KasperskyDDoS Protection
- Global network of data traffic ‘cleaning centers’
- Seamless integration with no additional hardware
- Protection from the most complex and high-volume attacks
Technical information
Lorsque des cybercriminels lancent une attaque par déni de service distribué (DDoS), les dommages et les coûts peuvent être dévastateurs pour l'entreprise ciblée.
Les attaques DDoS sont utilisées pour désactiver la présence en ligne ou les processus clés de l'organisation ciblée. Cela peut avoir un impact durable pour la victime. Votre entreprise met-elle tout en œuvre pour se protéger des attaques DDoS ?
Les activités en ligne jouent un rôle de plus en plus important dans pratiquement toutes les interactions entre entreprises et clients, fournisseurs et collaborateurs. Aucune entreprise ne peut se permettre d'ignorer aujourd'hui les risques grandissants d'attaques DDoS. Vos services en ligne (et l'ensemble de votre infrastructure informatique) sont tout simplement trop importants pour être laissés sans surveillance :
- Vos clients sont plus exigeants que jamais
- Ils s'attendent toujours à disposer d'un accès permanent aux produits et services ; cela signifie que les temps d'inactivité imprévus sont inenvisageables si votre entreprise veut satisfaire les exigences de ses clients
- Votre équipe a besoin d'un accès fiable aux services clés
- Vos collaborateurs ne peuvent pas effectuer leur travail si l'un de vos systèmes critiques est mis hors service par une attaque DDoS
- Une attaque peut avoir des répercussions fortes
Même si l'attaque cible un élément spécifique de votre infrastructure, elle peut affecter d'autres secteurs de votre entreprise. Par exemple, une attaque visant les systèmes internes d'une banque peut également désactiver l'ensemble de son réseau de distributeurs automatiques.
The direct financial costs of recovering from a DDoS attack can be massive… and the reputational damage can keep adding to those costs over the long term:
- Direct financial costs
- Failed sales transactions – during downtime periods
- Failed online banking transactions – with possible penalties
- Your own team needs reliable access to key services
- Negative publicity that dissuades existing customers and potential clients
- Damage to your business brand – that could take years to recover from
If your business is subjected to a DDoS attack, it could also suffer additional losses that result from misconceptions about exactly what a DDoS attack is – and how it could affect your customers. Even though DDoS attacks are unlikely to have any effect on your customers’ security, can you be sure your customers will understand this?
Whenever customers hear about a ‘security incident’ – any security incident – some may fear that their confidential information, bank details and credit card numbers could be at risk. Even though these fears may be totally illogical – and stem from customers’ misunderstandings about the nature of DDoS attacks – your business could still suffer.
DDoS attacks are nothing new. They’ve been a threat for many years. However, the level of danger is much higher than in previous years.
Recently, because the cost of launching a DDoS attack has reduced, the volume of attacks has rapidly increased.
At the same time, today’s attacks are much more complex and sophisticated – so you need to do much more to defend against them.
Anti-DDoS solutions: Protecting against modern DDoS attacks
- Much more difficult to guard against
- Even harder for a business to recover from
In addition, the sheer scale of a typical attack can rapidly overwhelm the target’s infrastructure. With today’s attacks often running at 80 – 100 Gb per second, the bandwidth of typical corporate networks can be saturated in just a few seconds.
All of this means that the simple prevention techniques – that were still effective only a few years ago – no longer offer adequate DDoS attack protection. Businesses are no longer able to defend against attacks, without using specialist defense services. The threats have become more devious… so your protection measures have to be even more capable.
There are many different ways for hackers to overload the target business’s IT infrastructure – to cause a ‘denial of service’. Some of the most common types of attack include:
- Volumetric attacks
These attacks try to saturate the capacity of your corporate Internet connection – by generating traffic levels that exceed your available bandwidth. - Application and infrastructure attacks
Application layer attacks seek to crash servers that are running vital applications – such as the web servers that your online presence depends on. Other infrastructure-based attacks may try to disable your network equipment and / or server operating systems. - Hybrid attacks
These can be particularly challenging – as they combine volumetric attack methods and application layer or infrastructure attack techniques.
