DDoS Attack Prevention Security Solutions & Intrusion Prevention Systems
Radware's family of DDoS security solutions and intrusion prevention systems provide integrated application and network security and security tool management for a best of breed, multi-layered security architecture and DDoS attack prevention. Our Attack Mitigation Systems (AMS) is the industry's first fully integrated IT security solution that protects application infrastructure in real time against network and application downtime, application vulnerability exploitation, malware spread, information theft, Web services attacks and Web defacement.
Our Attack Mitigation Network (AMN) is a holistic security architecture designed to address the emerging DDoS security challenges. AMN combines distributed detection and mitigation elements which are maintained synchronized with legitimate traffic baselines and attack information in real-time. AMN expands the detection coverage across all enterprise resources and automates the mitigation by selecting the most effective tools and locations – in the data center, at the perimeter or in the cloud. As a result AMN offers unprecedented protection against today's and tomorrow's availability-based DDoS threats on all fronts.
- Maintain business continuity and productivity
- Improve customer satisfaction
- Successfully block attacks launched at the network
As methods of DDoS attacks increase in frequency, sophistication, and severity, application and security solutions need to meet and surpass these threats. Radware's real-time DDoS attack prevention solution provides the necessary level of defense for today's application and network security needs, and is ready for tomorrow's challenges. Based on adaptive behavioral-based and signature based technologies the intrusion prevention systems and solutions provide organizations with integrated intrusion detection and prevention systems and Denial of Service (DoS) and Distributed Denial of Service (DDoS) DoS protection. Radware's DoS/DDoS attack prevention solution defend against both network- and application-level attacks, delivering a holistic approach to application- and network-level threats, while enhancing the overall performance of security across the organization.
Preventing DDoS Attack with Cloud Scrubbing:
DefensePipe is a cloud-based service to mitigate volumetric DDoS attacks and protect against Internet pipe saturation. Available to Radware customers that deploy an on-premise Attack Mitigation Systems (AMS), DefensePipe is a scalable DDoS attack prevention solution that automatically engages once the customer's AMS detects that pipe saturation is imminent.
- Widest DDoS security coverage - protection from a wide range of DDoS attacks that cannot be detected and mitigated by other DDoS attack prevetion solutions that are deployed in the cloud or on-premise
- Shortest response time - detection and mitigation of network, application and low and slow attacks, offering guaranteed clean pipe to the organization
- Single contact point - Radware's Emergency Response Team (ERT) mitigates the attack during the entire attack campaign. No need to manage complicated transition of responsibilities between multiple vendors during a DDoS attack.
- Integrated reporting system - more efficient DDoS forensics enabling a better understanding of threats and better planned attack mitigation strategies for future threats.
DDoS & DoS Attack Prevention:
Radware DefensePro is a real-time network device that provides reliable DDoS/DoS attack prevention, security and protection for both networks and applications.
DDoS flood attacks intentionally misuse bandwidth resources in order to bring down your sites, networks and applications. These types of DDoS attacks can be launched at any time and many make use of automated programs that allow thousands of users to attack a network or application. DefensePro, protects against these threats by analyzing user behavior and requests and matching behavior to recognized patterns and attack signatures in its memory. When a DDoS/DoS attack is detected, DefensePro, part of Radware's Attack Mitigation Systems (AMS), prevents attacks without blocking legitimate users from your network or applications. You will be able to prevent intrusions and flood attacks without stopping real users from accessing the information they need.
Blocked Flood Attacks Include
- TCP SYN floods
- TCP Push, Fin and Reset floods
- UDP and DNS floods
- ICMP and IGMP floods
Preventing DDoS Attacks with DefensePro
DefensePro rapidly and accurately distinguish between three broad categories of behavior: legitimate normal traffic, attack traffic and unusual patterns created by legitimate activity. This module has two features to provide this protection.
- A behavioral-DoS feature which rapidly mitigates zero-day DDoS/DoS attacks by automatically generating real-time signatures to prevent the DDoS attack without need for human intervention
- A DoS shield feature which protects against known DDoS/DoS floods
If you're a cloud/hosting provider, take a look at our DDoS-as-a-Service solution.
SSL Attack Mitigation:
Radware's DefenseSSL is a module within Radware's Attack Mitigation System (AMS) that protects online businesses from SSL based-DDoS attacks. AMS is comprised of multiple DoS & DDoS layers of defense including network based protections and application layer protections, which also cover SSL based DoS & DDoS attacks. The integrated solution which mitigates both clear and encrypted traffic is enabled by:
DefensePro - DefensePro is an advanced SSL attack mitigation solution with dedicated high performance hardware to confront all types of DDoS attacks. DefensePro's layers of defense contain DDoS security technologies that were designed to detect and mitigate both high rate DoS & DDoS and "low & slow" attacks in the network and application layers, traffic anomaly attacks, connection-based misuse attacks, service cracking attacks, and application scan pre-attack probes – all of which misuse network and application resources and are part of multi-vulnerability based attack campaigns.
