Upload
shadaab-ahmed-umair
View
217
Download
0
Embed Size (px)
Citation preview
7/25/2019 13_Lab4
http://slidepdf.com/reader/full/13lab4 1/3
L4-1
Lab 4
Scenario: cloud-based mitigation
Overview
DescriptionIn this lab we will configure Pravail APS cloud signaling and use it to
protect against volumetric attack.
Protected data center is connected with 2Mbps last mile that can be easily
overwhelmed by a DDoS attack. Your goal is to configure Cloud Signaling
between Pravail APS and cloud-based Peakflow SP/TMS and test Cloud
Signaling operation during a DDoS attack.
For management and monitoring of Pravail APS a separate out-of-band
DCN is used. For Cloud Signaling regular uplink path should be setup.
Internet
DCN
ext0 int0
mgt1 mgt0
2 Mbpslast mile Victim Web ServerPravail APS
Cloud Signaling path
Objectives
After completing this lab, you will be able to do the following: (Tasks)
• Configure cloud signaling
• Test cloud signaling
• Mitigate volumetric attacks with Cloud Signaling support
• Monitor cloud signaling status
7/25/2019 13_Lab4
http://slidepdf.com/reader/full/13lab4 2/3
Cloud signaling Lab 4
L4-2 Pravail APS 3.1
Equipment/Tools
The following equipment is required to complete this lab:
• web browser
Ask you instructor for lab access instructions.
Estimated Completion Time
• The estimated completion time for this lab is 30 minutes.
Cloud signaling preparation
Cloud signaling configuration
1. Using web browser log onto your Pravail APS appliance;
2. Navigate to Administration->Cloud Signaling
3. Click “Enable Cloud Signaling”
4. Use 192.168.2.129 as a cloud signaling server.
This setting is typically provided by cloud signaling server operator.
5. Specify as a Pravail ID.
This setting is typically provided by cloud signaling server operator.
6. Enter as Cloud Signaling Password.
This setting is typically provided by cloud signaling server operator.
7. Save your settings
Monitoring and testing cloud signaling
In this task we will look at options for monitoring and testing cloud
signaling
1. To check if HTTPS handshake works properly use “Test Connection”
button on cloud signaling configuration page
2. Check cloud widget to see if UDP heartbeats are working properly
Mitigating volumetric attack with cloud signaling support
1. Check that your victim server is responding by navigating to
PravailAPS13
SEWxgGBiXD32
http://10.2.25.43/
7/25/2019 13_Lab4
http://slidepdf.com/reader/full/13lab4 3/3
Lab 4 Cloud signaling
L4-3
2. Ask instructor to launch volumetric against victim server
3. Verify that the victim is no longer available
4. Click Activate button on Cloud Signaling Widget to request cloud-based mitigation
5. Wait for a minute for routing convergence to complete
6. Once attack is mitigated, check again if web server is responding
7. After few minutes check cloud signaling widget status to see volume of
traffic mitigated by Peakflow SP/TMS in the cloud
8. Log into Peakflow SP using scoped account with following credentials:
•
• User name:
• Password:
9. Click on ongoing mitigation and inspect interface available for MSSP
customer
This completes the lab exercise.
28YZoGhy68
https://10.2.25.6/
student13