Maximum protection and a quicker response to DDoS attacks
“Attack traffic can be blocked in a matter of seconds"
Distributed denial-of-service (DDoS) attacks are one of the top three security threats facing companies today. [1] Increasingly disruptive, frequent and sophisticated, these attacks can cost businesses tens or even hundreds of thousands of euros for every hour their networks, services and/or applications are unavailable or slowing down. To meet this challenge, Thales has developed a new DDoS protection solution based on Radware technology to provide comprehensive protection for the critical infrastructures of its customers.
In the last five years, DDoS attacks have not only become more disruptive and frequent, they have also become considerably more sophisticated. Most denial-of-service attacks today combine three methods in a single campaign: volumetric attacks, which aim to saturate the bandwidth of the target network, protocol attacks, which consume network resources (routers, switches, load balancers, firewalls, etc.), and application layer attacks to consume application server resources – all aim to slow down or make the application unavailable to legitimate users.
The financial impact for a company depends on the size of the organisation, the sector of activity it works in, and the visibility of its brand. Companies taking part in a recent industry survey indicated that they had been attacked an average of 4 times in the last 12 months, costing them about 1.5 million euros over the year.
DDoS Attacks Mitigation Approaches
- On-premise - a dedicated, specially designed device to detect and mitigate DDoS attacks. The device is usually deployed as the first device in the organisation’s network, even before the access router. When a DDoS solution is deployed on premise, organizations benefit from an immediate and automatic attack detection and mitigation solution. However, on premise DDoS solution cannot handle volumetric network floods that saturate the Internet pipe of the enterprise. Such attacks must be mitigated from the cloud.
- Cloud - With the rise of DDoS attacks, many Internet service providers (ISPs) and managed security service providers (MSSPs) have begun to offer anti-DDoS services. Such services protect organisations from network flood attacks by deploying mitigation equipment at the ISP or MSSP scrubbing centers. This type of mitigation is guaranteed to block network flood attacks from ever reaching the organisation, as attacks are mitigated before they reach the connection between the ISP or MSSP and the organization. However, cloud based anti-DDoS services cannot block application DDoS attacks as well as low & slow attacks since its mitigation equipment is not sensitive enough to detect the intricacies of such attacks when it’s deployed in the cloud.
- Hybrid - Hybrid DDoS solutions offer best-of-breed attack mitigation by combining on premise and cloud mitigation into a single, integrated solution. The hybrid solution chooses the right mitigation location and the mitigation technique based on the attack characteristics tools and volume. In the hybrid solution, attack detection and mitigation starts immediately and automatically using the on premise attack mitigation device that stops various attacks from diminishing the availability of the online services. In case of a pipe saturation threat, the hybrid solution activates the cloud mitigation and the traffic is diverted to the cloud, where it is scrubbed before sent back to the enterprise.
Thales Hybrid solution for comprehensive defence
In partnership with Radware, one of the world's top companies specialising in DDoS attack protection, Thales has designed a hybrid solution combining on-site protection and cloud services. Operated remotely from Thales’s Security Operation Centres (SOCs [2]), online equipment deployed on the periphery of the customer’s infrastructure protects the network and/or services and applications against both protocol and application layer attacks.
Volumetric attacks are intended to saturate the connection bandwidth of the client infrastructure. When one of these attack methods is starts to build up, the attack traffic is rerouted to a specialised out-of-path scrubbing centre in the cloud. Clean traffic is then passed back to the network for delivery.
Unlike the pure cloud approach offered by some DDoS protection providers, this solution manages to block most attacks on-site in a matter of seconds, compared with several minutes if traffic is redirected to a specialist cloud service. This translates into significantly lower financial losses, estimated at thousands of euros per minute of downtime, for the organisation deploying the hybrid solution.
A winning combination
Radware’s patented DDoS protection technology has a proven record of success with major players in the financial services industry, government, e-commerce and telecommunications around the world.
Thanks to the unique combination of Radware’s technology and Thales’s expertise in the bespoke deployment and operation of cybersecurity solutions to protect critical infrastructure, this DDoS protection solution ensures that customers benefit from maximum protection and the fastest possible response to this type of hugely disruptive and fast growing threat.
- Download the factsheet about Thales’s DDoS protection solution (PDF)
- Managed Security Services on thalesgroup.com
[1] Source: The Cost of Denial-of-Services Attacks, Ponemon Institute, March 2015, which ranks DDoS as one of today's "three scariest security threats" together with Zero Day Attacks and Malware.
[2] Thales has four SOCs: two in France, one in the United Kingdom and one in the Netherlands. A fifth will enter service this year in Hong Kong (for more information: Thales cybersecurity business goes global).
World-class technologyWith its Attack Mitigation System (AMS) solution, Radware is one of the two global leaders in DDoS attack protection. Its solutions provide optimal DDoS protection for:
Find out more: www.radware.com/solutions/security |
The cost of denial-of-service attacks
Source : The Cost of Denial-of-Services Attacks, Ponemon Institute, March 2015
No one is completely safe: a few examples from the last 12 months
|