Radware DefensePipe

Features and Benefits:

Widest security coverage compared to any other vendor

The integration of on-premise AMS and DefensePipe provides wide coverage of attacks that cannot be detected and protected by other DDoS mitigation services or solutions that are deployed only in the cloud or only on-premise. Attack coverage includes SSL based attacks, application layer attacks, low & slow and network floods.

Shortest response time by employing an on-premise AMS that starts immediately and automatically to mitigate the attack.

There is no need to wait for human intervention or to divert the traffic to a remote data center in order to start mitigation. On-premise attack mitigation system guarantees detection and mitigation of network, application and low & slow attacks, while DefensePipe guarantees a clean pipe to the organization.

Single contact point during an attack with DDoS Mitigation Services

Whether the attack needs to be mitigated on-premise or in the cloud, Radware's ERT fights the attack with the customer during the entire attack campaign. This means that customers do not need to work with multiple vendors or DDoS mitigation services during an attack and do not need to transfer responsibilities between vendors or to ensure that the vendors are synchronized.

Traffic is diverted only as a last resort

Unlike cloud scrubbers and MSSPs that divert the entire customer's traffic to its scrubbing centers during an attack, Radware AMS diverts the attack traffic only when the volumetric attack threatens to saturate the Internet pipe. In all other attack cases, the on-premise attack mitigation system mitigates the attack without the need to divert the traffic.

Integrated reporting system provides information both from the on-premise mitigation and in the cloud mitigation.

This enables the customer to perform more efficient forensics, better understand the threats it is facing and to better plan its mitigation strategy for future threats.

Solution:

An on-premise attack mitigation system is the most effective approach to fight today's threats including application layer attacks, low & slow stealthy attacks, network layer attacks and SSL based attacks. However, once the attack turns into a volumetric flood attack that threatens to saturate the Internet pipe of the organization, the mitigation needs to move to the cloud. According to Radware's Emergency Response Team (ERT), only 15% of DDoS attacks were based on volumetric attacks that actually blocked the Internet pipe.

Radware's attack mitigation solution provides both on-premise attack mitigation and cloud-based protection, sharing essential information about threats and attacks over a defense messaging mechanism. During an attack that threatens to saturate the Internet pipe of the target organization, the on-premise attack mitigation device (DefensePro) alerts the cloud scrubbing service (DefensePipe) operations that the pipe is about to get saturated. The alert includes multiple characteristics of the attack that helps DefensePipe start the mitigation in the cloud faster and more accurately.

Once the mitigation is moved to the cloud, all traffic is diverted to the scrubbing center in the cloud, where it is cleaned before it is sent back to the organization.

Attack Mitigation Solution: Hybrid Network Defense

Attack Mitigation Online Customer Portal

Radware provides customers complete visibility in all DDoS protection layers with an intuitive web based control center that is comprised of:

• Real-time monitoring (traffic statistics, attack information, attack alerts)
• Management of cloud service and on-premises equipment monitoring
• Traffic diversion activation/deactivation
• Collection of attack data from on-premise and cloud equipment
• Real-time alerts and comprehensive reporting features

Attack Mitigation Service Portal Dashboard

Attack Mitigation Solution Benefits

• Widest security coverage: Radware attack mitigation solution offers a multi-vector attack detection and mitigation, handling attacks at the network layer, server based attacks, malware propagation and intrusion activities. With a unique patented mechanism, Radware's solution is capable of automatically creating a real-time signature of the attack, which can be used to mitigate the attack where it should be mitigated in the most effective way. This can occur either by the cloud scrubbing service or the on-premise attack mitigation device.
• Minimal time to mitigate: The always-on protection capability ensures that the organization is fully protected constantly, and time to mitigate is measured in seconds. In case of an attack that requires the traffic to be diverted to the cloud-scrubbing center, the protection continues with no destruction or gaps.
• Single contact point: Whether the attack needs to be mitigated on-premise or in the cloud, Radware's ERT fights the attack with the customer during the entire attack campaign. This means that customers do not need to work with multiple vendors or services during an attack and do not need to transfer responsibilities between vendors or to ensure that the vendors are synchronized.
• Traffic is diverted only as a last resort: Unlike cloud scrubbers and MSSPs that divert the entire customer's traffic to their scrubbing centers during an attack, Radware attack mitigation solution diverts the attack traffic only when the volumetric attack threatens to saturate the Internet pipe. In all other attack cases, the on-premise attack mitigation system mitigates the attack without the need to divert the traffic.
• Integrated reporting system: Provides information both from the on-premise mitigation and in the cloud mitigation. This enables the customer to perform more efficient forensics, better understand the threats it is facing and plan its mitigation strategy for future threats.

Documentation:

Download the Radware DefensePipe Datasheet (PDF).