inteligencia digital de ataques ddos€¦ · 3 ayuntamiento de ledrada publicacion de anonymous en...

Inteligencia Digital de ataques DDoSOPERACIÓN #Deshaucios contra Partido Popular

Marzo 2013

2

Ayuntamiento de Ledrada

Motivos del ataque

Inicio de la operación de ataque DDoS

3


Publicacion de Anonymous en tweeter sobre el hackeo de la pagina del ayuntamiento de Ledrada: www.aytoledrada.com

4


El resultado

5

Pagina del Partido Popular de Alpedrete

Publicacion de Anonymous en tweeter sobre el hackeo de la pagina del Partido Popular de Alpedrete: http://pp‐alpedrete.com/

6



7


El resultado

8


El resultado

9

Pagina del Partido Popular de San Juan de Aznalfarache

Publicacion de Anonymous en tweeter sobre el hackeo de la pagina del Partido Popular de San Juan de Aznalfarache

10



11


El resultado

12

Arbor Networks: Overview

90%Percentage of world’s Tier 1 service providers who are Arbor customers 115

Number of countries with Arbor products deployed

35Tbps

Amount of global traffic monitored by the ATLAS security intelligence initiative right now!

#1

Arbor market position in Carrier, Enterprise and Mobile DDoS equipment market segments –61% of total market [Infonetics Research Dec 2011]

Number of years Arbor has been delivering innovative security and network visibility technologies & products

13

$16B

2011 GAAP revenues [USD] of Danaher – Arbor’s parent company providing deep financial backing

The Arbor Unique Solution

Global & Enterprise Visibility

Security Intelligence

Availability Protection

A World-Class Research Team (ASERT) Analyzing all the World’s Internet Traffic (ATLAS) to Stop Emerging Advanced Threats

Know Your Network No Matter Where It

Resides

Find the Threat No Matter Where the

Threat Lurks

Protect the Business at All Times

The Solution to Stop Advanced Threats –Built on Global Network Visibility & Security Intelligence

13

Introducing Pravail APS

Stateless Analysis & Filtering Engine

Stateless Analysis & Filtering Engine

Cloud SignalingCloud SignalingATLAS

Intelligence Feed

ATLAS Intelligence

Feed

Arbor’s core Stateless Analysis and Filtering Engine (SAFE) is the technology used by 90% of Tier 1 carriers & ISPs to stop attacks is also immune to all threats against availability.

The Arbor Threat Level Analysis System (ATLAS) provides global visibility into botnets and malware which is then transformed into an intelligence feed for Arbor’s products

Cloud Signaling is a proprietary protocol enabling signaling from the enterprise edge to the ISP cloud for complete protection from all DDoS attacks.

SAFE: Stateless Analysis Filtering Engine

• Proven anti-DDoS protection in enterprise appliance

– Same core engine from Peakflow SP TMS that’s been proven in the world’s most demanding networks

• Protections focused on both Application & Volume attacks

– Packaged for enterprises with out-of-the-box to block most known attacks “tools”

– Protection to block volumetric DDoS attacks up to the link’s max capacity

• Protection designed for specific assets and services

– Trusted default policy templates for:‒ Web servers‒ DNS‒ File Servers‒ Mail Servers‒ VPN‒ VOIP Servers‒ Remote Login‒ Generic Servers

15

16

ATLAS & ASERT: Global security intelligence feeds real-time protection updates for Pravail APS

Active Threat Level Analysis System

Peakflow SP Peakflow X(Pravail NSI)

ISP NetworkDARKNET

ATLAS SENSOR

Peakflow SP Peakflow X

ISP NetworkDARKNET

ATLAS SENSOR

Peakflow SP Peakflow XPravail NSI

ISP NetworkDARKNET

ATLAS SENSOR

ATLAS DATA CENTER

ATLAS ANALYSIS SYSTEMS

ATLAS sensors are deployed in global internet darknet space to discover and classify attack activity

The information is sent to an ATLAS central repository where it is combined with Arbor Peakflow, third‐party, and vulnerability data

ASERT analyzes combined data and converts into actionable intelligence which is posted on the ATLAS public portal and provides security content updates to Pravail solutions

11

33

22

ATLAS Intelligence Feed (AIF)

• Continuously updated feed of botnet DDoS threats to availability

• Layer 7 fingerprints focused on inbound threats– Includes ASERT threat level and confidence

assessment

• ASERT tracking 100s individual botnets in the wild and across the globe enabled by ATLAS

Leverages the global intelligence in Arbor’s ATLAS to stop emerging DDoS

and botnet attacks

17

18

Pravail APS: Scalability for every network

• Software upgrades– Upgrades available with each platform series– Ex: upgrade from 2002 to 2003– Ex: Upgrade from 2104 to 2108

2000‐series 2002 2003ProtectedThroughput

500 Mbps 1 Gbps

Interface Options • 8x 10/100/1000 Copper• 8x GE (SX or LX)

2100‐series 2104 2105 2107 2108ProtectedThroughput

2 Gbps 4 Gbps 8 Gbps 10 Gbps

Interface Options • 12x 10/100/1000 Copper• 12x GE (SX or LX)

• 4x 10/100/1000, 4x GE SX, 4x GE LX• 2x 10GE (SR or LR)

Thank You

inteligencia digital de ataques ddos€¦ · 3 ayuntamiento de ledrada publicacion de anonymous en...

Documents