In the world of application-driven business, DDoS attacks have become an especially worrisome tool of cybercriminals. When anyone can launch DDoS for a few bucks, it is not surprising that they are growing in numbers, frequency and scale rapidly. How to keep important systems always available for business? By using modern flow monitoring technology and fighting DDoS as close to the attack source as possible. In the backbones.
Flow-based DDoS detection and mitigation for ISPS and datacenters
Many new threats have appeared during the past few years. But the number one concern for companies all around the world has prevailed – brute-force volumetric attacks. Attacks are still increasing in magnitude leaving organisations unarmed and seeking help. How to face a 100G size attack when no organisation has the capacity to absorb that? What should be done?
The most effective answer to this challenge is to stop DDoS before it reaches its goal and overloads the target application. Therefore Internet Service Providers and backbone operators strengthen their networks by advanced DDoS detection and mitigation capabilities.
Such solutions are based on the utilisation of network traffic statistics and absolute network visibility that deliver:
- Fast, efficient and easy-to-use way of attack detection
- Appropriate attack characteristics to mitigate an ongoing attack
- Advanced utilisation of always true network flow-data statistics (NetFlow, IPFIX) from routers or dedicated network probes
- Enough information to decrease the impact of DDoS, avoid damaging reputation and financial losses
Flowmon DDoS Defender for providing DDoS protection as a service
Flowmon DDoS Defender is a scalable flow-based DDoS detection and mitigation solution for internet service providers and datacentre operators. With capabilities such as fast and automatic detection, support for high-speed networks (even 100G), several deployment scenarios and universal traffic diversion capabilities, the Defender fits the needs of large demanding networks. With full support for multi-tenant environments to protect various customers, network segments, services, etc. it is also ideal for ISPs and Telcos who offer DDoS protection as a service to their customers (MSSP).
DDoS Detection & Mitigation
- Flow-based anti-DDoS intelligence
- Observe your network and immediately detect/mitigate volumetric attacks with powerful flow monitoring technology. Use flow data from any source, define the rules, predict the traffic volume with dynamic baselines, utilise artificial intelligence of adaptive thresholds and detailed reporting to protection.
- Universal deployment scenarios
- Deploy DDoS Defender as a standalone appliance or together with any of the major mitigation services (Scrubbing centres) or a special out-of-band mitigation device.
- Scalability and cost efficiency
- Are you running a large network with multiple partners and bandwidth of tens of gigabits per second? Utilise DDoS Defender with any out-of-band mitigation appliance with such scalability and cost efficiency that in-line deployments can not provide.
- Multi-tenant ready
- Protect critical applications of your customers, particular network segments, services, etc.
- Quick time-to-value
- In a matter of minutes you will have up and running an active DDoS defence. Without any configuration changes, topology changes or any additional investments in the network.
SOC security trends in 2023
A security operations centre (SOC) offers the security tools and knowledge that you need to keep your IT environment safe. Read all about the SOC security trends of 2023.
Allan van Leeuwen
Trends and expectations for OT security in 2023
The traditional gap between IT and OT is gradually disappearing. This article explores what this means for OT security and looks at the major OT security trends for 2023.
Juniper Networks Leader in Gartner's MQ for enterprise wired and wireless LAN infrastructure
We are proud to say that our partner Juniper Networks is positioned furthest in both ability to execute and completeness of vision in the MQ for enterprise wired and wireless LAN infrastructure.