Scribd
Upload
722 views7 pages

f5 Silverline Ddos Protection Datasheet

Uploaded by

Kv Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
722 views7 pages

f5 Silverline Ddos Protection Datasheet

Uploaded by

Kv Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

F5 Silverline

® ®

DDoS Protection

DATASHEET

Protect Your Business and Stay Online


During a DDoS Attack
What’s Inside DDoS attacks are increasing in scale and complexity, threatening to overwhelm the
internal resources of businesses globally. These attacks combine high-volume traffic
2 Comprehensive DDoS with stealthy, low-and-slow, application-targeted techniques. To stop DDoS attacks from
Protection reaching the enterprise network, organizations need a hybrid solution for cloud-based
mitigation in addition to on-premises protection.
2 Real-Time Cloud-Scrubbing
Technologies
F5® Silverline® DDoS Protection is a service delivered via the F5 Silverline cloud-based
4 Resilient Attack Mitigation platform. It detects and mitigates DDoS attacks in real time, with industry-leading DDoS
attack mitigation bandwidth to stop even the largest of volumetric DDoS attacks from
4 Ensure the Best User ever reaching your network. F5 security experts are available 24x7x365 to keep your
Experience business online during a DDoS attack with comprehensive, multi-layered L3–L7 DDoS
attack protection.
4 Deployment Modes

5 Unparalleled Visibility and


Reporting Before, During, Key benefits
and After a DDoS Attack
Keep your business online during a Defend against volumetric attacks
DDoS attack Protect your business from even the largest of
6 Complete Attack Protection
Stop DDoS attacks before they reach your DDoS attacks—over hundreds of gigabits per
enterprise network and affect your business, second—with industry-leading DDoS attack
6 Flexible Subscriptions
using real-time, DDoS attack detection and mitigation bandwidth.
mitigation in the cloud.
7 F5 Global Services Get expert service
Protect against all DDoS attack vectors F5 Security Operations Center (SOC) experts
7 DevCentral Engineered to respond to the increasing threats, are available 24x7x365 with optimum service
escalating scale, and complexity of DDoS SLAs for uptime and response to DDoS attacks
7 More Information attacks, F5 offers multi-layered L3–L7 DDoS in minutes.
attack protection against all attack vectors.
Drive efficiencies with a hybrid DDoS
Gain attack mitigation insights solution
The F5 customer portal provides transparent F5 offers comprehensive DDoS protection both
attack mitigation visibility and reporting before, on-premises and with the Silverline cloud-based
during, and after an attack. application services platform.
DATASHEET
Silverline DDoS Protection

Comprehensive DDoS Protection


The Silverline DDoS Protection service complements F5’s on-premises DDoS solution
to protect organizations against the full spectrum of modern DDoS attacks. This hybrid
DDoS protection solution from F5 combines industry-leading DDoS protection solutions on
premises for detecting and mitigating mid-volume, SSL, or application-targeted attacks—
with the high-capacity Silverline DDoS Protection service to stop the volumetric attacks
before they ever reach your network.

F5 is the first leading application services company to offer a hybrid solution for DDoS
protection. By implementing Silverline DDoS Protection in addition to the on-premises
solution, customers can keep their businesses online when under DDoS attack with a
reduced risk of downtime, real-time DDoS mitigation response times, unparalleled visibility
and reporting, and cost efficiencies. The on-premises DDoS protection solution and
Silverline DDoS Protection can be implemented independently of each other, or together
as a hybrid solution for the most comprehensive L3–L7 DDoS protection. Throughout the
F5 infrastructure and process, Silverline DDoS Protection maintains PCI DSS compliance
by rigorously protecting and controlling data access, encrypting and retaining data,
and archiving or deleting data.

Network DDoS DNS DDoS SSL DDoS Application DDoS


Attack Attack Attack Attack Customer Scenarios
+ GBB Licensing: Best + IP Intelligence + Silverline DDoS Protection

Software-Defined
DDoS Protection Application Services
Data Center Firewall

Orchestration
Professional Services and Support

iControl SOAP iControl REST

Programmability

Control Plane Data Plane

iApps iCall iRules High-Performance


Services Fabric

F5 Platform

VE

Hardware Software Cloud

ScaleN

VXLAN NVGRE VLANS

Physical • SDN • OpenStack • Overlay

Figure 1: F5 provides a comprehensive DDoS solution with both on-premises protection and
cloud-based Silverline DDoS Protection.

