Cisco Guard DDoS Mitigation
The Planet handles a DDoS attack with Cisco® Guard XT 5650 DDoS Mitigation Appliance. When
a flood attack is detected by Arbor, the SOC uses the traffic graphs to confirm the attack and enable
Cisco® Guard. The Guard diverts the flood of traffic away from its intended path and into one of
a configuration of Guard farms placed at Equinix near the very edge of the network.
The Guard system then filters the traffic using multiple interactive layers of defense that recognize
and block many types of flood attacks. Filtering and active verification technologies enable rapid
protection against many types of assaults, even ones that have never been seen before. Rate-based
filtering, advanced anomaly recognition, source verification, and anti-spoofing technologies are used
to identify and block individual attack flows.
Protocol analysis and rate limiting features help ensure that only valid traffic gets through in
volumes that won’t compromise a server. The Guard system does not interfere with regular
production traffic. It keeps sites operational even during massive flood attacks that would otherwise
disrupt or completely disable the site, and maintains a flow of legitimate traffic with no obvious
degradation of services to legitimate users.
The Guard reporting service has been integrated into The Planet’s Orbit™ customer portal letting
customers under flood attack review hourly reports and graphs of activity and protection being
provided by The Planet. All traffic entering The Planet network, except MatriXtreme, is monitored
for DDoS attacks and benefits from DDoS mitigation at no additional cost to the client.
ISS RealSecure Host Based Intrusion Detection
The Planet now partners with Internet Security Systems (ISS), a premier security research, products
and Services Company, for host-level protection. ISS has served the Global 500, as well as world
governments, for the last decade. ISS RealSecure employs signature-based detection, sophisticated
protocol analysis, and behavioral pattern analysis to block both known and unknown attacks.
Signatures & analysis updates are provided by the highly regarded ISS X-Force research team.
RealSecure complements the network protection by safeguarding the underlying operating system
from operating system exploits and application vulnerabilities. ISS Real Secure:
C Uses automated defensive actions to deny server attacks.
C Is monitored 24x7 in The Planet’s SOC.
C Provides the server with end-to-end protection including file integrity monitoring.
All ISS Real Secure alarms are responded to by The Planet’s experienced team of GIAC and CISSP
certified security engineers. RealSecure, available for both Linux and Windows, is Windows Server
2003 and Windows 2000 Server Certified, is a fully-managed service available to all customers as
a standard service feature on Total Control and Focus Series servers, and for $10 per month on
Service Matrix servers.
17
MC Software Security and Hosting
(44 stránky)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce