Building a Network That Fights Back Against Online Threats
A Sandvine Webinar
As part of a multilayered security strategy, communications service providers (CSPs) must secure their infrastructure’s ability to deliver services, while at the same time protect subscribers from online threats and comply with regulatory requirements.
Only a solution engineered specifically to secure the untrusted environment of the Internet can provide effective defense against today’s threats.
In this session, Matt Duench and Ian Hassard discuss the latest advances in Sandvine’s Cyber Security solution, including:
- Network Threat Deception: Provides malicious actors with deceptive information that materially increases the costs of malicious network activities. Elements of network threat deception include:
- Network Scale Tarpitting: Slowing the propagation of attacks and malicious activity by acknowledging requests made by malicious actors with information that falsely suggests progress while the attack is actually being mitigated.
- Dynamic Vulnerability Masking: Identifying subscribers and servers running vulnerable software versions, and dynamically leading potential attackers to believe the secure version of the software is running instead, thereby preventing the attack before it starts.
- DNS Cache Poisoning Protection: Prevents DNS server infections where a DNS request from a subscriber could be spoofed redirecting it to a malicious site. Sandvine Network Security ensures that the legitimate DNS server is used.
- Precision DoS/DDoS Attack Protection: Detects and mitigates more advanced surgical and fragmentation DDoS attacks using the subscriber, application, and flow awareness of the Sandvine platform. This approach is a stark contrast to solutions that sample flows to identify potential DDoS attacks, a technique that is adequate only for large-scale, volumetric attacks.