Real-Time Cloud-Scrubbing Technologies


Any organization that delivers content or applications over the Internet can use cloud-based
DDoS protection to keep their business online during an attack with minimal impact to
users. Engineered to respond to the increasing threats, escalating scale, and complexity of
DDoS attacks, Silverline DDoS Protection offers multi-layered L3–L7 protection against all
attack vectors.

Silverline cloud-scrubbing centers are designed with industry-leading security and open
source technologies to detect, identify, and mitigate threats in real time and return clean
traffic back to your site. By utilizing the breadth of the most advanced security hardware,
2
DATASHEET
Silverline DDoS Protection

software, rules engines, and customized tools, Silverline DDoS Protection provides
comprehensive, multi-layered attack analysis and mitigation that cannot be achieved with
other scrubbing services that use a single-vendor technology architecture.
Silverline DDoS Protection can run continuously to monitor all traffic and stop attacks
REFERENCE ARCHITECTURE: DDoS Protection
from
CONTENT TYPE:ever
Product Mapreaching your network, or it can be initiated on demand when your site is under
AUDIENCE: Security Architect

DDoS attack.
CUSTOMER SCENARIO: Enterprise Data Center

Threat Intelligence Feed

Next-Generation Users leverage NGFW for Employees


Scanner Anonymous Anonymous Botnet Attackers Firewall outbound protection
Proxies Requests
Network Tier

DDoS Attacker Network Firewall Services Application Tier


Cloud Scrubbing + DNS Services
+ Simple Load Balancing to
Application Tier Web Application Financial
DDoS Protection Firewall Services Services
+ SSL Termination

Customer LTM ASM


aaS vCMP
E-Commerce
F5 Silverline Can inspect Physical Virtual
Cloud-Based SSL at
either tier
Partner Platform
ISP may provide VIPRION Platform SSL attacks:
rudimentary DDoS SSL renegotiation, SSL flood Subscriber
service
Volumetric attacks and
DDoS Attacker size floods, operations HTTP attacks:
center experts, L3–7 Slowloris, slow POST,
known signature attacks DNS attacks: recursive POST/GET
DNS amplification, query flood,
dictionary attack, DNS poisoning
AFM BIG-IP Advanced Firewall Manager Simplified Business Models
Network attacks:
ICMP flood, UDP flood, SYN flood GOOD BETTER BEST
LTM BIG-IP Local Traffic Manager
DNS BIG-IP DNS + IP Intelligence
F5 Silverline DDoS Protection
ASM BIG-IP Application Security Manager

Figure 2: Divert traffic to Silverline DDoS Protection for cloud-scrubbing when your network is under
attack, or use it to continuously scrub all traffic to prevent a DDoS attack from ever reaching your
network.

As traffic enters the F5 scrubbing center, it is steered and broken down into a “spectrum
of suspicion.” F5 then determines the best scrubbing techniques for each segment of
traffic and automatically directs traffic through the cloud scrubbing centers for real-time
REFERENCE ARCHITECTURE: DDoS Protection
mitigation. Traffic
CONTENT continues to be tapped as it traverses the scrubbing center to confirm the
TYPE: Architecture Diagram
AUDIENCE: IT Director/Security Engineer
malicious traffic has been fully removed. Clean traffic is then returned to your website with
CUSTOMER SCENARIO: DDoS Scrubbing Center
little to no impact to the end user.
Scrubbing Center

Inspection Plane

Inspection Traffic Actioner Flow Portal


Toolsets Route Management Collection
Visibility

Signaling
Management

Data Plane
Copied traffic
for inspection
Netflow Netflow
BGP signaling GRE Tunnel

Legitimate Proxy
Users
IP Reflection

Transit Switching Routing/ACL Routing Equinix Cloud Customer


Proxy and (Customer VRF) Exchange
Switching Asymmetric
Mitigation Tier
DDoS
Attackers

Figure 3: Silverline DDoS Protection multi-layered cloud-scrubbing technologies.

