Imperva Incapsula - magellan netzwerke GmbH€¦ · A Leader in The Forrester Wave™ : ... This...
Transcript of Imperva Incapsula - magellan netzwerke GmbH€¦ · A Leader in The Forrester Wave™ : ... This...
© 2018 Imperva, Inc. All rights reserved.
Imperva IncapsulaA Leader in The Forrester Wave™ : DDoS Mitigation Solutions (Q4 2017)
• Speed – Pulse Wave Attacks: Why a 10 second Time-To-Mitigation SLA matters
March 2018
[email protected] – Senior Sales Engineer
© 2018 Imperva, Inc. All rights reserved.2
A Leader in The Forrester Wave™:
DDoS Mitigation
Solutions, Q4 2017
Top ranked in both
current offering and strategy
Among the top ranked in
scale and speed
Read the report to see why…
2
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of
Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted
using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor,
product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect
judgment at the time and are subject to change.
© 2018 Imperva, Inc. All rights reserved.
Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D'Hoinne, Adam Hils, Claudio Neiva,
07 August 2017
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
A LEADER for
FOUR CONSECUTIVE
YEARS
2017 Gartner Magic
Quadrant for
Web Application Firewalls
3
© 2018 Imperva, Inc. All rights reserved.
Incapsula Application Delivery Cloud
Confidential5
© 2018 Imperva, Inc. All rights reserved.
How Incapsula Works
6
Incapsula Network Your Servers
Bots
Spammers
Legitimate Traffic
Hackers
DDoS
Who is Incapsula
Market Leading Products
> 5Tbps / 30 billion pps40 POPs
Over 100,000 Customers
Market Leading Solutions
• Forrester Wave Leader, DDoS Service Providers 2015, 2017
• Gartner MQ Leader for Web Application Firewalls 2014-2017
• Best DDoS Mitigation ServiceTop Ten Reviews 2013 – 2017
• Best Web Security & Performance Service Top Ten Reviews 2012 – 2017
• Security Innovator of the Year Cloud Awards.com 2014
• Readers Choice: DDoS Protection Solution of the YearSearch Security 2014
A Leader in The Forrester Wave™
DDoS Mitigation Solutions, Q4 2017
© 2018 Imperva, Inc. All rights reserved.
Security
• DDoS Protection• Website Protection
• Infrastructure Protection
• Name Server Protection
1
Confidential8
© 2018 Imperva, Inc. All rights reserved.
Global DDoS Threat Landscape, 2017
9
Source: Incapsula DDOS Reports Q1-Q4 2017: • https://www.incapsula.com/ddos-report/ddos-report-q1-2017.html• https://www.incapsula.com/ddos-report/ddos-report-q2-2017.html• https://www.incapsula.com/ddos-report/ddos-report-q3-2017.html• https://www.incapsula.com/ddos-report/ddos-report-q4-2017.html
© 2018 Imperva, Inc. All rights reserved.
Speed – Breaking Down Time to Mitigation
• A Definition of Time To mitigation:– FROM the first DDoS attack packet hitting your system
– TO when your mitigation provider begins scrubbing incoming traffic.
• It covers the time taken to execute the following steps:– Detection – The speed with which a mitigation service notices that a DDoS attack is
taking place.
– Sampling – The time taken to analyze traffic flows and create directives for scrubbing.
– Scrubbing – The start of the ongoing process of filtering out malicious traffic, based on
patterns identified during the sampling process.
10
© 2018 Imperva, Inc. All rights reserved.
Speed – Pulse Wave Attacks
11
Classic Waves… Pulse Wave Attacks…
© 2018 Imperva, Inc. All rights reserved.
Time-to-Mitigation
• Rapid time-to-mitigation prevents downtime and protects
against hit-and-run and pulse-wave attacks
• Hybrid solutions have on-prem device disconnected
from internet and breakout to Cloud may be delayed
• Other vendors can take minutes to start scrubbing
attacks
• Incapsula offers a Time-to-Mitigation SLA
of 10 Seconds
12
© 2018 Imperva, Inc. All rights reserved.
Size – DDoS Amplification Attack Vector via Memcached Servers
13
Source: US-CERT: https://www.us-cert.gov/ncas/alerts/TA14-017A
On February 28 2018 – Attack with 350Gbps and 30Mpps
© 2018 Imperva, Inc. All rights reserved.
Size – Incapsula Global Network Map
40 DDoS-resilient data centers
Scrubbing Capacity of over
5Tbps and 30Gpps
Meshed network and peering
relationships with top-tier providers
14
© 2018 Imperva, Inc. All rights reserved.
