We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byKatarina Hooton
Modified about 1 year ago
© 2011 Infoblox Inc. All Rights Reserved. Infoblox – control, secure & automate Mike Carroll
© 2011 Infoblox Inc. All Rights Reserved. Telecom Retail Manufacturing Media and Internet Transportation Government Life Sciences Financial Services Education Energy Infoblox Alliance Partners Market Leaders Choose Infoblox Global Customers, 300+ Fortune 500
© 2011 Infoblox Inc. All Rights Reserved. Networks Without Infoblox – Siloes of Data, Multiple Management Points APPS & END-POINTS END POINTSVIRTUAL MACHINESPUBLIC CLOUDAPPLICATIONS 3 NETWORK INFRASTRUCTURE FIREWALLSSWITCHESROUTERSWEB PROXYLOAD BALANCERS Complexity Risk & Cost Agility Flexibility CONTROL PLANE SCRIPTS COMMAND LINE MICROSOFT DHCPMICROSOFT DNSVMWARE DNS EXTERNAL DNS BIND / MICROSOFT MALWARE X X X X X X IPAM (IP ADDRESS MANAGEMENT)
© 2011 Infoblox Inc. All Rights Reserved. Infrastructure Security With Infoblox NETWORK INFRASTRUCTURE FIREWALLSSWITCHESROUTERSWEB PROXYLOAD BALANCERS Historical / Real-time Reporting & Control Historical / Real-time Reporting & Control APPS & END-POINTS END POINTSVIRTUAL MACHINESPRIVATE CLOUDAPPLICATIONS CONTROL PLANE Infoblox Grid TM w/ Real-time Network Database
© 2011 Infoblox Inc. All Rights Reserved. Infoblox DDI and Grid Agentless Management of Microsoft DNS/DHCP & Full AD Integration Cloud Orchestration Integration (VMware, BMC) Virtualization VMware Integration Microsoft DNS, DHCP Branch Office Reporting Server Integrated Advanced Reporting Integrated Advanced Reporting Edge Network/ Remote Offices Branch Office DNS/DHCP Branch Office DNS/DHCP Branch Office Grid Master Grid Master Site Patented Grid Technology: Central Management, Authoritative DB Virtualization & Cloud Integration HA pr. Grid Member
© 2011 Infoblox Inc. All Rights Reserved. Simplified Workflow Design Drag and drop GUI Create highly effective workflows within minutes
© 2011 Infoblox Inc. All Rights Reserved. Orchestration Highlights Automate IP/DNS and network configurations for VMs provisioned by MS System Center Pre-defined workflows that can be customized. E.g. Reserve an IP for VMs Create VM in an existing virtual network Remove VM and related DNS records Create network Delete network Batch processing support
© 2011 Infoblox Inc. All Rights Reserved. Infoblox Provides Complete Network Awareness 8 Authoritative Network Database, 360 Degree View of IP Data
© 2011 Infoblox Inc. All Rights Reserved. Secure DNS 9
© 2011 Infoblox Inc. All Rights Reserved. DNS Attacks In the last year alone there has been an increase of 200% DNS attacks 1 58% DDoS attacks 1 With possible amplification up to 100x on a DNS attack, the amount of traffic delivered to a victim can be huge 28M Pose a significant threat to the global network infrastructure and can be easily utilized in DNS amplification attacks 2 33M Number of open recursive DNS servers 2 With enterprise level businesses receiving an average of 2 million DNS queries every single day, the threat of attack is significant 2M2M 1. Quarterly Global DDoS Attack Report, Prolexic, 4 th Quarter, Financial services Technology company Government Financial impact is huge Avg estimated loss per DDoS event in $7.7M -$13.6M -$17M The average loss for a 24-hour outage from a DDoS attack 3 42% Enterprise 29% Commerce Miscellaneous5% Automotive1%1% Healthcare2%2% Business Services 21% Financial Services 13% Public Sector 5%5% Media & Entertainment 17% High Tech 7% Consumer Goods 2% Hotels 5% Retail 22% Top Industries Targeted 4 $27 million 3. Develop A Two-Phased DDoS Mitigation Strategy, Forrester Research, Inc. May 17, State of the Internet, Akamai, 2nd Quarter, 2013
© 2011 Infoblox Inc. All Rights Reserved. DNS Protection Is Not Just About DDoS DNS reflection/DrDoS attacks Using third-party DNS servers(open resolvers) to propagate a DOS or DDOS attack DNS amplification Using a specially crafted query to create an amplified response to flood the victim with traffic DNS-based exploits Attacks that exploit vulnerabilities in the DNS software TCP/UDP/ICMP floods Denial of service on layer 3 by bringing a network or service down by flooding it with large amounts of traffic DNS cache poisoning Corruption of the DNS cache data with a rogue address Protocol anomalies Causing the server to crash by sending malformed packets and queries Reconnaissance Attempts by hackers to get information on the network environment before launching a DDoS or other type of attack DNS tunneling Tunneling of another protocol through DNS for data exfiltration
