1% TCP-SYN Flood ICMP 9% 23% 16% Application 49% VoIP 1% Web (HTTP/HTTPS) SMTP DNS
Denial of Service 25% SQL Injection, 24% 8.9% 4.8% 3.8% 3.7% 3% 2.8% 2.1% 1.9% Others Top 10 Web Attack Methods: Denial of Service SQL Injection Cross Site Scripting (XSS) Brute Force Predictable Resource Location Stolen Credentials Unintentional Information Disclosure Banking Trojan Credential/Session Prediction Cross Site Request Forgery (CSRF) 4 Evolving Threat Landscape
More Automated, Persistent DoS Attacks 57% 36% 4% 2% 1% 0% 20% 40% 60% 1 hour or less 1 hour to 1 day 1 day to 1 week Over a week Constantly 2011 2012 2013 2014 2015
The SSL Security Threat Internet traffic encryption growth: Privacy concerns Growing usage of cloud applications HTTP/2 mandating encryption Over 50% of traffic in enterprises is encrypted By 2017, 50% of attacks will be encrypted Source: Gartner, 2015 20% of organizations Inspect SSL 80% of organizations don’t inspect SSL Traffic
2015 INTERNET PIPE (Saturation)36% FIREWALL 13% IPS/IDS 8% ALANCERLOAD B (ADC) 9% THE SERVER UNDER ATTACK 33% SQL SERVER 1% INTERNET PIPE (Saturation)36% FIREWALL 21% IPS/IDS 10% ALANCERLOAD B (ADC) 3% THE SERVER UNDER ATTACK 28% SQL SERVER 2% 2014 DDoS attacks from infrastructure perspective IPS/IDSInternet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
Complexity of attacks continues to grow IPS/IDS “Low & Slow” DoS attacks (e.g.Slowloris) Large volume network flood attacks Syn Floods Network Scan HTTP Floods SSL Floods App Misuse Brute Force Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server XSS, CSRFSQL Injections
Multi-technology protection Only a multi-technology solution can provide full protection from multi-vector threats Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
Distributed deployment for the most efficient attack detection and mitigation Server Under Attack Attack Mitigation Device Perimeter protects your datacenter infrastructure Must be Stateless Radware Cloud Scrubbing Cloud protects your internet pipe Load Balancer/ADC LAN protects your applications and data Must be Stateful Internet Pipe Firewall DoS protectionCloud DDoS protection Behavioral analysis IPS WAF SSL protectionDoS protection SSL protection
Application Delivery and Security technologies Radware Cloud Scrubbing Radware Cloud Scrubbing DefensePro / DDoS SSL Inspection SSL Inspection AppWall WAF Radware Scrubbing CenterDefensePro: DoS/DDoS SolutionAlteon: SSL solution for DDoS IPSFirewall Anti Virus ADC
SSL mitigation solution SSL Inspection DefensePro / DDoS SSL Inspection Stateful SSL exposed to DDoS attacks Full protection coverage DDoS protection deployed behind SSL inspection DDoS protection deployed in front of SSL inspection
Integrated Application Delivery and Security technologies Radware Cloud Scrubbing DefensePro / DDoS SSL Inspection SSL Inspection AppWall WAF Alteon: SSL Interception and InspectionAlteon: Application Delivery ControllerAppWall: Web Application Firewall IPSFirewall Anti Virus ADC
From point protection… to an automated & Intelligent network defense model 14 Self Defence, Automated, Network-wide Security
Device-centric service Network-wide service Network as a host… A network that is part of the service Transformation from device centric to network-wide services
Defense Messaging and synchronized operation Internet Pipe Firewall Load Balancer/ADC Server Under Attack Attack Mitigation Device Radware Cloud Scrubbing Defense Messaging Defense Messaging Detect where you can, mitigate where you should Internet Pipe Firewall Server Under Attack
WAF out-of-path deployment Attack Mitigation Device Defense Messaging Protected Web App Alteon NG WAF Out-of-path
Appwall and ADC resource utilisation Attack Mitigation Device Defense Messaging Protected Web App Alteon NG Critical resources utilisation
Entire infrastructure protection Attack Mitigation Device Defense Messaging Alteon NG
Protected OrganizationDDoS Scrubbing Center Carrier infrastructure Cloud protection service Defense Messaging Data Center
Protected OrganizationDDoS Scrubbing Center Carrier infrastructure Cloud protection service Data Center
Cloud protection service Internet Customer Premise Cloud Service Provider Data Center Data Center
Customer Premise Cloud Service Provider Cloud Protection Cloud protection service Data Center Local Security Cloud Scrubbing Cloud
Radware Command and Control Center Radware Command & Control Center Radware Virtual & Physical Appliances L3-4-7 Collection CheckPoint DDoS Protector 3rd Party Detection Devices (NetFlow, SIEM, …) Cisco FirePower 9300 Radware Flow Collector NetFlow SDN Enabled Devices OpenFlow / Open Daylight
Radware Command and Control Center
Application Template Adding Radware to the Orchestration Front End Back End Orchestrator
Attack detected !!! L2/3 Switch OVS Cyber Control Diversion to scrubbing center
Attack detected !!! L2/3 Switch OVS Cyber Control ACL protection
Attack detected !!! L2/3 Switch OVS Cyber Control „Smart Tap”/ Web Application Firewall
Thank you

Empfohlen

PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PROIDEA
 
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...PROIDEA
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationRam Bharosh Raut
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsAlgoSec
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Jisc
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSrinivasa Addepalli
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 

Empfohlen

PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PROIDEA
 
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...
PLNOG 17 - Piotr Jasiniewski, Przemek Papużyński - Ericsson HDS 8000 Server p...PROIDEA
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationRam Bharosh Raut
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsAlgoSec
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Jisc
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSrinivasa Addepalli
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
12 Understanding V P Ns
12 Understanding V P Ns12 Understanding V P Ns
12 Understanding V P NsAamirAziz
 
My Final Year Project PPT
My Final Year Project PPTMy Final Year Project PPT
My Final Year Project PPTMOHAMMEDELALAM1
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Corsa Giga Filter
Corsa Giga FilterCorsa Giga Filter
Corsa Giga FilterCorsa Technology
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year ProjectMOHAMMEDELALAM1
 
What You Cant See Can Hurt You
What You Cant See Can Hurt You What You Cant See Can Hurt You
What You Cant See Can Hurt You Castleforce
 
Moving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WANMoving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WANDigital Transformation EXPO Event Series
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Featureslukky753
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Why choose pan
Why choose panWhy choose pan
Why choose panAchmad Yudo
 
Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV Digital Transformation EXPO Event Series
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkNetpluz Asia Pte Ltd
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
VPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP BusinessVPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP BusinessSafar Safarov
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksHarry Gunns
 
Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015AFCEA International
 
DNA: an overview
DNA: an overviewDNA: an overview
DNA: an overviewCisco DevNet
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPSAlexander Velikiy
 
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...PROIDEA
 
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...PROIDEA
 

Weitere ähnliche Inhalte

Was ist angesagt?

12 Understanding V P Ns
12 Understanding V P Ns12 Understanding V P Ns
12 Understanding V P NsAamirAziz
 
My Final Year Project PPT
My Final Year Project PPTMy Final Year Project PPT
My Final Year Project PPTMOHAMMEDELALAM1
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
What You Cant See Can Hurt You
What You Cant See Can Hurt You What You Cant See Can Hurt You
What You Cant See Can Hurt You Castleforce
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Featureslukky753
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkNetpluz Asia Pte Ltd
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
VPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP BusinessVPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP BusinessSafar Safarov
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksHarry Gunns
 
Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015AFCEA International
 

Was ist angesagt? (20)

12 Understanding V P Ns
12 Understanding V P Ns12 Understanding V P Ns
12 Understanding V P Ns
 
My Final Year Project PPT
My Final Year Project PPTMy Final Year Project PPT
My Final Year Project PPT
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Corsa Giga Filter
Corsa Giga FilterCorsa Giga Filter
Corsa Giga Filter
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
What You Cant See Can Hurt You
What You Cant See Can Hurt You What You Cant See Can Hurt You
What You Cant See Can Hurt You
 
