Stonefish — Automating DDoS Mitigation at the Edge

The evolution of DDoS protection

  • Specialized hardware
  • Scrubbing centers
  • Cloud-based protection
  • CDN-based protection

Specialized hardware

Scrubbing centers

Cloud-based protection

CDN-based DDoS protection

Stonefish design goals

  • Defend against a broad range of DDoS attacks, from volumetric to state exhaustion.
  • Protect against layer 3 and 4 attacks.
  • Leverage our existing commodity server hardware and network capacity.
  • Build a security stack that is software-centric with a control plane that acts as the brain.
  • Be cloud-based, automated, and intelligent.
  • Deploy a control plane that manages the DDoS rulesets and creates rules on the fly in an automatic response to attacks and enforces our policies globally.
  • Create a data engine that detects and filters out bad traffic within seconds.

Stonefish architecture

  1. The browser sends a request for content to an Internet-facing application.
  2. The router receives the request and sends it to our load balancing infrastructure.
  3. A sample of the traffic is sent from the load balancer to Stonefish.
  4. Stonefish analyzes and scores the traffic.
  5. If bad traffic is identified, it sends instructions to the load balancer to drop the traffic.
  6. The NOC is notified of an attack and will follow-up if further action is needed.

How our NOC and Stonefish work together

Conclusion

--

--

--

Formerly Verizon Media Platform, Edgecast enables companies to deliver high performance, secure digital experiences at scale worldwide. https://edgecast.com/

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Popular legal battles on Cyber Crimes in India

‘Done, Enjoy buddy :)))’ The 2019 Baltimore Ransomware Attack

Top Data Security Companies

{UPDATE} Popcorn Bucketly Pro Hack Free Resources Generator

www.housedems.ct.gov

Whitelist Announcement for Pancake Games!

{UPDATE} Echt Stadt Auto Parken Simulator 2017 Profi Frei Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Edgecast

Edgecast

Formerly Verizon Media Platform, Edgecast enables companies to deliver high performance, secure digital experiences at scale worldwide. https://edgecast.com/

More from Medium

Smart greenhouse, patient monitor and more — Learnings in IoT from a software engineering leader

Cryptopals Set-1

Security and Privacy at the Edge of Internet of Things

Network visibility in docker environment