Alteon NG - Alteon NG provides a powerful SSL acceleration engine. Through a dedicated hardware accelerator, the Alteon product delivers the extendable throughput that large on-line businesses need to encrypt and decrypt SSL traffic.
This integrated solution uniquely mitigates floods that are directed to HTTPS pages and it provides unlimited SSL decryption and encryption capabilities. Additionally, Radware's solution for SSL DDoS attacks can operate in symmetric and asymmetric environments.
Web Application Firewall:
Radware offers organizations a hybrid web application firewall solution to protect against web-based attacks. At the core is AppWall - an advanced web application firewall (WAF) securing Web applications and enabling PCI compliance. AppWall incorporates advanced, patent-protected Web application security filtering technologies to seamlessly detect threats, block attacks and report events. It is recognized by ICSA for its ease of implementation, low cost operation overhead, depth and breadth of Web application vulnerability protection.
The industry's first Hybrid Cloud WAF Service helps organizations with migrating applications to the cloud by protecting applications everywhere from web-based attacks. Radware's hybrid cloud WAF offering is based on its AppWall WAF product and provides a fully managed, always-on enterprise grade WAF that protects both on-premise and cloud-based applications, using a single technology solution. This single technology approach makes migrating applications to the cloud safer, easier and more secure.
Radware's WAF offering is the most comprehensive Web application threat mitigation, protecting against:
- SQL injection
- Cross-site scripting
- Parameter tampering
- Hidden field manipulation
- Session manipulation
- Cookie poisoning
- Stealth commanding
- Backdoor and debug options
- Geo location-based blocking
- Application buffer overflow attacks
- Brute force attacks
- Data encoding
- Unauthorized navigation
- Gateway circumvention
- Web server reconnaissance
- SOAP and Web services manipulation
- Parameters pollution
If you're a cloud/hosting provider, take a look at our WAF-as-a-Service solution.
WAF as a Service
Provide PCI Compliance and Web Application Security Services to Customers in a Scalable and Streamlined Service Delivery Approach
Radware offers cloud and hosting providers a transparent, scalable and easily manageable elastic web application firewall (WAF) POD solution designed to work in multi-tenant datacenters. The solution seamlessly integrates into the existing provider network and provides a highly available design that can easily be scaled and operated with minimal overhead without any need to redesign the network. At the same time it significantly mitigates the risk that each of the tenants is exposed to and allows the datacenter operator to selectively offer different levels of web application security services to different tenants.
PCI Compliance:
Radware's solutions help companies become PCI DSS compliant in a cost-effective manner. The solutions are fully integrated into the existing infrastructure in the data center with nearly non-existent disruption to existing, non-PCI compliant projects. Radware's integrated solution set for PCI compliance includes:
- AppWall: Advanced Web Application Firewall (WAF) provides the easiest path to comply with PCI requirements 6.5 and 6.6.
- Alteon: Intelligent application delivery controller enables organizations to comply with different PCI requirements including access control requirements, network segmentation requirements and card holder data protection requirements.
- AppXML: Radware's Web services and XML gateway help enforce security and access control policies for web services as required by several of the PCI DSS requirements.
- DefensePro: Real-time network Intrusion Prevention System (IPS) and denial-of-service protection (DoS) against zero-minute and non-vulnerability-based attacks that misuse the service. Enables organizations to comply with different PCI requirements including requirement 11 and specifically requirement 11.4.
- Inflight: Real-time detection of business and security events that provides a quick and easy path to implement auditing and logging related requirements (including PCI requirement 10). Inflight enables organizations to create enhanced, PCI compliant, audit logs from a central network location with no change or integration required with Web applications.
SSL Sniffing:
Radware's client-side SSL sniffing solution, which consists of Content Inspection Director (CID) and AppXcel, allows fully addressing the aforementioned challenges. Radware CID, a transparent smart redirection and dynamic policy enforcement device, transparently intercepts traffic, enabling to load balance bump-in-the-wire devices (such as IDS, IPS, DLP, anti-Malware, etc.) and pin traffic for client-side SSL inspection. Using a deep packet/flow inspection (DPI/DFI) engine, CID enables to employ a logical topology of the network devices, meaning that they can be quickly bypassed inspections if needed.
The client-side SSL inspection takes place by Radware AppXcel, which uses a highly-scalable SSL decryption/encryption architecture which is FIPS 140-2 Level 2 & 3 compliant. This allows sending clean traffic to further inspection by the designated security devices, and then re-encrypting traffic before it is sent out to additional services in the Internet.