3
DATASHEET
Silverline DDoS Protection

Resilient Attack Mitigation


F5’s fully redundant and globally distributed data centers and scrubbing centers are built with
advanced systems and tools engineered to deal with the increasing threats, escalating scale,
and complexity of DDoS attacks. Silverline DDoS Protection provides attack mitigation
bandwidth capacity of over 1.0 Tbps and scrubbing capacity up to 2.0 Tbps to protect your
business from even the largest DDoS attacks. F5 partners directly with three Tier 1 carriers
for guaranteed bandwidth that is not shared or based on peering arrangements like other
cloud-based services.

Ensure the Best User Experience


The DDoS attack mitigation is invisible to your users, ensuring their experience is
uninterrupted during a DDoS attack by always allowing legitimate customer traffic through
to your site and eliminating false positive alerts. Unlike other DDoS cloud-scrubbing services
that process traffic symmetrically, degrading the user experience with slow page load times
or broken links, Silverline DDoS Protection has several asymmetric traffic return mechanisms.
These include F5 IP Reflection technology, allowing high-traffic sites to take advantage
of protection without affecting the user experience. Only a fraction of the bandwidth is
required to process inbound traffic, ensuring normal delivery of traffic back to your users
with the lowest rate of false positives and with maximum performance. Based on your needs,
clean traffic can be delivered back to your site through GRE tunnels, proxy, IP Reflection,
Layer 2 VPN, or connection via Equinix Cloud Exchange (in select locations).

Deployment Modes
Complete network protection
REFERENCE ARCHITECTURE: DDoS Protection
For enterprises that need to protect their entire network infrastructure, Silverline DDoS
CONTENT TYPE: Product Map
AUDIENCE: Security Architect
Protection leverages Border Gateway Protocol (BGP) to route critical customer traffic to
CUSTOMER SCENARIO: DDoS Routing Method—Routed Mode
its scrubbing and protection center, and utilizes a Generic Routing Encapsulation (GRE)
tunnel to send the clean traffic back to your network. Routed mode configuration is a
scalable design for enterprises with large network deployments. Routed mode configuration
does not require any application-specific configuration and provides an easy option to turn
the service on or off.
Cloud Scrubbing

Originated BGP Customer Edge


Legitimate Internet announcement GRE tunnel Router
User

F5 Silverline DDoS
Protection/Customer
F5 Silverline ISP BGP peering Customer
Cloud-Based Data Center
Platform
DDoS
Attacker

ISP

Figure 4: F5 routed mode leverages BGP and GRE tunnels to offer DDoS protection to your network.

IP Reflection is an alternative asymmetric technique that provides network infrastructure


protection without the need for GRE tunnels. Organizations with on-premises BIG-IP® Local
Traffic Manager (LTM) can leverage IP Reflection for clean traffic return. With IP Reflection
there is no need to modify any IP addresses, and return traffic is not encapsulated (unlike
GRE, which may adversely affect some applications).

4
DATASHEET
Silverline DDoS Protection

REFERENCE ARCHITECTURE: DDoS Protection


Application
CONTENT protection
TYPE: Product Map
AUDIENCE: Security Architect
CUSTOMER
ForSCENARIO:
enterprisesDDoS Routing Method—Proxy
that require Mode
minimum
network changes and do not control a full public Class
CIDR/24 network or prefer to protect only a few applications, Silverline DDoS Protection can
be used in proxy mode. Proxy mode supports any application running TCP or UDP such
as HTTP, HTTPS, FTP, DNS, and more on either IPv4 or IPv6. Proxy mode can be set up
quickly with simple DNS changes and with little impact to your existing network configuration.
Cloud Scrubbing

DNS-directed
Legitimate traffic
User

ISP Customer Edge Customer


Internet F5 Silverline Router
Cloud-Based Data Center
Platform

DDoS
Attacker
Proxied connection

Figure 5: Protect your applications by making a DNS change to direct traffic through Silverline
DDoS Protection.

