F5 DDoS F5DDoS White Paper
F5 DDoS 3 DDoS 4 3 DDoS 3 DDoS 4 DDoS 6 F5 7 8 DDoS 8 1 8 2 10 DNS DDoS 11 12 FSI DDoS 13 DDoS 14 SMB DDoS 15 17 18 2
F5 DDoS 2012 DDoS DDoS F5 DDoS 1 DNS 3 4 DDoS 2 CPU F5 DDoS DDoS 4 DDoS 4 F5 3 4 7 CPU F5 DDoS DDoS DDoS F5 F5 3
F5 DDoS DDoS 1 4 DDoS DDoS Web Prolexic Verizon VeriSign F5 Web F5 F5 F5 IP /IDS/IPS Webroot Sourcefire F5 1: DDoS DDoS DDoS DDoS 1 Gbps 50 Gbps DDoS : Web POST 4
F5 DDoS DDoS DDoS 4 3 4 DDoS SYN DDoS F5 HTTP DNS F5 DDoS Web Web HTTP Web DDoS F5 Web F5 Web Web PCI Web F5 SSL Web SSLL 1 5
F5 DDoS / / IDS/IPS DDoS IDS/IPS 4 1 IDS/IPS Web IP IP DDoS DoS IP F5 2 DDoS 2 DDoS 1 3 4 2 2 SSL Web CPU 1 2 ISP : SSL: SSL SSL DDoS ISPa/b DNS: DNS DNS DNS IPS HTTP: Slowloris POST POST/GET E- 1: 2 F5 DoS 6
F5 DDoS 1. Web 1 2 2. 3. 2 1 2 F5 2 F5 DDoS BIG-IP Advanced Firewall Manager (AFM) BIG-IP Local Traffic Manager (LTM) BIG-IP Global Traffic Manager (GTM) BIG-IP Application Security Manager (ASM) 7
F5 DDoS 1 2 DNS F5 BIG-IP AFM BIG-IP LTM BIG-IP GTM BIG-IP LTM BIG-IP ASM DNS Express OSI 3-4 7 DNS 1 IP SYN ICMP TCP SSL Web Slowloris POST Apache Killer RUDY/Keep Dead SSL DNS DNSSEC UDP DNS NXDOMAIN DNSSEC 2: F5 DDoS 2 DDoS /Web DDoS 1 2 DDoS 1 1 SYN ICMP 80 90%F5 IP DDoS IP 8
F5 DDoS DNS 1 DMZ DNS 4 DNS 1 L3-4 DNS + 2 AFM LTM VIPRION + IPIPI DNS GTM BIG-IP 2: DDoS 1 DDoS : TCP SSL TCP 4 DDoS 1 TCP SSL SSL 50,000 100,000 SSL TCP SSL 9
F5 DDoS 3 F5 TCP SSL VIPRION 12 144 1 32 24 36 2.5 7 24 4 6 0.7 2.4 Virtual Edition 3 0.7 3: F5 2 2 CPU Web F5 irules IDS/IPS 2 SSL 1 SSL SSL 2 L7 WEB + SSL ASM LTM BIG-IP 3: DDoS 2 10
F5 DDoS DDoS : GET GET POST GET F5 1 100 Mbps GET20 Gbps GET DDoS CAPTCHA irules irules F5 DDoS 2 Web DNS DDoS DNS HTTP 2 DNS DNS DNS DNS DNS DNS DDoS DNS DNS DNS NXDOMAIN Non-Existent Domain 11
F5 DDoS BIG-IP GTM DNS DNS DNS Express DNS Express DNS NXDOMAIN NXDOMAIN DNS DNS DNS DNS DNS BIG-IP GTM DNS Express BIG-IP AFM DNS DDoS 1 DNS DNS DMZ BIG-IP GTM BIG-IP AFM DNS DNS 3 1. FSI 2. 3. SMB) F5 7 12
F5 DDoS FSI DDoS DDoS ISPa 1:L3-4 DNS + 2 2:L7 Web + SSL ISPb BIG-IP DDoS ISP VIPRION + IPIPI DNS HSM FIPS140 SSL SSL BIG-IP BIG-IP Advanced Firewall Manager BIG-IP Local Traffic Manager BIG-IP Global Traffic Manager BIG-IP Application Security Manager + IP 4: FSI F5 DDoS FSI FSI DDoS FSI FSI DDoS FSI FSI / FSI FSI DDoS 2 1 2 CPU DDoS 1 2 BIG-IP ASM 13
F5 DDoS 1 2 DNS F5 VIPRION VIPRION : BIG-IP AFM BIG-IP : BIG-IP ASM BIG-IP 4: FSI DDoS NGFW DDoS ISPa 1: L3-4 DNS + DNS + 2 2: L7 Web + SSL DDoS ISPb ISP DDoS BIG-IP + IP IPI SSL BIG-IP BIG-IP Advanced Firewall Manager BIG-IP Local Traffic Manager BIG-IP Global Traffic Manager BIG-IP Access Policy Manager BIG-IP Application Security Manager + IP 5: F5 DDoS DDoS FSI NGFW / NGFW DDoS 1 ISP DDoS 14
F5 DDoS NGFW 2 2 CPU BIG-IP ASM F5 SSL 1 SSL 1 2 DNS F5 BIG-IP : BIG-IP AFM BIG-IP : BIG-IP ASM BIG-IP 5: SMB DDoS NGFW DDoS ISPa L3-7 DNS + DNS + Web + DDoS ISPb ISP DDoS BIG-IP BIG-IP Advanced Firewall Manager BIG-IP Local Traffic Manager BIG-IP Global Traffic Manager BIG-IP Access Policy Manager BIG-IP Application Security Manager 6: F5 DDoS 15
F5 DDoS SMB SMB 1 DDoS 1 BIG-IP ASM 2 1 1 F5 DDoS F5 BIG-IP : BIG-IP GTM : BIG-IP ASM : BIG-IP AFM : BIG-IP APM 6: SMB 16
F5 DDoS 7F5 SYN SYN 1 ICMP HTTP JavaScript SSL 2 TCP SSL VIPRION 2400 4 160 Gbps 196 100 Gbps 350,000* RPS 16,000 TPS 48 10 10200V 80 Gbps 80 56 Gbps 175,000* RPS 16,000 TPS 36 7 7200V 40 Gbps 40 32 Gbps 131,000 RPS 16,000 TPS 24 4 5200v 30 Gbps 40 32 Gbps 131,000 RPS 16,000 TPS 24 4 7: DDoSF5. 17
F5 DDoS DDoS F5 DDoS 2 2 DDoS DDoS 107-0052 4-15-119 TEL 03-5114-3210 FAX 03-5114-3201 www.f5networks.co.jp 530-0012 TEL 06-7222-3731 FAX 06-7222-3838 2013 F5 Networks, Inc. All rights reserved. F5 F5 Networks F5 F5 Networks, Inc. F5 F5 WP-SEC-13307-ddos-protection 1013