Denial of Service

Traditional perimeter security, such as firewalls and Intrusion Prevention Systems (IPS), are essential elements to a multi-layered defense strategy. However, these measures are incapable of protecting organizations from Distributed Denial of Service ((D)Dos) attacks.

Overview

Unlike other kinds of cyberattacks, which are usually aimed at obtaining sensitive information, (D)Dos attacks do not attempt to breach your security perimeter but rather to bring your organization’s servers and website to a complete standstill, rendering them inaccessible to legitimate users. The key difficulty in defending against (D)Dos lies in the identification of the attack, since it occurs through routes that are unobstructed by the firewall and IPS.

Today’s (D)DoS attacks are growing in number, severity, complexity and sophistication, and can cause serious network downtime to businesses that rely on networks and web services to operate. To ensure business continuity planning and a disaster recovery strategy, the protection of critical business resources by utilizing (D)Dos Prevention solutions should be a top priority for every organization.

Characteristics

Our (D)Dos Prevention solutions share the following minimum characteristics:
Security Expertise
The ability to predefine different response actions for suspected (D)Dos attacks is enhanced by real-time notifications on identified (D)Dos attacks
Visibility
Managing and monitoring multiple (D)Dos systems through a single centralized management system ensures consistent visibility and higher network and system auditability
Optimize Operational Effectiveness
Real-time protection by analyzing the traffic traversing the network for (D)Dos patterns/attacks ensures business continuity and protection against (D)Dos attacks
Instrumental Reporting
Actionable views, event monitoring and reporting enable real-time monitoring of suspected or actual attack alerts and creation of reports for compliance purposes
Deployment Flexibility
The deployment model of the (D)Dos Prevention solution is designed to fit the organizational needs of an existing environment, providing the ability to create/update a custom (D)DoS security policy, tailored to the individual needs of the customer

Features

Network Resource Protection
Multi-function detection engine against spoofed and non-spoofed IP attacks from any connection variation, including TCP, UDP and ICMP. With an intelligent, analytic–driven approach, it provides protection from network-based as well as application layer attacks attempting to overwhelm the network infrastructure
Exception lists
Flexible, on-demand creation of white lists and blacklists that provide the capability of allowing or blocking source and destination IP addresses. Various custom parameters can be set for a designated source and destination IP address
Alerting
Intelligent notification and alerting system is essential in order to respond to an incident the fastest possible way. Alerts can be delivered through various delivery methods (i.e. emails, syslog etc.) that can be configured to be triggered for a particular zone with predefined threshold parameters
Connection limits
Ability to drop connections based on maximum allowed limits for new and concurrent connections

Deployment

Drawing from our ever-growing expertise, developed through our Technology Risk Solutions and Managed Security Services (MSS) divisions, we will first assess your organization’s needs based on your existing infrastructure, network architecture, applications and systems’ setup. Once we have a well-rounded understanding, we will proceed by proposing the best-suited (D)Dos Prevention solution that suits your environment.

Remaining Secure

Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:

Maintenance & Support

Integration with ClearSkiesTM NG SIEM-as-a-Service

Full-fledged 24/7 Managed & Security Log monitoring

This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).