11–12 Jun 2018
Orea Hotel Voronez
Europe/Prague timezone

Building 100G DDoS mitigation device with FPGA technology

12 Jun 2018, 14:30
30m
Congress Hall (Orea Hotel Voronez)

Congress Hall

Orea Hotel Voronez

Krizkovskeho 47 603 73 Brno Czech Republic
CSNOG1

Description

The volume of DDoS attacks and their variety grows every year. Since 2016 the largest attacks reached 1 Tbps, effectively disconnecting even well provisioned services from the Internet. CESNET dediced to exploit its expertise in building hardware-accelerated network probes to build its own active device with mitigation capabilities. The device consists of 100 Gbps FPGA network card and a commodity server. The presentation will introduce the FPGA technology in network processing domain as well as outline the concept of the mitigation device. The presentation will also summarize lessons learned during the deployment phase. The rest of the presentation will elaborate on selected mitigation heuristics designed to mitigate volumetric DDoS attacks.

Type of Presentation

Primary author

Presentation materials