You are on page 1of 15

Helping you stay online… Always

02
ERA OF DDoS
TABLE OF
ATTACKS

CONTENTS
04
HALTDOS
SOLUTION

01
INTRODUCTION

03
FIREWALLS NOT
ENOUGH
05
DIFFERENTIATING
FACTOR
ABOUT

HALTDOS
HaltDos is an Indian based Network Security startup
providing security solution to its customers. Its flagship
product, haltDos, is India’s first comprehensive DDoS

RIDE THE HIGHWAY WITH HALTDOS mitigation solution.

Amidst fierce competition, your business cannot


afford to slow down. With haltDos, you don't have
Our Expertise
to sacrifice productivity and performance to get
 DDoS Mitigation Solution
leading-edge security. Our multi-layered, multi-
 Application Delivery
vector protection ensures that your website stays
online and always accessible to your customers.  Load Balancing & Proxy

 Application Firewall
CO-FOUNDERS

Anshul Saxena Wg. Cdr. Ashish K. Saxena


• CTO of AKS IT Services Pvt. Ltd. • MD of AKS IT Services Pvt. Ltd.
• MS Information Security, Georgia • M. Tech, IIT Delhi
Institute of Technology • CISSP, CISA
• Security Developer at Amazon (AWS • 37 years of work ex. in Indian Air Force
Cloud Front) • 10 years experience in running a
• Software Developer at Microsoft successful security company

4
DDoS
Short for Denial of Service, DoS is a type of
attack on a network that is designed to bring
IT
the network / service down to its knees by NETWORKING
flooding it with useless traffic

5
INCREASING COMPLEXITY

PAST PRESENT

Infrastructure: Infrastructure: Application:


• IP Flooding • HTTP GET/POST Flood
• IP Flooding
• TCP Flooding • SIP Flood
• TCP Flooding • UDP Flooding • Slowloris
• UDP Flooding • ICMP Flooding • R.U.D.Y.
• ICMP Flooding • DNS Flooding
• Ping of Death • DNS Query Flood Reflection/Amplification:
Protocol: • NTP Flood
• TCP SYN Flood • SNMP Flood
• TCP ACK Flood • DNS Reflection
• Zombie Flood
• SSL based attacks
• Corrupted SSL Flood

6
ERA OF DDoS ATTACKS

01 04
Increasing at over Cause over $40,000 / hr
200% year over year in losses to the victim

02 03
Over 2000 attacks
Cost $150 to launch a
are reported daily
week long DDoS attack

7
Inability to meet
Reputation Loss
SLAs

Revenue Loss Service Outage


Productivity Loss

8
Threat Ranking
What organizations feel about various cyber threats.

50
45
DDoS Unauthorized Access
36
33 31 Worms & Virus Phishing

Fraud Other

9
WHY CAN’T FIREWALL / IPS HANDLE DDoS ATTACKS?

As stateful devices, firewalls and IPS track all connections for inspection and store them in a
connection table. Every packet is matched against the connection table to verify that it was
transmitted over an established, legitimate connection. The typical connection table can store tens
of thousands of active connections, which is sufficient for normal network activity. However, a DDoS
attack may include millions of packets per second.

Firewalls and IPS only examine individual sessions. DDoS attacks such as HTTP floods, are
composed of millions of legitimate sessions. Each session on its own is legitimate and it cannot be
marked as a threat by firewalls and IPS.

10
Network Bottleneck

Internet Pipe Application Server

Firewall IPS / IDS

Load Balancer SQL Server


40

36

28

21
20

10

3 2
0
a b c d e f

11
HALTDOS

360° Security
All round protection from simple to
sophisticated zero day DDoS attacks

Always Learning
Self adapting and configuring solution
requiring no human intervention

Real-Time Metrics
Audit report on Attack, application
health, customer interaction and more

Customizable
100% customizable with on the fly
updates. Easy to scale and takes no more
than a few minutes to setup
Multi-layer Security
Our multi layer mitigation provides

1 2 3 4 5
the widest range of protection to
application servers with minimum
human intervention and zero false
positives.

No Rules, No Signature
HaltDos is an anomaly detection and
mitigation system and does not rely
on attack signatures. This makes it
harder for attackers to bypass as
PACKET ENTROPY BEHAVIORAL HEURISTIC PRIORITY TRAFFIC there are no rules to break.
INSPECTION MITIGATION MITIGATION MITIGATION SHAPING
Validating incoming Using entropy change Detects malicious Computes suspicion Prioritize traffic and
packets with compliance detection to detect and interaction with the based on 30+ different forward least suspicious
Update, not Upgrade
to RFC standards mitigate DDoS system attributes traffic first HaltDos is 100% software running on
custom configured hardware. This
makes it extremely flexible to update
to newer technologies without
needing to upgrade the hardware
HALTDOS FACTOR

01
NO HUMAN POLICY
"Hands-off" solution with self-learning

02
REDUCED TCO
capability that adapts to changing network
Multiple security tools in a single box.
conditions and requires minimal tuning
Single console to manage multiple units.

04 03
ACCURATE ATTACK PREVENTION MAINTAINS BUSINESS
Stateless DDoS appliance providing OPERATIONAL
best in class attack detection and Attack or no attack, HaltDos
mitigation in the most demanding ensures your business stays
operational environments operational all the time.

14
No stopping your Application
RIDE THE HIGHWAY