Part of a global series of conferences on cybersecurity, F5 Solution Day addresses the specialists interested in a higher level of performance and protection of the IT infrastructure. In the cloud or on-premises, the IT environments are exposed to increasingly intense and diversified attacks, the risks being maximum in the case of critical infrastructures. Datanet Systems experts attending the event outlined the need for adequate security and a set of practical means of protecting critical data infrastructures, both in plenary and in the discussions held at the stand.
Among the threats that have adverse consequences on critical IT infrastructures are distributed denial of service (DDoS) attacks. Unfortunately, both industry reports and the media abound in worrying news. According to Cisco Visual Networking Index (VNI) the number of DDoS attacks will double by 2022, reaching about 14.5 million annually. At the same time, at the level of telecommunications operators, DDoS attacks are the main threat, during incidents reaching up to 25% of the Internet traffic.
From a general perspective, DOS computer attacks fall into three broad categories: volumetric, protocol and application.
- Volumetric attacks have a share of about 65% (according to Arbor Networks analysis) and exploit multiple infected systems to generate seemingly legitimate traffic, which consumes bandwidth and blocks the network;
- Protocol attacks involve sending packets of data to a server so that it creates one connection for each packet. Upon receiving a sufficiently large number of such packages, the server will run out of all available connections and thus remain stuck on hold;
- Application attacks target the packets of data traffic between web applications and servers, generating a large volume of requests that end up blocking database servers.
Key takeaways from our presentation
Petre Popescu, Presales Manager at Datanet Systems, presented in general terms the protection against DDoS attacks, starting from a real project, describing the problem, the available technologies, the proposed solution and the services provided by Datanet Systems. The project, carried out at a large company, with two data centers, hundreds of servers and thousands of users, consisted of integrating several security technologies around F5 solutions.
According to Datanet Systems experts, any component of the IT infrastructure (routers, firewalls, application servers, database servers, etc.) has a number of limitations that can be exploited by attackers, but powerful applications are available to protect each one. The current efficient solution is a DDoS hybrid protection, which integrates both cloud and on-premises functionality and ensures centralized control. From this perspective, Datanet’s F5 products contain all the components needed to build an anti-DDoS solution and combine cloud scrubbing technologies (error correction through periodic inspection of computing, memory, storage resources, etc.) with detection and response tools for all types of DDoS attacks.
Another problem reported by Datanet System experts is the relationship between attacks and investments in protection.
“In most companies there are separate teams for network and application management. Studies show that 25% of attacks are targeted at network level and 75% towards applications, while investments in security are 90% allocated to network protection and only 10% to application protection. This imbalance, along with the separation of the teams, obviously generates high risks,” says Petre Popescu, Presales Manager, Datanet Systems.
Datanet Systems experts believe that currently all companies are exposed to computer attacks, regardless of activity or size, and the attacks will occur sooner or later. To manage this situation, companies must: ensure their visibility and ability to detect and respond to attacks, ensure the protection of IT systems on as many fronts, as well as automate security tasks to reduce pressure on profile departments, using a coherent set of new IT security products, specialized services and own and/or outsourced IT specialists.
F5 Solution Day is a one-day event that addresses the full spectrum of F5 Networks solutions, from application-level protection through WAF, to DDoS hybrid protection. Datanet Systems is a certified partner of F5 Networks and offers evaluation, design and implementation services for the most relevant solutions in this provider’s portfolio.