Moving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WANMoving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WAN
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Features
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
 
Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
VPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP BusinessVPN as the Key for a Successful MSP Business
VPN as the Key for a Successful MSP Business
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto Networks
 
Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015
 
DNA: an overview
DNA: an overviewDNA: an overview
DNA: an overview
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
 

Andere mochten auch

PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...PROIDEA
 
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...PROIDEA
 
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...PROIDEA
 
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...PROIDEA
 
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...PROIDEA
 
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...PROIDEA
 
PLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurachPLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurachPROIDEA
 
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016PROIDEA
 
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...PROIDEA
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PROIDEA
 
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...PROIDEA
 
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...PROIDEA
 
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...PROIDEA
 
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...PROIDEA
 
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i Widoczność
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i WidocznośćPLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i Widoczność
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i WidocznośćPROIDEA
 
PLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPROIDEA
 
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open Networking
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open NetworkingPLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open Networking
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open NetworkingPROIDEA
 
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment Routing
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment RoutingPLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment Routing
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment RoutingPROIDEA
 
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...PROIDEA
 
PLNOG 17 - Tomás Strašák - Latencja jest decydentem
PLNOG 17 - Tomás Strašák - Latencja jest decydentemPLNOG 17 - Tomás Strašák - Latencja jest decydentem
PLNOG 17 - Tomás Strašák - Latencja jest decydentemPROIDEA
 

Andere mochten auch (20)

PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
PLNOG 17 - Robert Rosiak - Zcentralizowane i dystrybuowane CPE - różnice i po...
 
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
PLNOG 17 - Andrzej Jeruzal - Dell Networking OS10: sieciowy system operacyjny...
 
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...
PLNOG 17 - Marcin Aronowski - Technologie dostępowe dla IoT. Jak się w tym ws...
 
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
PLNOG 17 - Piotr Jabłoński - Sieci nakładkowe w Data Center - uproszczenie, c...
 
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...
PLNOG 17 - Piotr Strzyżewski - Regulacje RIPE które przekładają sie na realia...
 
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...
PLNOG 17 - Piotr Pieprzycki - Praktycznie: Ścieżka Continuous Integration w k...
 
PLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurachPLNOG 17 - Tomasz Brol - loT w chmurach
PLNOG 17 - Tomasz Brol - loT w chmurach
 
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016
PLNOG 17 - Marek Czardybon - Grupa 3S dla Światowych Dni Młodzieży 2016
 
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
PLNOG 17 - Nicolai van der Smagt - Building and connecting the eBay Classifie...
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
 
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...
PLNOG 17 - Konrad Kulikowski - Cisco WAE - Wan Automation Engine - Co SDN moż...
 
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...
PLNOG 17 - Piotr Wojciechowski - 802.1s MST, czyli STP u operatora i w DC nie...
 
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...
PLNOG 17 - Paweł Wachelka - Zastosowanie 802.1x w sieciach kampusowych - nowe...
 
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...
PLNOG 17 - Maciej Flak - Cisco Cloud Networking - czyli kompletna infrastrukt...
 
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i Widoczność
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i WidocznośćPLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i Widoczność
PLNOG 17 - Alexis Dacquay - 100 G, Skalowalność i Widoczność
 
PLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new DownPLNOG 17 - Stefan Meinders - Slow is the new Down
PLNOG 17 - Stefan Meinders - Slow is the new Down
 
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open Networking
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open NetworkingPLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open Networking
PLNOG 17 - Shabbir Ahmad - Dell EMC’s SDN strategy based on Open Networking
 
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment Routing
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment RoutingPLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment Routing
PLNOG 17 - Leonir Hoxha - Next Generation Network Architecture - Segment Routing
 
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...
PLNOG 17 - Sebastian Pasternacki - W poszukiwaniu pięciu dziewiątek – wysoka ...
 
PLNOG 17 - Tomás Strašák - Latencja jest decydentem
PLNOG 17 - Tomás Strašák - Latencja jest decydentemPLNOG 17 - Tomás Strašák - Latencja jest decydentem
PLNOG 17 - Tomás Strašák - Latencja jest decydentem
 

Ähnlich wie PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji internetowych (DDoS, WAF, SSL) - bezpieczeństwo jako funkcja sieciowa czy rozwiązania punktowe?

Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Deivid Toledo
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideAndris Soroka
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Amazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 RadwareINFOTIME
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsNetworkCollaborators
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Announcing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAnnouncing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAmazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsCenzic
 
Advanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAdvanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAmazon Web Services
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 

Ähnlich wie PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji internetowych (DDoS, WAF, SSL) - bezpieczeństwo jako funkcja sieciowa czy rozwiązania punktowe? (20)

Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
 
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 Radware
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection Solution
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 
Information Security
Information SecurityInformation Security
Information Security
 
Announcing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAnnouncing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS Attacks
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
 
Advanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAdvanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application Defense
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA Compliance
 

Kürzlich hochgeladen

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji internetowych (DDoS, WAF, SSL) - bezpieczeństwo jako funkcja sieciowa czy rozwiązania punktowe?

  • 1. Radware Mity i fakty skutecznej ochrony aplikacji internetowych Marek Karczewski
  • 2. What do we protect ? 2 Internet Users Protected Organization – Data CenterInternet Service ProviderServers farm and Applications
  • 3. DDoS Attacks Landscape 10% 16% 6% 18% Network 51% TCP- Other UDP IPv6 1% TCP-SYN Flood ICMP 9% 23% 16% Application 49% VoIP 1% Web (HTTP/HTTPS) SMTP DNS
  • 4. Denial of Service 25% SQL Injection, 24% 8.9% 4.8% 3.8% 3.7% 3% 2.8% 2.1% 1.9% Others Top 10 Web Attack Methods: Denial of Service SQL Injection Cross Site Scripting (XSS) Brute Force Predictable Resource Location Stolen Credentials Unintentional Information Disclosure Banking Trojan Credential/Session Prediction Cross Site Request Forgery (CSRF) 4 Evolving Threat Landscape
  • 5. More Automated, Persistent DoS Attacks 57% 36% 4% 2% 1% 0% 20% 40% 60% 1 hour or less 1 hour to 1 day 1 day to 1 week Over a week Constantly 2011 2012 2013 2014 2015
  • 6. The SSL Security Threat Internet traffic encryption growth: Privacy concerns Growing usage of cloud applications HTTP/2 mandating encryption Over 50% of traffic in enterprises is encrypted By 2017, 50% of attacks will be encrypted Source: Gartner, 2015 20% of organizations Inspect SSL 80% of organizations don’t inspect SSL Traffic
  • 7. 2015 INTERNET PIPE (Saturation)36% FIREWALL 13% IPS/IDS 8% ALANCERLOAD B (ADC) 9% THE SERVER UNDER ATTACK 33% SQL SERVER 1% INTERNET PIPE (Saturation)36% FIREWALL 21% IPS/IDS 10% ALANCERLOAD B (ADC) 3% THE SERVER UNDER ATTACK 28% SQL SERVER 2% 2014 DDoS attacks from infrastructure perspective IPS/IDSInternet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
  • 8. Complexity of attacks continues to grow IPS/IDS “Low & Slow” DoS attacks (e.g.Slowloris) Large volume network flood attacks Syn Floods Network Scan HTTP Floods SSL Floods App Misuse Brute Force Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server XSS, CSRFSQL Injections
  • 9. Multi-technology protection Only a multi-technology solution can provide full protection from multi-vector threats Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
  • 10. Distributed deployment for the most efficient attack detection and mitigation Server Under Attack Attack Mitigation Device Perimeter protects your datacenter infrastructure Must be Stateless Radware Cloud Scrubbing Cloud protects your internet pipe Load Balancer/ADC LAN protects your applications and data Must be Stateful Internet Pipe Firewall DoS protectionCloud DDoS protection Behavioral analysis IPS WAF SSL protectionDoS protection SSL protection
  • 11. Application Delivery and Security technologies Radware Cloud Scrubbing Radware Cloud Scrubbing DefensePro / DDoS SSL Inspection SSL Inspection AppWall WAF Radware Scrubbing CenterDefensePro: DoS/DDoS SolutionAlteon: SSL solution for DDoS IPSFirewall Anti Virus ADC
  • 12. SSL mitigation solution SSL Inspection DefensePro / DDoS SSL Inspection Stateful SSL exposed to DDoS attacks Full protection coverage DDoS protection deployed behind SSL inspection DDoS protection deployed in front of SSL inspection
  • 13. Integrated Application Delivery and Security technologies Radware Cloud Scrubbing DefensePro / DDoS SSL Inspection SSL Inspection AppWall WAF Alteon: SSL Interception and InspectionAlteon: Application Delivery ControllerAppWall: Web Application Firewall IPSFirewall Anti Virus ADC
  • 14. From point protection… to an automated & Intelligent network defense model 14 Self Defence, Automated, Network-wide Security
  • 15. Device-centric service Network-wide service Network as a host… A network that is part of the service Transformation from device centric to network-wide services
  • 16. Defense Messaging and synchronized operation Internet Pipe Firewall Load Balancer/ADC Server Under Attack Attack Mitigation Device Radware Cloud Scrubbing Defense Messaging Defense Messaging Detect where you can, mitigate where you should Internet Pipe Firewall Server Under Attack
  • 17. WAF out-of-path deployment Attack Mitigation Device Defense Messaging Protected Web App Alteon NG WAF Out-of-path
  • 18. Appwall and ADC resource utilisation Attack Mitigation Device Defense Messaging Protected Web App Alteon NG Critical resources utilisation
  • 19. Entire infrastructure protection Attack Mitigation Device Defense Messaging Alteon NG
  • 20. Protected OrganizationDDoS Scrubbing Center Carrier infrastructure Cloud protection service Defense Messaging Data Center
  • 21. Protected OrganizationDDoS Scrubbing Center Carrier infrastructure Cloud protection service Data Center
  • 22. Cloud protection service Internet Customer Premise Cloud Service Provider Data Center Data Center
  • 23. Customer Premise Cloud Service Provider Cloud Protection Cloud protection service Data Center Local Security Cloud Scrubbing Cloud
  • 24. Radware Command and Control Center Radware Command & Control Center Radware Virtual & Physical Appliances L3-4-7 Collection CheckPoint DDoS Protector 3rd Party Detection Devices (NetFlow, SIEM, …) Cisco FirePower 9300 Radware Flow Collector NetFlow SDN Enabled Devices OpenFlow / Open Daylight
  • 25. Radware Command and Control Center
  • 26. Application Template Adding Radware to the Orchestration Front End Back End Orchestrator
  • 27. Attack detected !!! L2/3 Switch OVS Cyber Control Diversion to scrubbing center
  • 29. Attack detected !!! L2/3 Switch OVS Cyber Control „Smart Tap”/ Web Application Firewall