© 2011 Infoblox Inc. All Rights Reserved. Advanced DNS Protection Work? Reporting Server Automatic updates Infoblox Threat-rule Server Advanced DNS Protection (External DNS) Reports on attack types, severity Amplification Cache Poisoning Legitimate Traffic Reconnaissance DNS Exploits Advanced DNS Protection (Internal DNS) Grid-wide rule distribution Data for Reports ADP appliance reaches out to Threat-rule server periodically for updates
© 2011 Infoblox Inc. All Rights Reserved. Advanced DNS Protection Programmable Technology (PT series) For SP who have IB 4030-Rev2 just need the protection service <50,000 QPS <143,000 QPS <200,000 QPS Sizing recommendation:
© 2011 Infoblox Inc. All Rights Reserved. Malware Threats Booming! 14 Average over 7 million new Malware threats per quarter in 2014* Mobile threats grew about 10X in 2014* 855 successful breaches / 174 million records compromised in 2014** 69% of successful breaches utilized Malware** 54% took months to discover, 29% weeks** 92% discovered by external party** Startling statistics
© 2011 Infoblox Inc. All Rights Reserved. DNS Firewall: Block Malware/APT An infected device brought into the office. Malware spreads to other devices on network. 123 Malware makes a DNS query to find “home.” (botnet / C&C) DNS Firewall blocks DNS query (by Domain name / IP Address ) Malicious domains Infoblox DDI with DNS Firewall Blocked attempt sent to Syslog 34 Malware / APT 12 Malware / APT spreads within network; Calls home 4 Pinpoint any infected device: IP address MAC address Device type (DHCP fingerprint) Host name DHCP lease history Reputation data comes from: DNS Firewall Subscription Svc FireEye Adapter (NX Series) DNS FW – Security Net that can catch 80% of Malware comm.
© 2011 Infoblox Inc. All Rights Reserved. Introducing: DNS Firewall + FireEye Adapter C & C / Botnet Portal IP’s C & C / Botnet Portal IP’s Detects & detonates advanced malware C&C Proxies C&C Portals Malware DNS Query to ‘find & phone home’ DNS Server with DNS Firewall …. Infoblox Firewall Subscription service INTRANET INTERNET Infected Enterprise End-point Block / Re-direct DNS Query Ips/Domains/etc. of ‘bad servers’ 123B Infoblox Reporting Server – ID infected device by IP/MAC address & device type A FireEye Play Malware Attack Domain-name & Host IP address to be blocked DNS Firewall Subscription Svc DNS Firewall - FireEye Adapter AB
© 2011 Infoblox Inc. All Rights Reserved. DNS FW & FEYE Use Case Infoblox account team helped Mobile Device Company extend their current investment in Infoblox and FireEye. 35 to 40 thousand DNS suspicious queries/day FireEye alerts and Dynamically Updates the Infoblox DNS Firewall w/ the Bad Domains, IP Addresses that the malware is querying. GameOver Zeus & ThreatStop! Key Takeaway: Infoblox and FireEye prevent infected (present and future)clients from exploiting DNS services
© 2011 Infoblox Inc. All Rights Reserved. IB DNS FW Use Case Healthcare Cryptolocker discovered and stopped We blocked DNS query's to the HealthCare's webpage Banner infected determined to be hosting cryptolocker to trusted and guest network. Key Takeaway: DNS FW and Feed is automatically updated. Manually blacklisting is not a viable solution.
© 2011 Infoblox Inc. All Rights Reserved. In Review Defense In Depth DNS is critical infrastructure Unprotected DNS infrastructure introduces serious security risks Infoblox Secure DNS Solution protects critical DNS services Infoblox Advanced DNS Protection Defend Against DNS Attacks Infoblox Advanced DNS Protection Defend Against DNS Attacks Infoblox DNS Firewall Prevents Malware/APT from Using DNS Infoblox DNS Firewall Prevents Malware/APT from Using DNS Hardened Appliance & OS Secure the DNS Platform
1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2014 Infoblox Inc. All Rights Reserved. Securing DNS Infrastructure Matt Gowarty | Senior Product Marketing.
