Radware’s New Attack Mitigation Platform (DefensePro x4420)Deivid Toledodeivid.Toledo@wtrservices.com.brWTR Services

25 de Setembro 2015

Current Trends

The Rise of the Continuous Attack

Longer, larger and more sophisticated attacks. Constant attacks on the rise.

In previous years - attacks that were considered “constant” never exceeded 6%

In 2014 - 19% were considered “constant”

Attack size also increases – 1 of 7 attacks larger than 10G in 2014.

Less than a day

1 hour-1 day 1 day-1 week over a week Constantly%

500%

1000%

1500%

2000%

2500%

3000%

3500%

4000%2011 2012 2013 2014

In 2014, 19% of attacks were considered “constant”

No One is Immune – Unexpected Targets

Threats in new industries, organizational sizes and technology deployments

Healthcare and Education – unexpected targets now at risk

Gaming, Hosting and ISP companies – increased likelihood

2014 Change from 2013

4

Reflective Attacks – the Largest DDoS Headache

Attacks evenly split across network and application layers

Web-based attacks remain the single most common attack vector

– 1 in every 4 are HTTPS

Increase reflective attacks cause UDP attacks to increase

– From 7% in 2013 to 16% in 2014

Reflective attacks represent 2014’s single largest DDoS “headache”

10%

16%

6%

18%

Network 51%

TCP- Other UDP

IPv6 1% TCP-SYN Flood

ICMP

9%

23%

16%

Application 49%

VoIP 1% Web (HTTP/HTTPS)

SMTP DNS

Complexity of Attacks Continues to GrowMulti-vector attacks target all layers of the infrastructure

IPS/IDS

“Low & Slow” DoS attacks (e.g.Sockstress)

Large volume network flood attacks

Syn Floods

Network Scan

HTTP Floods

SSL Floods App Misuse

Brute Force

Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection

Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server

6

The Need: High Performance with Comprehensive Protection

Protection from both sophisticated and volumetric attacks.

Carriers and cloud providers

- Need to support a growing number of customers with increased complexity and capacity.

- Require high end devices that can handle growth and scale (mitigation, bandwidth, complexity and number of served customers).

Current competitor offerings today require to chose between high performance and attack mitigation coverage/quality

7

Platform OfferingDefensePro x4420

Radware’s New Attack Mitigation Platform

Widest range of protections at high mitigation capacity, including UDP reflection attacks, fragmented and out-of-stack floods

Up to 300Gbps throughput inspection while allowing customers to enjoy the widest range of simultaneous cyber-attack protection in the industry

230M PPS anti-DDoS along with best-in-class DNS, SIP, SMTP, HTTPS, and other application protections

Commercial grade out-of-the-box compliance and customer tenancy managing over 1,000 policies in a secure Role-Based Access control format

First dedicated attack mitigation platform to offer 100G interfaces

No compromise: High performance + High mitigation capacity + Widest protection

9

DefensePro x4420 - Technical Highlights

Total throughput up to 300G - Legit traffic throughput up to 160G- BW license 50G/100G/160G

High port density (with any port type support)- 4x100G (QSFP28) - 4 x 40GbE (QSFP+)- 20 x 1/10GbE (SFP+)

New ‘Performance’ mode - up to 230M Attack PPS (supports SYN protection, packet anomaly, BL/WL)Up to 1,000 active policiesSpace conservative - only 2U of rack space

DefensePro x4420

DefensePro Layers of Defense

Behavioral-based protections

DMEDDoS Mitigation Engine

(230M PPS)

L7 Regex Acceleration ASICMulti Purpose Multi Cores CPU’s

& Reputation Engine

Hardware Architecture – Tailored for Attack Mitigation

11

Multi Tenancies SupportSeparate processing capabilities per tenantRole based access control for management permissions per policyEach tenant can view and monitor only the resources that are relevant for themPersonalized, per tenant, historical reporting, dashboards and event management

12

DefensePro x4420 - Summary

Highest rate mitigation with widest coverage - up to 230M PPS

Any port connectivity - including 100G ports

Designed for multi tenancy (MSSP/Carriers/Cloud) - Up to 1000 policies

New scalable SW Architecture

Compact form factor – 2U only

Technical Specs

DefensePro x4420 Technical SpecificationFeatures DefensePro x4420DefensePro Model DP model 504420 – 50 Gbps

DP model 1004420 – 100 Gbps DP model 1604420 – 160 Gbps

Network Location Core NetworkHardware Platform OnDemand Switch HTPerformanceCapacity 300 GbpsMax Legit Throughput 160 GbpsMax Concurrent Sessions 25,000,000Maximum DDoS Flood Attack Prevention Rate

230,000,000 packets per second

Latency 60 micro seconds Real time signatures Detect and protect attacks in less than 18 secondsPhysical PortsTraffic Ports 4x 100 GbE QSFP28

4 x 40 GbE QSFP+20 x 10GbE SFP+

Management Ports 2 * 1 Gbe Copper, out of band RS-232 RJ-45 Serial Connection

16

DefensePro x4420 Technical Specification – Cont.Features DefensePro x4420Operation Mode

Network Operation Transparent L2 Forwarding, IP Forwarding

Deployment Modes In-line; SPAN Port Monitoring; local out-of-path; Out-of-path mitigation (scrubbing center solution)

Tunneling protocols support VLAN Tagging, L2TP, MPLS, GRE, GTP, IPinIP

IPv6 Full IPv6 support for detection and mitigation

Policy Action Block & Report, Report Only

Block Actions Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination), Challenge-Response for TCP, HTTP and DNS suspicious traffic

High Availability

Dual Power Supply Yes

Advanced internal overload mechanism

Yes

High Availability deployment - Active-Passive

Yes

17

DefensePro x4420 Technical Specification – Cont.Features DefensePro x4420Physical

Dimensions (W x D x H) mm 2U: 424x600x88 mmEIA Rack or Standalone: 482 mm (19 in)

Weight (kg, lb) 18.7Kg

Power Supply Auto-range supply:AC: 100-240 V, 47-63 HzDC: -36~-72 VDual power supply (AC/DC)

Power Consumption 890W

Heat Dissipation (BTU/h) 2930 BTU/hr

Operating Temperature 0-40°C (32-104°F)

Humidity (non-condensing) Humidity: 5% to 95% non-condensing

Certifications Safety: CE LVD( EN 60950-1), CB - IEC 60950-1, CCC, cTUVus, C-TickEMC: CE EMC (EU directive 2004/108/EC), FCC Part 15B Class A, ICES-003, VCCIRoHS Compliant (EU directive 2011/65/EC)

18