下载PDF
Global Logistics Company Employs DDoS Attack Management to Insure Worldwide Package Delivery Despite Increased Network Traffic Due to Pandemic
技术
- 网络安全和隐私 - 网络安全
适用功能
- 物流运输
用例
- 网络安全
服务
- 网络安全服务
挑战
该组织过去曾使用多家服务提供商来保护其全球分布的数据中心,具体取决于这些提供商提供的此类服务的区域可用性。他们于 2019 年联系了 NETSCOUT®,希望他们帮助他们简化 DDoS 缓解基础设施,将不同的服务提供商替换为单一的、与提供商无关的服务,该服务也可以覆盖全球所有位置。这使他们能够与一家公司签订一份 SLA,而不是选择多家提供商,因为后者的管理难度大、复杂且成本高昂。在受到攻击时,组织需要清晰且一致的平台来保护自己,而不是与各个位置的多家供应商签订不同的 SLA。2019 年 12 月底,该公司成为一系列复杂的定向 DDoS 攻击的受害者,并蔓延至 2020 年 1 月。一项特定的应用服务受到严重影响,甚至可能导致该公司全球所有航班停止起飞,从而影响所有要运送的包裹。
关于客户
该客户是世界上最大的快递和物流公司之一,业务遍及全球 220 多个国家和地区。该公司专注于海运和空运邮件,每年运送超过 13 亿件包裹。该公司拥有遍布全球的 380,000 名员工。该公司一直在使用多家服务提供商来保护其全球分布的数据中心,具体取决于这些提供商提供的此类服务的区域可用性。然而,他们发现这种方法管理起来很复杂、困难且成本高昂。
解决方案
NETSCOUT 能够通过 NETSCOUT Arbor Cloud 提供即时保障。NETSCOUT Arbor Cloud SOC(安全运营中心)以“紧急模式”做出反应并缓解了攻击。在那次攻击之后,主要是由于 COVID-19 疫情,他们发现 VPN 流量有所增加,因为在家办公的员工通过 VPN 访问内部应用程序。因此,现在他们新近更新的 Arbor 产品组合需要升级以管理流量的升级。因此,他们增加了 6 x AED 2600、2 x 2800 和云服务来应对带宽过载。此外,NETSCOUT 为其 AED 和云产品组合提供了订阅许可模式,以经济高效的方式缓解短期痛苦。
运营影响
相关案例.
Case Study
Enel Secures Italian Power Generation Network
Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.
Case Study
Securing the Connected Car Ecosystem
In-vehicle communications and entertainment system hosts high-value or sensitive applications. API libraries facilitate communication and sharing of vehicle data. These API libraries are vulnerable to reverse engineering and tampering attacks and may even result in loss of passenger safety. Attackers can inject malware that may be able to migrate to other in-car networks such as the controller-area-network (CAN) bus which links to the vehicle’s critical systems. Software provided for dealers to interface with cars through the OBD2 port is vulnerable to reverse engineering and tampering attacks. Hackers may be able to abuse these tools to inject malicious code into the ECUs and CAN bus. Attackers can lift the cryptographic keys used, and use that to build their own rogue apps/software. Their cloned version of the original app/software may have altered functionality, and may intend to gain access to other in-car networks.
Case Study
Secure and Cloud-based Data Marketplace
The great promise of new connected concepts of industry like 'Industry 4.0' is their ability to deliver a historically unparalleled level of responsiveness and flexibility. While modern supply chains are already heavily integrated and designed to be fluid and fast moving, a large swathe of manufacturing still remains beholden to economies of scale, large production runs, and careful preplanning.The Industrial Internet of Things (IIoT) is set to change this by allowing small-batch or even custom manufacturing on a truly industrial scale. With machines whose functions are not set in stone, but flexible and determined by their operating software and with a new form of connectivity bringing industrial engineers, product manufacturers, and end users closer together than ever before. Ad-hoc adjustments to automotive parts, for example, during active product runs or the bespoke manufacturing of custom sneakers become very viable options indeed.Much of this remains a theoretical vision, but IUNO, the German national reference project for IT security in Industry 4.0 demonstrates the new capabilities in action with a secure technology data marketplace running a smart drinks mixer.
Case Study
Expedia Hosted by 2lemetry Through AWS
Expedia is committed to continuous innovation, technology, and platform improvements to create a great experience for its customers. The Expedia Worldwide Engineering (EWE) organization supports all websites under the Expedia brand. Expedia began using Amazon Web Services (AWS) in 2010 to launch Expedia Suggest Service (ESS), a typeahead suggestion service that helps customers enter travel, search, and location information correctly. According to the company’s metrics, an error page is the main reason for site abandonment. Expedia wanted global users to find what they were looking for quickly and without errors. At the time, Expedia operated all its services from data centers in Chandler, AZ. The engineering team realized that they had to run ESS in locations physically close to customers to enable a quick and responsive service with minimal network latency.
Case Study
OTA Software Updates for Smart Energy (gridX)
gridX has a requirement for over-the-air software updates for their gridBox devices and used the Yocto Project for their builds. The driver for the requirement was having the ability to quickly support new features, as well as deploying bug fixed and path known security vulnerabilities. New software updates with a US stick manually to all gridBox devices in the field would be prohibitively expensive and labor-intensive.
Case Study
Transformed IT Infrastructure Improves Business Agility
A global security, storage, and systems management software provider planned to demerge into two separate companies. To prepare, it undertook a major overhaul of its IT infrastructure and operations strategy. A key requirement: streamlining the Hosting Group, which handled compute, storage, and middleware operations. These functions had grown complex and had a wide geographic distribution. The company planned to bring them under closer in-house management.The company looked to increase its business agility so it could quickly and creatively respond to customer demands with improved internal collaboration and optimized go-to- market and IT service delivery capabilities. Modernizing IT functions, and making them more responsive, was critical to achieving these goals.