• High packet rate attacks are the new play in the
DDoS space
• Others focus on bandwidth (bits per sec): These
were not designed to handle large PPS volumes
• Our purpose-built network has the
capacity to mitigate any DDOS attacks.
Currently 5Tbps+ / 30Gpps+
Capacity
15
© 2018 Imperva, Inc. All rights reserved.
• Switching traffic over to a scrubbing network
adds latency
• Other vendors have very few scrubbing PoPs,
making them prone to latency
•We offer connectivity speeds of
under 50 Milliseconds to more than
90% of the world
Latency
16
© 2018 Imperva, Inc. All rights reserved.
WebsiteProtection
Name ServerProtection
InfrastructureProtection
Incapsula – Comprehensive DDoS Protection
17
DNS
WEB
UDP, TCP
SSH, FTP, Telnet
SMTP
SIP
DDoS Protection Service Protected Assets
© 2018 Imperva, Inc. All rights reserved.
Incapsula – Website Protection
18
Legitimate Traffic
IncapsulaHTTP/S Proxy
HTTP/S Requests
From Cache
Only SafeHTTP/S Reguests
Web Servers(HTTP/S)
© 2018 Imperva, Inc. All rights reserved.
Incapsula – Name Server Protection
19
Legitimate Traffic
DNS Servers
DNS Queries
From Cache
Only Safe DNS Queries
IncapsulaDNS Proxy
© 2018 Imperva, Inc. All rights reserved.
Incapsula – Infrastructure Protection (Layer 3/4)
20
DDoS
LegitTraffic
Incapsula’s Network
GRE Tunnel /Cross Connect /
Equinix ECX
Protected Subnet
1.2.3.0/24
CustomerInfrastructure
CustomerRouter
BGP
Announcement
• Unlimited DDoS protection for the entire Data Center
• Simple activation for entire subnets using BGP announcements
• Protect multiple protocols and services including SMTP, FTP, VoIP, and
proprietary protocols
• Available in on-demand or always-on deployments
© 2018 Imperva, Inc. All rights reserved.
The Incapsula DDoS Advantage
• Easily defeats DDoS attacks of any size with a global 5Tbps+ / 30Gpps scrubbing
network
• Automatically blocks any type of DDoS attacks (network, application, protocol, etc.)
• Sophisticated application layer and crowd-sourcing techniques
– Client classification engine combats DDoS bots
– WAF integration deals with multi-vector attacks
– Transparent challenges ensure minimal false positives
• Won’t slow down websites, impact user experiences, or create false positives
• Proprietary mitigation technology
– Custom HW, SW, and algorithms
– Complete control of system to defeat emerging and morphing DDoS threats
– Fastest system-wide updates and custom rule propagation available
21
© 2018 Imperva, Inc. All rights reserved.
Incapsula
Contact us for a demo or free trial...
5
22
© 2018 Imperva, Inc. All rights reserved.
Security
• Website Security2
24
© 2018 Imperva, Inc. All rights reserved.
WEBAPP
The Incapsula Security Model
25
Access Control
Blocks unwanted IPs, Regions, Countries
Bot Mitigation
Blocks automated attackers, bad bots, scrapers, spammers
WAFBlocks Hacking attacks
OWASP Top 10 attacks (SQLi, XSS, etc.)
Custom Rule & Policy Engine
Application specific attacks
IP ReputationLists
ClientClassification WAF
Crowdsourcing
Big Data analysis on
• 160,000 Sites+
• Tbs of traffic
• Millions of attacks
Clear visibility on the web attack landscape
© 2018 Imperva, Inc. All rights reserved.
Performance
• CDN & Optimizer3
Confidential26
© 2018 Imperva, Inc. All rights reserved.
Website Acceleration
27
• Bringing Websites Closer to Their
Visitors
– With Incapsula, content is cached,
optimized, and served locally from
physical memory
• Analyzes static + dynamic website
content automatically optimizing
performance by determining
– What is cacheable
– How long to cache it
– What resources are frequently used,
prioritizing their delivery
Cached resources are served directly from physical memory making responses lightning fast
© 2018 Imperva, Inc. All rights reserved.
Availability
• Load Balancing4
28
© 2018 Imperva, Inc. All rights reserved.
Incapsula Load Balancing and Failover
29
We bring cloud versatility to application load balancing.
Global Server Load Balancing
Data Center
Data Center
IncapsulaNetwork
Traffic
SiteFailover
Data Center
Data Center
Incapsula Network
Traffic
LocalLoad Balancing
DataCenter
IncapsulaNetwork
Traffic