DDoS Protection. 5.3.1. The bidder shall provide DDoS attack detection and protection (scrubbing) facility (ONNET) of 3G catering to both DC and DR links (Pool) to filter the traffic as per Bank’s requirement. 5.3.2. The solution must be able to detect and mitigate different types of Distributed Denial of Service (DDoS) attacks: • TCP SYN Flood • Spoofed TCP-SYN Flood • SYN/ACK Reflection Flood • TCP ACK Flood • Smurf attack • Ping Flood • Ping of Death • ICMP Echo request Flood • UDP Flood • Nuke • HTTP/HTTPS Flood attack • DNS amplification attack • IP Fragmented attack • Any other types of flooding attacks 5.3.3. The solution must be able to protect all internet protocols used including HTTP, DNS, FTP, IPSEC etc. 5.3.4. The ISP should block Distributed Denial of Service (DDoS) attack at their end. ISP should have the feature to block a list/range of public IPs from any location (known, unknown, suspected geographical locations) as and when Bank desires as part of security measures. The bidder has to provide a real-time monitoring portal for DDoS attack to the Bank. 5.3.5. End user response times must not be significantly impacted during DDoS attacks when ISP is mitigating the attack 5.3.6. The solution must have a demonstrated ability to protect against potentially large volumes of DDoS attacks 5.3.7. Regular testing of service and base lining should be done in conjunction with the customer at least once in a year to validate the operation of DDoS mitigation services 5.3.8. Vendor’s solution should automatically learn and adapt to changes in customer traffic profile. 5.3.9. The solution should have capability to generate Alerts and Logs that DDoS attack has been detected. Vendor should also notify the Bank in timely manner through SMS on mobile or through E-mail to the registered credentials of the concerned Bank Official when any DDoS attack is detected. 5.3.10. Vendor shall provide the customer 24X7X365 access (except during excluded events) to the customer portal for access its information 5.3.11. Vendor should provide unique User ID and Password to access the customer portal for viewing and downloading reports and alerts of DDoS, verify the status of mitigation etc. 5.3.12. Vendor scrubbing centers should be located in India and should have high availability 5.3.13. Vendor should have 24X7X365 help desk for Real time attack monitoring and reporting 5.3.14. Detection and Mitigation Process 1. Attack Notification within 15 minutes of Identification. 2. Automatic Attac...
