CyberGuard SG575 Manuale Utente Scaricare il pdf (Pagina 13)

Detection and Incident Response Services

Detection and Response Services recognize and stop attempted intrusions, prevent further intrusions

from occurring, and provide a real-time alert to The Planet’s Security Operations Center. These

services are continuously monitored by security engineers and include:

C Arbor Peakflow DDoS Detection

C Firewall Protection administered by our engineers, experts in Cisco Pix, Watchguard,

Checkpoint and Cyberguard

C TippingPoint’s Unity One 2400 in-line network intrusion detection and prevention system

C Cisco Guard DDoS Mitigation deployed at the network edge in the event of an event detected

by Arbor

C ISS RealSecure Host Based Intrusion Detection System

C SecurePack Security Reporting

C Server Event Monitoring Services

C Server “Delta” Hardening

C System Integrity Checking

Arbor Peakflow DDoS Detection

A Flood or DDoS attack is a planned event whereby an individual instructs an army of “zombies”–

computers that have been put under the control of a malicious hacker via the use of scripts,

sometimes without the knowledge of the computer owner – to send a flood of requests to a server.

The goal of the attack is to shut out legitimate requests and compromise the availability of the

server. Although targeted to a particular server or site, a DDoS attack may impact the availability

of 200-300 additional machines in a packet switching network. Flood attacks can be generated from

‘real’ IP hosts or may be spoofed to hide the real identify of the attackers.

The number of attacks has increased and become increasingly more complex as sophisticated

hackers continue to create new attack schemes and make the scripts widely available on the Internet.

There are three types of denial-of-service attacks:

C Volume flood attacks are designed to generate huge volumes of traffic, saturate the network

infrastructure and ‘fill-up the pipe’ so legitimate traffic cannot get through to the destination

host.

C Resource exhaustion attacks are often complex flood attacks designed to mimic real client

activity and exhaust a server’s resources. Usually, these attacks generate less traffic than a

volume flood, but not always, and are trickier to block.

C Other complex denial-of-service attacks are delivered by specially crafted packets usually to

exploit some vulnerability on the server and kill the service. Network or host-based IPS must

be used for this type of attack.

MC Software Security and Hosting

1 2 ... 8 9 10 11 12 13 14 15 16 17 18 ... 47 48

Nessun commento

CyberGuard SG575 Manuale Utente Pagina 13