|
DoS Protection and Intrusion Prevention Systems
Based on advanced behavioral-based and signature-based technologies, Radware APSolute Application Security solutions provide organizations with integrated intrusion prevention and denial of service protection to defend against both network and application levels attacks, delivering a holistic approach to application and network level threats, while enhancing the overall performance of security across your organization.
APSolute Security solutions were designed to ensure the fast, reliable, and secure delivery of networked and web-enabled applications by addressing security hand-in-hand with application availability and performance issues. All products in the APSolute product family take full advantage of the embedded security capabilities of APSolute OS for integrated intrusion prevention and denial of service protection. Once activated, APSolute OS IPS and DoS/DDoS capabilities assure the availability and performance of mission critical applications by stopping attacks and malicious activity in real-time, before they get near applications, while forwarding valid and secure traffic at high speeds to appropriate network resources. Radware's high throughput DefensePro application switches enable full application, network and infrastructure protection in a single, standalone device. All-in-one IPS, DoS/DDoS, bandwidth management and multi-segment security reduces TCO. DefensePro provides the highest security performance and port density on the market with advanced security intelligence based on,signature vulnerability, behavior-based traffic anomaly and protocol anomaly.
Full attack monitoring and isolation
APSolute Security continually monitors security threats across layers 2-7 and provides complete visibility of attack type and affected resources. By dynamically controlling bandwidth, APSolute Security proactively isolates attack impact to prevent spread to users and applications, while ensuring wire speed forwarding of all secure traffic. The end result?¦damage control while ensuring complete business continuity.
Adaptive behavior based network security
Featuring multiple security engines including protocol anomaly and behavior-based traffic anomaly detection and prevention, APSolute Security safeguards the network against DoS/DDoS, self-propagating worms and protocol anomaly attacks.
APSolute Security's adaptive behavior-based technology, learns network behavior, establishes normal baselines, and identifies deviations from the normal behavior through an advanced fuzzy logic correlation engine. Through use of probability analysis, APSolute Security system characterizes the ongoing anomaly in real time using a large set of parameters which are taken from the packet headers and payload.
These parameters are used to block the attack without locking legitimate users out of the network. The whole process takes place automatically with no need for user intervention, delivering precise prevention of all DoS/DDoS and high rate self-propagating network worms attacks in multi-Gigabit network environments and without false positive decisions.
Intelligent intrusion prevention
APSolute Security delivers bi-directional, deep packet inspection, accelerated signature matching and immediate blocking of malicious signatures for 3 Gbps protection against viruses, worms, intrusions and trojans.
Best-of-breed network security
Featuring multiple security engines including DoS/DDoS prevention, protocol anomaly and traffic anomaly detection, APSolute Security safeguards the network against attacks. APSolute protocol anomaly identification blocks illegitimate protocol usage, protecting applications from tampering and hacking in real-time. APSolute traffic anomaly detection identifies irregular traffic patterns based on advanced sampling baseline behavior monitoring. DoS/DDoS and SYN attack prevention
provide real-time blocking of all DoS/DDoS and SYN attacks for multi-Gigabit network protection against all illicit traffic patterns.
End-to-end traffic shaping
Dynamic bandwidth management and end-to-end traffic shaping ensures the continual operation of mission critical applications, guaranteeing SLA and application performance, even when under active attack.
Application-smart security classification
Granular security classification lets administrators categorize and apply signatures based on application, platform, protocol and traffic anomalies, for customized security policy enforcement by groups/filters and physical network segmentation, delivering granular, custom fit, application-smart protection.
Security cleansing and traffic optimization
Comprehensive security cleansing for up to 40% bandwidth savings and accelerated traffic throughputs eliminates security performance degradation regardless of the number of signatures inspected or traffic volumes handled.
APSolute Insite security visibility, control and policy management
APSolute Insite provides unified application security performance management, enabling centralized control and full visibility of security operations everywhere across the network for configuration, troubleshooting and auditing. APSolute Insite globally enforces security and QoS policies across the network. You define the policy once, APSolute automatically applies it across multiple devices.
APSolute Insite Security Dashboard provides real time security threat visibility across APSolute products including source of attack, attack patterns, types of attacks being launched and targets. Comprehensive security alerts and reports are available for viewing security attack history and profiles.
Radware Security Update Service (SUS)
SUS delivers automated weekly and emergency updates of attack signature filters, protecting subscribers and completely safeguarding networks from existing and emerging application security threats. APSolute Insite works together with Radware's SUS to provide automated updates of expanded signature database for emerging threats such as spyware, VoIP, worms and MS RPC.
|