To ensure your business is adequately defended against DDoS attacks, you need a DDoS attack prevention solution that helps you to:
- Detect any new attack as rapidly as possible
So you can defend your business very soon after the hacker launches the attack against your business. - Mitigate the effects of the attack as rapidly as possible
So your business can minimize – or totally prevent – any disruption to its normal business activities.
Kaspersky DDoS Protection gives you a total, integrated solution that includes everything your business needs to defend against DDoS attacks:
- Special sensor software* – for installation on your site
- Access to a resilient, distributed network of ‘cleaning centers’
- Advanced intelligence about the latest DDoS attacks
- The services of our Security Operations Center
- Extensive support – including direct access to DDoS protection experts
- Post-attack analysis and reports
- ...all backed up by a stringent Service Level Agreement.
*The sensor software runs on a standard x86 server or on a virtual machine. If you require a new server, it can be supplied by one of Kaspersky Lab’s partners.
Kaspersky DDoS Protection takes care of every stage in defending your business – from ongoing 24x7 analysis of your traffic, through to alerting you about the possible presence of an attack and then redirecting your traffic, cleaning your traffic, returning ‘clean’ traffic to you… and, finally, giving you post-attack reports & analysis.
Unlike other vendors’ offerings, Kaspersky Lab’s solution fights DDoS attacks on two fronts:
- Special defense infrastructure – including our sensor software – running on your site – and systems running at a network of Kaspersky Lab sites
- Kaspersky Lab DDoS intelligence – for earlier detection of DDoS attacks
Kaspersky Lab provides special sensor software that runs at your site – and, as soon as it’s installed, the sensor software starts to collect statistics and build usage profiles that help it to protect your business.
It monitors your traffic and – by continually building up statistical data and behavioral analysis data – the sensor continuously enhances its ability to detect even very subtle anomalies that are characteristic of the start of a DDoS attack.
Because the sensor software runs on a standard x86 server or a virtual machine, there isn’t any non-standard hardware for you to maintain.
In the event of a DDoS attack, we’ll alert you and give you the option of redirecting your traffic to Kaspersky Lab’s Cleaning Centers – and then having only ‘clean traffic’ returned to you.
We’ve invested in a distributed network of Cleaning Centers – to deliver a highly resilient and scalable traffic cleaning capability.
Kaspersky Lab’s malware experts use sophisticated methods to monitor the DDoS threat landscape and keep ahead of the hackers – so that we can achieve earlier detection of DDoS attacks.
Because traditional DDoS prevention vendors don’t have security intelligence departments, this proactive layer of protection cannot be delivered by these vendors.
Defending against the most complex DDoS attacks doesn’t have to be a complex task for your business.
When you choose Kaspersky DDoS Protection, you’re effectively ‘giving your entire DDoS attack protection problem to Kaspersky Lab’.
With Kaspersky Lab’s integrated defenses on board, your IT and security teams are free to focus on your core business activities – safe in the knowledge that you’ve got multi-layered defenses against the most sophisticated attacks.
Kaspersky DDoS Protection Technology
Unlike virus attacks that tend to propagate automatically, DDoS attacks rely on human expertise – and that can make DDoS attacks particularly difficult to defend against… unless you have the Kaspersky Lab experts helping to protect you.
For virtually every DDoS attack:
- Hackers research their target
The attackers assess vulnerabilities within the target business’s online presence – and then preselect the attack tools that are most likely to achieve the hacker’s malicious objectives. - Cybercriminals adapt their tactics
Working in real time – during the attack – hackers constantly change tactics, adapt their approach and select different tools… in order to maximize the damage they can inflict.
