StealthWatch and Radware
Non-intrusive DDoS Attack Detection and Mitigation
Integrated Lancope’s StealthWatch® System and Radware’s DefensePro solution enhance out-of-path detection and mitigation coverage against DDoS attacks for enterprises and service provider networks.
DDoS attacks have turned from a nuisance to a major threat. Cyberhacktivismhas become so prevalent that every online business, financialservice, government agency, public utility or service provider is likely atarget. As DDoS attack complexity increases, attackers deploy multi-vector attack campaigns that target every layer of the application infrastructure(network, server and applications). Attackers then move to the applicationlayer, exhausting server and application resources using stealth attack techniques that go undetected by traditional security tools.
Lancope and Radware offer an out-of-path DDoS detection and mitigationsolution to protect the enterprise applications and service provider infrastructure against DDoS attacks, Botnets, APT, misbehaving users and zero day attacks. The solution leverages two best-of-breed solutions in the market:
Service Provider Solutions
Lancope StealthWatch® System – by collecting and analyzing NetFlow,sFlow, IPFIX and other types of flow data, the StealthWatch® System helps service providers quickly detect DDoS attacks targeting their customer base. Through pervasive insight across distributed networks, Lancope accelerates incident response and improves forensic investigations. Service providers with managed service portfolios can expand StealthWatch® System visibility to protectcustomers from additional threats such as Insider Threat, APTs and general purpose malware.
Radware DefensePro – provides world-class security including DDoS attack mitigation and SSL-based attacks mitigation to fully protectapplications and networks against all type of availability-based attacks. DefensePro is based on a dedicated hardware accelerated platformthat supports network throughputs up to 40Gbps and up 25M PPS attack prevention rate.
Radware DefensePro – provides world-class security including DDoS attack mitigation and SSL-based attacks mitigation to fully protect applications and networks against all type of availability-based attacks. DefensePro is based on a dedicated hardware accelerated platformthat supports network throughputs up to 40Gbps and up 25M PPS attack prevention rate.
- Lancope StealthWatch® System – by collecting and analyzing NetFlow, sFlow, IPFIX and other types of flowdata, the StealthWatch® System helps organizations quickly detect DDoS attacks from numerous vectors that protect the application and transport layer as well as the network infrastructure. Through pervasive insight and anomaly detection across distributed networks, including mobile, identity and application awareness, Lancope detects threats, accelerates incident response, improves forensic investigations and reduces enterprise risk.
- Radware DefensePro – provides world-class security including DDoS attack mitigation and SSL-based protection tofully protect applications and networks against all types of availability-based attacks. DefensePro is based on dedicated hardware accelerated platforms that support network throughputs up to 40Gbps and up 25M PPS attack prevention rate. DefensePro can be deployed inline and out of path.
How it Works
The StealthWatch® System Flow Collector (FC) elements collect and analyze NetFlow produced by the network infrastructure, creating normal traffic baselines and are managed by the StealthWatch® System Management Console(SMC), which acts as the visibility, reporting and management layer. Once a DDoS event has been detected, the StealthWatch® System configures the DefensePro attack mitigation device in the scrubbing center with a security policy and flow baselines of the protected object, diverting the suspicious flows to the scrubbing center using BGP. DefensePro devices block the attack traffic and forward only the clean traffic to the destination.
- Maintain business continuity of operations when under attack. The joint solution offers the widest coverage againstall types of availability-based threats that target service provider networks and enterprise applications.
- Reduced operational costs and increased attack visibility due to a highly granular centralized monitoring andcontrol system
- Lowest solution cost for out-of-path DDoS protection solution.
The Radware-Lancope Solution Differentiator
- Accurate attack detection: the tch® System uses flow-based behavioral analysis to detect zero-day DDoSattacks that bypass firewalls and IPSs
- Highly scalable solution - the StealthWatch® System scales to millions of flows per second (fps) and up to 120,000fps per collector, to deliver end-to-end monitoring for even the largest environments. DefensePro scales up to40Gbps of network throughput and up to 25 million packets-per-second attack scrubbing
- Advanced management portal with StealthWatch® System Management Console (SMC) that enables the monitoring of up to 50,000 flow exporting devices (routers, switches, firewalls, etc.) and monitoring and reporting of DefenseProsecurity events
- Most accurate and scalable attack mitigation solution in the industry with Radware DefensePro.
- Hardware accelerated mitigation of all network DDoS flood attacks using behavioral based real-time signatures
- Behavioral-based application DDoS attack mitigation using accurate L7 footprint
- Hardware accelerated PDI engine blocking low and slow attacks and known tools such as Slofwloris, RUDY, LOIC and many more
- Non-intrusive, asymmetric SSL attacks mitigation
- Shortest time to protect – within seconds