1 | © 2013 Infoblox Inc. All Rights Reserved. Securing DNS Infrastructure Srikrupa Srivatsan | Senior Product Marketing Manager August 2014.
1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2014 Infoblox Inc. All Rights Reserved. Domain Name System (DNS) Network Security Asset or Achilles.
1 | © 2013 Infoblox Inc. All Rights Reserved. Logicalis Breakfast Briefing Ceire McQuaid and Gary Cox – Network Discovery and DNS Security 10 th July 2014.
1 | © 2013 Infoblox Inc. All Rights Reserved. Protecting Critical Network Infrastructure Krupa Srivatsan | Senior Product Marketing Manager January 2014.
1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2014 Infoblox Inc. All Rights Reserved. Securing DNS Infrastructure Steven Barber | Principle Sales.
1 | © 2013 Infoblox Inc. All Rights Reserved. Securing External & Internal DNS Edward O’Connell | Sr. Product Marketing Manager February 2014.
1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2014 Infoblox Inc. All Rights Reserved. Control Your Network! Infoblox Overview Paul de Haan – Systems.
1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing.
1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2015 Infoblox Inc. All Rights Reserved. CONFIDENTIAL DNS Security with AntiDDoS and AntiMalware for.
© 2013 Infoblox Inc. All Rights Reserved. Tim Connelly, Manager, Systems Engineering Tim Connelly, Manager, Systems Engineering.
Domain Name System (DNS) Network Security Asset or Achilles Heel? Seema Kathuria, Sr. Product Marketing Manager, Infoblox February 19, 2015.
Akamai Technologies - Overview RSA ® Conference 2013.
Andrzej Kroczek Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg. F5 Networks.
HUIT dns/dhcp redesign and roadmap Improved dns, right size IB, modern design, linux fallback.
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
Computer Security and Penetration Testing Chapter 11 Denial-of-Service Attacks.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.
1 © Copyright 2010 EMC Corporation. All rights reserved. The Virtualization BenefitThe Physical Challenge Virtualizing Microsoft Applications Aging, Inefficient.
© 2009 VMware Inc. All rights reserved Confidential VMware: An Overview Pat Gelsinger, CEO.
Denial of Service Bryan Oemler Web Enhanced Information Management March 22 nd, 2011.
March 2009 Sipera Overview. 2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera Leader in real-time Unified Communications (UC) security.
Microsoft Azure Active Directory. AD Microsoft Azure Active Directory.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.
DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
Uwe Lüthy Solution Specialist, Core Infrastructure Microsoft Corporation Integrated System Management.
Data Center Network Redesign using SDN June 4, 2015 Brian Pietrewicz David Jones Chad VanPelt.
* Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.
Web Application Firewall (WAF) RSA ® Conference 2013.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
1 © Copyright 2010 EMC Corporation. All rights reserved. Consolidation Create economies of scale through standardization Reduce IT costs Deliver.
--Harish Reddy Vemula Distributed Denial of Service.
Performance and Security of Internet Applications John Buten Manager, Enterprise Industries
Arbor Multi-Layer Cloud DDoS Protection Nurfedin Zejnulahi, Arbor Consultant.
Microsoft Virtual Academy Module 7 Installing and Configuring System Center 2012 R2 Virtual Machine Manager.
2012 Infrastructure Security Report Darren Anstee, Arbor Solutions Architect 8 th Annual Edition.
Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
EC-Council Copyright © by EC-Council All Rights reserved. Reproduction is strictly prohibited Security News Source Courtesy:
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
System Center 2012 R2 Deborah Manor Data Centers Solutions Specialist.
© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.
Zentera Guardia Fabric ™ Securely Connects Client-Server Apps between Microsoft Azure, Enterprise Datacenters & Other Public Clouds MICROSOFT AZURE ISV.
SCADA Security, DNS Phishing AVESTA HOJJATI, COMMUTER SCIENCE DEPARTMENT ADVISOR DR AKBAR NAMIN TEXAS TECH UNIVERSITY.
Network discovery Multi- server mgmt (MSM) Visibility & audit.. Automatic discovery of DC, DHCP and DNS servers, and dynamic IP addresses.
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
© 2017 SlidePlayer.com Inc. All rights reserved.