Because real people are constantly fine tuning almost every ‘live’ DDoS attack, you need real DDoS mitigation experts fighting against your attackers in real time… and that’s exactly what Kaspersky DDoS Protection delivers.
In the past, some vendors proposed the use of a hybrid defense that included an inline appliance and remote cleaning centers. The inline appliance would continually intercept the business’s traffic and provide some level of defense for small attacks – and only suggest redirecting traffic if a large attack was detected. However, with the vast majority of today’s attacks now able to overwhelm the capacity of both an inline appliance and the targeted business’s Internet connection – within a few seconds – this approach is now outdated, and it can introduce delays before traffic is redirected to a cleaning center.
Kaspersky DDoS Protection uses a non-inline sensor that continuously monitors your traffic – without intercepting it. As soon as the sensor detects a potential attack, you have the option of redirecting all traffic to one of Kaspersky Lab’s cleaning centers.
Because Kaspersky Lab’s solution totally avoids the use of inline appliances:
You have greater control over whether your traffic is redirected to cleaning centers
You benefit from DDoS protection that also achieves a lower rate of false positives
Although no one can stop cybercriminals targeting your business, Kaspersky Lab is ideally placed to deliver a rapid response to any DDoS attack. Then – after we’ve defended you against the attack and mitigated the effects – we’ll deliver detailed, post-attack analysis and reporting on exactly:
- What happened
- How long it lasted
- How Kaspersky DDoS Protection dealt with the attack
... so every level of your business benefits from clear visibility of the issues.
Kaspersky DDoS Protection combines three protection techniques – to deliver more rigorous DDoS attack protection:
- Statistical analysis – of your online traffic helps us to build profiles and detect deviations
- Behavior analysis – monitors your website’s visitors, so we can identify abnormal behavior
- Advanced DDoS intelligence – that only our solution can offer – enhances detection rates
Whereas some vendors can protect against volumetric attacks and other vendors’ offerings are more suited to defending against application layer attacks, Kaspersky Lab provides effective protection and mitigation for all types of DDoS attacks, including:
- Volumetric attacks
- Application layer attacks
- Infrastructure attacks – against networks & operating systems
- Hybrid attacks… and more
… so, whatever technique the attackers use, Kaspersky DDoS Protection safeguards your business.
Because today’s DDoS attacks are much more sophisticated, an intelligence-led approach to defense is vitally important. No other DDoS prevention solution vendor has our background in IT security – so no other vendor has a dedicated attack intelligence team.
Because we’re the first anti-malware vendor to offer a DDoS protection solution, we’re able to provide a unique combination of statistical analysis, behavior analysis and DDoS attack intelligence… for more thorough defense.
Some vendors are only able to provide broad monitoring of the entire communication channel. However, Kaspersky Lab’s solution is capable of granular analysis – so we can detect even smaller deviations from normal traffic and normal behavior.
In addition, we use special techniques that let us filter traffic at points that are as close as possible to the source of an attack.
Because all of the software inside Kaspersky Lab’s DDoS Protection solution – and other security products – is developed by the company’s own, in-house experts:
- We have full control of the development cycle
- We can react more rapidly to changes in the DDoS attack landscape
Furthermore, our DDoS Emergency Response Team works very closely with Kaspersky Lab’s lead engineers and solution architects. Communication lines are short and feedback loops are very responsive – so we can rapidly deliver new plug-ins that defend against new application layer attacks.
Kaspersky DDoS Protection
Provides everything your business needs to defend against – and mitigate the effects of – all types of DDoS attacks.
The theft of sensitive production data and Distributed Denial of Service (DDoS) attacks on key online services are two of the most serious threats faced by this leading food production company. Kaspersky Lab ensured it stayed protected -without impacting on process availability.
After experiencing numerous DDoS attacks, one of Italy’s leading e-commerce brand turned to Kaspersky to ensure its website stayed 'business as usual' whatever happened.
Not sure which Security Solution is right for your business?