Mellanox announces 200Gb/s HDR InfiniBand solutions enabling record levels of performance, scalability

Mellanox Technologies, a leading supplier of high-performance, end-to-end interconnect solutions for data centre servers and storage systems, has announced the world's first 200Gb/s data centre interconnect solutions.

Mellanox ConnectX-6 adapters, Quantum switches and LinkX cables and transceivers together provide a complete 200Gb/s HDR InfiniBand interconnect infrastructure for the next generation of high performance computing, machine learning, big data, cloud, Web 2.0 and storage platforms.

Continue reading

Networks Unlimited named premier Silver Peak distributor in the Sub-Saharan African market

South African value-added distributor of converged technology-, data centre-, networking-, and security technology solutions, Networks Unlimited, has been named as the first distributor for the Sub-Saharan market of the global leader in broadband and hybrid WAN solutions, Silver Peak, and will immediately offer the high-performance Unity EdgeConnect SD-WAN solution across the region.

"Globally, we are seeing a unprecedented demand for SD-WAN solutions – in fact, it is off the charts – and IDC predicts the market will reach $6 billion US by 2020. Silver Peak understands where the SD-WAN market is heading and Networks Unlimited takes great pride in now offering the highest performing SD-WAN solution on the market to our customers," says Anton Jacobsz, managing director at Networks Unlimited.

Continue reading

F5 application services fabric's five advantages achieve new economies of scale

Designed to address today's applications delivery challenges, F5, a solutions provider for an application world, combines a high-performance application services fabric, intelligent layer 4–7 services, programmability, and application fluency to enable organisations to achieve new economies of scale from both a cost savings and an operational perspective.

According to Simon McCullough, major channel account manager for southern Africa at F5 Networks, this helps organisations align to the business, deploy applications faster, and automate for operational efficiency.

Continue reading

Black Nurse DDOS attack: Power of granular packet inspection of FortiDDOS with unpredictable DDOS attacks

A well-known characteristic of criminals in any space is that they are unpredictable. They look for holes and vulnerabilities in systems and try to use them to their advantage. Security systems, therefore, have to be architected in a way that assumes attack unpredictability.

A new threat emerging on the horizon is called BlackNurse DDOS attack, highlights Hemant Jain, vice president of Engineering at Fortinet, the global leader in high-performance cyber security solutions.

He explains that Fortinet protects organisations against this content-based protection, with the IPS signature "BlackNurse.ICMP.Type.3.Code.3.Flood.DoS", as well as with behaviour-based protection through its FortiDDOS technology.

"With FortiDDOS deployed, an unpredictable attack like this can be easily thwarted without any prior knowledge and planning by a security administrator – the device and its suggested implementation approach automatically protects you from such attacks even without having a signature," he says.

BlackNurse DDOS attack

The ICMP protocol is a commonly used protocol on the Internet. "This protocol is used primarily to report diagnostic information and error messages," continues Jain. "Besides that, it is used for ensuring connectivity in SSL, VPN, and high availability deployments between nodes. The protocol is very similar to TCP and UDP in its implementation, in that it uses types and codes – similar to ports used by the sockets for the exchange of information between two end points on the Internet."

He mentions that there are 256 types and 256 possible codes, which are assigned by IANA for different purposes. A few examples of ICMP protocol variations that most network engineers know include:

* Type 8, Code 0: Echo request (used to ping)
* Type 0, Code 0: Echo reply (used to ping)
* Type 3, Code 0: Destination network unreachable
* Type 3, Code 1: Destination host unreachable
* Type 3, Code 2: Destination protocol unreachable
* Type 3, Code 3: Destination port unreachable

Jain relates the story of a Danish company that recently discovered several low-volume DDOS attacks leveraging ICMP traffic against some of its clients. "This attack is called BlackNurse, and it is a DDOS attack that leverages ICMP packets Type 3, Code 3. The attack causes some network equipment to overload the CPU with operations," he says.

FortiDDOS and granular packet inspection

FortiDDOS appliances inspect packets using hardware logic from many perspectives. These include many layer 3, 4, and 7 parameters. Jain explains it as such: "At layer 3 each and every protocol is classified and measured for rates. At layer 4, FortiDDOS inspects each and every TCP port, UDP port, and ICMP type and code in each direction, as well as each Service Protection Profile (SPP). At layer 7, it inspects HTTP packets for URLs, hosts, user agents, referrers, and more. And, for DNS packets it continuously monitors metering queries, responses, query types, response types and so on. This gives it the ability to baseline normal rates for each of these parameters. An attack may be cleverly crafted, but it will show up as a peak in one of the parameters if there is a similarity in the attack packets. Which is why an attack like BlackNurse suddenly showing up on ICMP type 3, code 3 will automatically be seen by the FortiDDOS hardware logic and immediately stopped."

He draws attention to the fact that a key advantage of the FortiDDOS architecture is that even if an attacker changes the script to another combination of these types and codes, it will still be stopped.

"If your FortiDDOS-protected network doesn't use ICMP type 3 and code 3 to communicate externally, hardware ACLs for ICMP type 3 and code 3 can be used to totally block this attack instantaneously without any performance penalty on the traffic. You can use similar ACLs for any unused protocols and services," says Jain.

FortiDDOS system recommendation and a good night's sleep

FortiDDOS allows you to baseline traffic and recommends thresholds based on your actual traffic.

"It is expected that the traffic on these rarely used protocols and services is normally very low. The appliance's system recommendation setup will therefore keep low thresholds for these rarely used protocols. When an attack such as BlackNurse is launched, then, a spike will be seen outside the normal range and automatically stop the attack.

"The Fortinet team will continue to monitor this new DDOS variant, and provide additional information about identifying and stopping it as soon as that data becomes available," concludes Jain.

Authorised Fortinet partner, Networks Unlimited, sells the FortiDDOS solution throughout Africa. For more information, please contact Stefan van der Giessen, business unit manager for Fortinet at Networks Unlimited at This email address is being protected from spambots. You need JavaScript enabled to view it..

 

Some perspective on IOT devices and DDoS attacks

Organisations can defend against DDOS attacks by implementing best current practices for DDOS defence, says Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

Embedded Internet-of-Things (IOT) botnets are not a new phenomenon – we've seen them leveraged to launch distributed denial of service (DDOS) attacks, send spam, engage in man-in-the-middle (MitM) credentials hijacking, and other malicious activities for several years.

For instance, a few years ago, a 75 000-strong botnet comprised of embedded devices – consumer broadband routers, in that instance – was found to be launching DDOS attacks. We routinely see IOT botnets comprised of Webcams, DVRs, cable television set-top boxes, satellite set-top boxes, and more used to launch DDOS attacks.

Continue reading

Join our team today!

Networks Unlimited
Offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes.
Copyright 2012 Networks Unlimited | The Key to IT Security & Networking Communications.