DENIAL OF SERVICE
Traditional perimeter security, such as firewalls and Intrusion Prevention Systems (IPS), are essential elements to a multi-layered defense strategy. However, these measures are incapable of protecting organizations from Distributed Denial of Service ((D)Dos) attacks.
Unlike other kinds of cyberattacks, which are usually aimed at obtaining sensitive information, (D)Dos attacks do not attempt to breach your security perimeter but rather to bring your organization’s servers and website to a complete standstill, rendering them inaccessible to legitimate users. The key difficulty in defending against (D)Dos lies in the identification of the attack, since it occurs through routes that are unobstructed by the firewall and IPS.
Today’s (D)DoS attacks are growing in number, severity, complexity and sophistication, and can cause serious network downtime to businesses that rely on networks and web services to operate. To ensure business continuity planning and a disaster recovery strategy, the protection of critical business resources by utilizing (D)Dos Prevention solutions should be a top priority for every organization.
Our (D)Dos Prevention solutions share the following minimum characteristics:
The ability to predefine different response actions for suspected (D)Dos attacks is enhanced by real-time notifications on identified (D)Dos attacks
Managing and monitoring multiple (D)Dos systems through a single centralized management system ensures consistent visibility and higher network and system auditability
Optimize Operational Effectiveness
Real-time protection by analyzing the traffic traversing the network for (D)Dos patterns/attacks ensures business continuity and protection against (D)Dos attacks
Actionable views, event monitoring and reporting enable real-time monitoring of suspected or actual attack alerts and creation of reports for compliance purposes
The deployment model of the (D)Dos Prevention solution is designed to fit the organizational needs of an existing environment, providing the ability to create/update a custom (D)DoS security policy, tailored to the individual needs of the customer
Network Resource Protection
Multi-function detection engine against spoofed and non-spoofed IP attacks from any connection variation, including TCP, UDP and ICMP. With an intelligent, analytic–driven approach, it provides protection from network-based as well as application layer attacks attempting to overwhelm the network infrastructure
Flexible, on-demand creation of white lists and blacklists that provide the capability of allowing or blocking source and destination IP addresses. Various custom parameters can be set for a designated source and destination IP address
Intelligent notification and alerting system is essential in order to respond to an incident the fastest possible way. Alerts can be delivered through various delivery methods (i.e. emails, syslog etc.) that can be configured to be triggered for a particular zone with predefined threshold parameters
Ability to drop connections based on maximum allowed limits for new and concurrent connections
Drawing from our ever-growing expertise, developed through our Technology Risk Solutions and Managed Security Services (MSS) divisions, we will first assess your organization’s needs based on your existing infrastructure, network architecture, applications and systems’ setup. Once we have a well-rounded understanding, we will proceed by proposing the best-suited (D)Dos Prevention solution that suits your environment.
Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:
MAINTENANCE & SUPPORT
INTEGRATION WITH CLEARSKIESTM NG SIEM-AS-A-SERVICE
FULL-FLEDGED 24/7 MANAGED & SECURITY LOG MONITORING
This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).