In addition, F5 offers Silverline® Threat Intelligence for additional detection and blocking
of IPs known to support malicious traffic. This service reduces unwanted attack
communications on your network and helps you avoid further mitigation requirements.
Emerging threats are continuously captured and published, while IP addresses that are no
longer malicious are removed from the threat data. Silverline Threat Intelligence enhances
Silverline DDoS Protection (in proxy mode) or Silverline® Web Application Firewall (WAF)
services without compromising access to legitimate IP addresses.

Unparalleled Visibility and Reporting Before, During, and After a


DDoS Attack
The Silverline DDoS Protection includes access to the F5 customer portal, which provides
everything you need to securely set up and manage SOC services, configure proxy and
routing, and receive unparalleled visibility and reporting of attack mitigation. With transparent
attack mitigation visibility and reporting, the F5 customer portal provides details about
an attack as it occurs, including the type and size of the attack, IP origin, attack vectors,
mitigation process, all actions taken by the Security Operations Center during mitigation,
and a transcript of all communications (when leveraging secure instant messaging).

Figure 6: Use the F5 customer portal to inspect attack mitigation design, configure and provision
deployment preferences, and view attack events and communications.
5
DATASHEET
Silverline DDoS Protection

Attacks can be explored and analyzed, and packet capture reports (PCAPs) are also
available for download. With detailed after-action reports available by attack and with
longer-term views of attack traffic, the F5 customer portal allows you to see the pattern of
attacks over time to help you plan for the future. In addition to logging DDoS events to be
explored and analyzed, you have the option of exporting logs via Syslog to various SEIM
vendor solutions, such as Splunk, ArcSight, and QRadar.

Complete Attack Protection

Silverline DDoS Protection safeguards against a wide variety of attacks, including those
shown below.

DDoS attack protection


Protocol anomaly detection TCP/HTTP/UDP/ICMP/SYN/NTP/GET flood
L3–L4 DDoS protection SYN flood, TCP flood, ICMP flood, UDP flood,
known signature attacks, Teardrop, Smurf, Ping of
Death, Mixed Flood, Reflected ICMP
L7 DDoS protection NTP, HTTP Flood, Slowloris
DNS traffic protection DNS flood, DNS reflection attacks, DNS
amplification attacks

Protected Internet services


Internet services All, including: HTTP/HTTPS/FTP/SNMP/SMTP/POP-
3/CHARGEN/MIME/DNS/IMAP

Flexible Subscriptions
Silverline DDoS Protection is available as a one- or three-year subscription with flexible
options for protected bandwidth and payment terms: Always On™ and Always Available™.

Always On Always Available

Primary protection as the first line of defense Primary protection available on demand
The Always On subscription stops bad The Always Available subscription runs on
traffic from ever reaching your network by standby and can be initiated when under
continuously processing all traffic through the attack.
cloud-scrubbing service and returning only
legitimate traffic to your site.

6
7

DATASHEET
Silverline DDoS Protection

F5 Global Services
F5 Global Services offers world-class support, training, and consulting to help you get
the most from your F5 investment. Whether it’s providing fast answers to questions,
training internal teams, or handling entire implementations from design to deployment,
F5 Global Services can help ensure your applications are always secure, fast, and reliable.
For more information about F5 Global Services, contact [email protected] or visit
f5.com/support.

DevCentral
The F5 DevCentral™ user community of more than 195,000 members is your source for
the best technical documentation, discussion forums, blogs, media, and more related to
Application Delivery Networking.

More Information
To learn more about Silverline DDoS Protection, visit f5.com to find these and
other resources:

Web pages
DDoS Protection Reference Architecture
F5 Silverline DDoS Protection

If you’re under DDoS attack,


F5 offers 24-hour support:
866-329-4253
+1 (206) 272-7969
f5.com/attack

F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 f5.com

Americas Asia-Pacific Europe/Middle-East/Africa Japan


[email protected] [email protected] [email protected] [email protected]

©2016 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com.
Anyotherproducts,services,orcompanynamesreferencedhereinmaybetrademarksoftheirrespectiveownerswithnoendorsementoraffiliation,expressorimplied,claimedbyF5.DC1114|DS-SILVERLINE-52994366-ddos-update 0416

You might also like