What Does DefensePro Do?
Cyber criminals don't keep regular hours. Instead, they work around the clock to find and exploit holes in your network. You need comprehensive enterprise network security designed to meet today's ever changing security challenges.
Enter Radware's DefensePro - a real-time, behavioral based attack mitigation device that protects your infrastructure against network and application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft and other emerging cyber-attacks.
DefensePro provides world-class security including distributed denial of service (DDoS) attack mitigation and SSL-based protection to fully protect applications and networks against known and emerging network security threats such denial of service attacks, DDoS attacks, Internet pipe saturation, attacks on login pages, attacks behind CDNs, and SSL-based flood attacks with:
Dedicated Hardware That Protects Without Impacting Legitimate Traffic
DefensePro uses a dedicated hardware platform based on Radware's OnDemand Switch supporting network throughputs up to 40Gbps. It embeds two unique and dedicated hardware components: a DoS Mitigation Engine (DME) to prevent high volume denial of service attacks and DDoS attacks, flood attacks, without impacting legitimate traffic, and a StringMatch Engine (SME) to accelerate signature detection
Centralised Attack Management, Monitoring and Reporting
APSolute Vision offers a centralised attack management, monitoring and reporting solution across multiple DefensePro devices and locations. It provides the user real-time identification, prioritisation and response to policy breaches, cyber-attacks and insider threats
Complete Set of Security Modules
Intrusion Prevention System (IPS), Network Behavioral Analysis (NBA), anti-DDoS/Denial-of-Service (DoS) Protection, Reputation Engine and SSL Attack Protection. It employs multiple detection & mitigation modules including adaptive behavioral analysis and challenge response technologies in addition to signature detection.
The Accuracy of Inline, the Scalability of Out of Path
DefensePro devices can be deployed inline or out-of-path (OOP) in a scrubbing center to provide the highest mitigation accuracy within the shortest time.
What Makes DefensePro Better at Mitigating DDoS Attacks?
Based on standard signature detection technology to prevent the known application vulnerabilities, DefensePro consists of patent protected behavioral based real-time signatures technology that detects and mitigates emerging network attacks in real time such as zero-minute attacks, DoS/DDoS attacks and application misuse attacks - all without the need for human intervention and without blocking legitimate user traffic.
DefensePro is a core part of Radware's next generation Attack Mitigation System (AMS) a set of patented technologies designed for the most advanced internet-borne cyber-attacks. AMS extends the 'network' of attack detection and mitigation capabilities beyond the data center for:
- Cloud- hosted business services and applications
- Tools, servers and applications need protection within a virtualised environment
- Mobile work force increasingly depend on remote access to internal business applications and SaaS
Get more business value with DefensePro Network Intrusion Prevention:
- Advanced detection and mitigation techniques need to be ported to tomorrows open network fabrics
Radware DefensePro is a network intrusion prevention solution used for DDoS protection and SSL-based attack protection.
With the proper DoS protection system in place, organisations no longer need to be concerned with the possibility of network disruptions. DoS attacks flood a network with excessive amounts of traffic for the sole purpose of causing network damage.
Maintain Business Continuity of Operations (COOP) Even When the Network is Under Attack
- Full protection of data center applications against emerging network threats
- Maintain network performance even when under high volume network attacks
Security Solutions for Data Centers in a Single Box
- Maintain excellent user response time even under attack
- Network intrusion prevention
- DefensePro combines intrusion prevention system (IPS), network behavioral analysis (NBA), denial-of-service protection (DoS protection) and Anti Trojan & Anti Phishing
Best-in-class Unified Monitoring and Reporting Solution
- Get the most accurate attack detection and prevention without blocking legitimate user traffic.
- Per-user customisation of real-time dashboards and historical reports
Reduce Total Cost of Ownership (TCO) of Security Management
- Helps achieve compliance with pre-defined report sets for PCI, HIPAA, SOX etc.
- Multitude of security tools in a single box
- Single management application to manage multiple DefensePro units cross multiple data centers
Maintain Business Continuity and Productivity While Gaining DDoS Protection
- Full investment protection and extending platform life time thanks to the pay-as-you-grow license upgrade scalability delivering best ROI and CAPEX investment protection
- Vulnerability-based attacks that exploit server application weaknesses including Web, Mail, DNS, FTP, SIP, SQL server vulnerabilities
- Non-vulnerability-based attacks that misuse server resources including:
- Application DoS – HTTP , SIP, and other flood attacks
- Authentication defeat - brute force attacks
- Information theft – application scanning
- DoS/DDoS flood attacks that misuse network bandwidth resources
Accurate Attack Prevention
- Real-time Anti-Trojan and Anti-Phishing service, targeted to fight against financial fraud, information theft and malware spread.
- Real-time signatures are generated for each attack pattern only, using up to 20 different parameters
- Block attacks without blocking legitimate users' traffic
- Up to 300Gbps of mitigation capacity while allowing customers to enjoy the widest range of simultaneous cyber-attack protection in the industry
- Industry leading defense depth: 230Mpps+ anti-DDoS with best-in-class DNS and other application protections
- Commercial grade out-of-the-box compliance and customer tenancy managing over 1,000 policies in a secure Role-Based Access Control format
Comprehensive protection and high performance with a single platform for carriers, cloud providers, large e-commerce and online businesses
- First stateless DDoS appliance to offer 100G interfaces – providing best in class attack detection and mitigation in the most demanding operational environments
- High mitigation capacity for very high volume and sophisticated attacks
- Multi-tenant support for a growing number of customers with increased complexity and capacity
- Up to 300Gbps throughput inspection for all cyber-attack threats
- Block high packets-per-second (PPS) attacks that overuse the CPU resources of your networking and security equipment up to 230M PPS
- The only DoS protection solution that can be deployed both inline and out-of-path, maximising scalability and flexibility
- Granular challenge/response technology for detecting advanced Botnets
'Pay-As-You-Grow' for Reduced CAPEX
- Maintain excellent user response time even when under attack
- Scalable platform selection with license upgrades for throughput
- Minimise initial investment and upgrade costs: buy what you need, upgrade when you need
- Saving of network and security equipment capacity that would be required to process unwanted traffic - no need to overspend on higher capacity devices just to handle high PPS volumes
Ease of Security Management for Reduced OPEX
- Two solutions in one box: IPS and DoS mitigation
'Hands-off' solution – self-learning security features that self-adapt to changing network conditions; requires minimal configuration and tuning over time
Fully automated network intrusion prevention through automatic, real-time signatures
Full visibility of network behavior, attack trends, and attack details