Hinweis der Redaktion

  1. As attacks are getting longer, larger and more sophisticated, organizations need to be able to protect their applications from a large variety of security threats including: Web-based attacks Mostly known through the Open Web Application Security Project (OWASP) Top 10 which lists out the most common web-based threats. Includes threats such as SQL Injections, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), which are typically not covered by traditional firewalls and intrusion detection systems (IDS). Availability based attacks – Distributed Denial of Service (DDoS) attacks at both the network and application layers. Includes the use of automated programs (bots) as well as humans to launch attacks aimed at exhausting application resources.
  2. At the “Service Layer” – Radware provides Apps Delivery and Security solutions. Radware offers virtual instances & HW deployments. “vDirect” connects Radware to APIC orchestration system “Open Daylight” connects Radware to the DC
  3. At the “Service Layer” – Radware provides Apps Delivery and Security solutions. Radware offers virtual instances & HW deployments. “vDirect” connects Radware to APIC orchestration system “Open Daylight” connects Radware to the DC
  4. At the “Service Layer” – Radware provides Apps Delivery and Security solutions. Radware offers virtual instances & HW deployments. “vDirect” connects Radware to APIC orchestration system “Open Daylight” connects Radware to the DC
  5. At the “Service Layer” – Radware provides Apps Delivery and Security solutions. Radware offers virtual instances & HW deployments. “vDirect” connects Radware to APIC orchestration system “Open Daylight” connects Radware to the DC