Global Secure Systems - Radware DefensePro - Intrusion Management

Home

Radware DefensePro

Radware award winning DefensePro is a real-time Intrusion Prevention System (IPS) and DoS protection device that protects your application infrastructure against known attacks and emerging zero-minute and non-vulnerability network attacks that cannot be detected by static signature IPS using behavioral based real-time signatures.

 

Extend Your Protection to Both Known and Emerging Attacks

Radware's DefensePro™ is a real-time Intrusion Prevention System (IPS) that maintains your business continuity by protecting your IP infrastructure against existing and emerging network-based threats that can't be detected by traditional IPS' such as: application misuse threats, SSL attacks and VoIP service misuse.

DefensePro features full protection against vulnerability-based threats through proactive signature updates, which safeguard against already known attacks including worms, Trojans, Bots, SSL-based attacks and VoIP threats. Unlike market alternatives that rely on static signatures, DefensePro provides unique behavioral-based and automatically, generated real-time signatures that prevent non-vulnerability-based threats and zero-minute attacks such as application misuse attacks, server brute force attacks, application and network flooding. And, DefensePro accomplishes this all, without blocking legitimate user traffic and without the need for human intervention.

With a pay-as-you-grow license upgrade approach and ease of management through 'hands-off' security features such as no-configuration and self-tuning, DefensePro is the industry's leading IPS for best functionality, maximum affordability and ease of management.

APSolute Immunity: Real-Time Signatures Provide Protection against Real-Time Network Attacks

DefensePro is the industry's first solution to provide unparalleled security by offering adaptive, behavior-based protection capabilities at client, application server and network levels. It immediately identifies and mitigates a wide range of network attacks (including non-vulnerability threats and zero-minute attacks) by automatically generating real-time signatures. The real-time signature "engine" is an adaptive multi-dimension decision engine that deploys fuzzy logic technology for accurate attack detection and mitigation without blocking legitimate user traffic.

The Booster Shot

The July 2009 cyber attacks on US and S/Korea commercial and government web sites is a reminder that DDOS attacks are the major threat to on-line industry: eCommerce sites, critical infrastructure and government. Few other cases in the past 2-3 years include the game servers' shutdown (2007), Estonia DoS attack (2007), Georgia DoS attack (2008) and Iran election protect attack (2009).

Generated by Botnets, DDOS attacks either flood victim sites with high packets-per-second (PPS) traffic or misuse the application services by generating high volume invalid transactions. The result is service slow down up to complete shut down.

Standard IPS solutions are designed for normal traffic inspection by removing low volume intrusion attacks using signature matching (deep packet inspection). They are not designed to prevent high packets-per-second (PPS) DDOS attacks nor do they prevent service misuse attacks. All are non-vulnerability based attacks, thus attempting to use signature detection technology will immediately result with blocking of legitimate users.

DefensePro offers customers with a booster shot: a hardware accelerated engine dedicated to the mitigation of high packets-per-second DDOS attacks up to 10 Million packets-per-seconds - without compromising on lower volume attacks protection.

Adaptive Decision Engine

DefensePro Adaptive Search EngineDefensePro's behavior-based, self-learning mechanism proactively scans for anomalous network, server and client traffic patterns. When detecting an attack, DefensePro characterises the attack's unique behavior, establishes a real-time signature and creates a blocking rule. A closed feedback mechanism dynamically modifies the signature characteristics as the attack unfolds and mutates, protecting against even the most sophisticated attacks with a high degree of accuracy. DefensePro is unique in its ability to rapidly and accurately distinguish between three broad categories of behavior: legitimate normal traffic, attack traffic and unusual patterns created by legitimate activity.

A Solution for Every Need

As an in-line intrusion prevention, DoS protection and traffic-shaping solution, DefensePro is designed for core and perimeter deployments for the protection of internal enterprise data centers, eComemrce sites and service provider hosting / colo data centers. It offers a wide range of defense capabilities including:

• Vulnerability-based attack protection (e.g., worms, Trojans, Bots, and SSL-based attacks)
• Non-vulnerability threats and zero-minute attack protection (e.g., application misuse attacks, server brute force attacks, and application and network flooding)
• Encrypted SSL attack protection
• VoIP infrastructure protection
• Access control
• Bandwidth management

On Demand IPS Scalability

Radware is the first to offer on demand IPS scalability across its line of IPS models, which range from 100 Mbps all the way up to 8Gbps. The line is complemented by Radware's set of behavioral protection products, which range from 4 Gbps up to more than 12 Gbps of throughput to offer the highest performance available. An initial deployment of an IPS can use the IPS model that supports the throughput the business currently requires. When the business grows or network bandwidth grows, the business can simply upgrade the IPS to a higher bandwidth product model by applying a software license key. There is no need for hardware replacement, configuration conversion, lab testing, staging or training.

The on-demand IPS scalability offers clear benefits:

• Buying what is needed. The business saves on CAPEX by avoiding overspending on the IPS solution when trying to size future network growth.
• Paying as the business grows. The business requires no forklift upgrade when the network bandwidth needs to increase. In addition, upgrading to the next DefensePro model occurs without service downtime.

Key Business Values

• Maintains business Continuity of Operations (COOP) even when the network is under attack
• Maintains critical application availability while under attack
• Block high PPS attacks that overuse the CPU resources of your networking and security equipment
• No need to compromise on security when your network is under attack
• Blocks attacks without blocking legitimate user traffic

• Best security coverage
• Real-time protection from non-vulnerability-based attacks, zero-minute attacks, SSL-based attacks and VoIP service misuse
• Vulnerability-based signature detection engine with proactive signature updates for preventing known application vulnerability exploitations

• Accurate attack detection and prevention - extremely low false-positives due to:
• Real-time signature is generated per attack pattern only, using up to 20 different parameters
• Closed feedback mechanism optimises the real-time signature based on the ongoing attack's evolvement / mutation and removes the signature when the attack is over
• Vulnerability-based signatures are tested extensively at real customer beta sites

• Reduces total cost of ownership (TCO) of security management
• Full investment protection and extended platform life time provided based on pay-as-you-grow license upgrade scalability; delivers highest ROI and CAPEX investment protection
• Saving of network and security equipment capacity that would be required to process unwanted traffic - no need to overspend on higher capacity devices just to handle high PPS volumes
• Two solutions in one box: IPS and DoS mitigation
• Increased savings on OPEX through a self learning, self adapting system that requires minimum configuration and is maintenance free
• Save redundant expenses such as renting content delivery network (CDN) expenses when under attack
• Seamless integration into the network environment

Permalink Bookmark