main

Attack Types & VectorsDDoSSecurity

Meet Radware’s New Commercial-Grade Attack Mitigation Platform – Built to Defeat the Largest Cyberattacks

March 3, 2015 — by Yotam Ben-Ezra2

Modern cyberattacks are sophisticated and are often launched over long periods of time.  The complexity of these attack campaigns can result in attack detection and mitigation algorithms becoming less effective.  This in turn, can create an increased need for talent and staffing as well as drive large processing needs for service providers and large enterprises.

Organizations that used to rely on their service provider’s in-the-cloud protection service to stop DDoS found that the attacks that hit their business were bypassing the provider’s protection layer.  Why?  Because DDoS is a tactic, not the overall problem.  Attacks borne from the Internet are the problem and solutions designed to handle a simple tactic, wind up falling short.  As a result, organizations found that they needed to deploy premise-based technologies for true comprehensive DDoS attack mitigation and detection.

Today at Radware, we’re introducing a new commercial-grade attack mitigation platform that offers our customers the widest range of simultaneous cyberattack protection in the industry.  With up to 300Gbps of mitigation capacity, the DefensePro® x4420 seamlessly integrates into the Radware family of products.  The powerful new design also addresses today’s most tenacious volumetric DDoS attacks (like UDP reflection attacks,  fragmented IP floods, and out-of-state floods) while at the same time can pick out and mitigate sophisticated non-volume threats, which often lurk below the surface in multi-vectored attacks.

As the industry’s first dedicated attack mitigation platform to offer 100Gb interfaces, the Radware DefensePro® x4420 can handle 230 million packets per second of attack traffic.  This platform was designed for multi-tenant environments and it is able to support up to 1,000 active policies which includes separate processing capabilities, customized management and reporting per tenant.

The DefensePro® x4420, part of the Radware Attack Mitigation System (AMS), provides service and cloud hosting providers better value for their investment and eliminates the need to deploy multiple devices.  In fact, we have seen that businesses that have deployed Radware AMS on premise in conjunction with DDoS protection by the service provider were able to survive and maintain their business operations in spite of large scale, large volume multi-vulnerability attack campaigns.  When AMS is deployed on both sides (on premise and at the service provider) they achieved the best protection when properly managed and maintained.

Commercial accounts, such as cloud providers and the mobile carrier market, are constant attack targets.  Attackers now combine multiple techniques in a single attack, enabling them to bypass defense lines, exploit server-side vulnerabilities, and strain server-side resources.  Reflective attacks and large layer-7 attacks or “moving up-the-stack” attacks have continued and the Internet pipe now has the honor of being the number-one failure point, according to our annual Global Application & Network Security Report.  Hackers seem to be making their way through every protocol to determine how to use them for the next big reflective attack and the result is that reflective attacks now represent the single largest DDoS headache of the last year.  Having a thorough and scalable DDoS protection solution is a necessity.

For additional information on DefensePro® x4420, visit the Radware team at Mobile World Congress in Barcelona, Spain, March 2-5, 2015 – Hall 2, Stand 2D50.

Yotam Ben-Ezra

Yotam started with Radware as head of the ERT DDoS research lab where he led security research activities and new mitigation technology development. Following that, he transitioned to a product management role as a product manager for DefensePro. Presently, he leads the Radware Security Product Management team and handles Radware’s security portfolio.

2 comments

Leave a Reply

Your email address will not be published. Required fields are marked *