DefensePro: All-in-One Attack Protection with IPS, NBA, DoS Protection and Reputation Services
Radware's award-winning DefensePro® is a real-time network attack prevention device that protects your application infrastructure against network & application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft and other emerging network attacks.
- DefensePro includes the set of security modules – Intrusion Prevention System (IPS), Network Behavioral Analysis (NBA), Denial-of-Service (DoS) Protection and Reputation Engine - to fully protect networks against known and emerging network security threats. It is based on standard signature detection technology to prevent the known application vulnerabilities. The core of DefensePro is patent protected behavioral based real-time signatures technology that detects and mitigates emerging network attacks in real time such as zero-minute attacks, DoS/DDoS attacks and application misuse attacks. All without the need for human intervention and without blocking legitimate user traffic.
- DefensePro uses a dedicated hardware platform based on Radware's OnDemand Switch supporting network throughputs up to 40Gbps. It embeds two unique and dedicated hardware components: a DoS Mitigation Engine (DME) to prevent high volume DoS/DDoS flood attacks - without impacting legitimate traffic– and a StringMatch Engine (SME) to accelerate signature detection.
- APSolute Vision™ offers a centralized attack management, monitoring and reporting solution across multiple DefensePro devices and locations. It provides the user real-time identification, prioritization and response to policy breaches, cyber attacks and insider threats.
Cutting Edge Network Security Technologies
DefensePro uses multiple technologies to provide APSolute Attack Prevention for data centers and networks:
Intrusion Prevention System
- The Intrusion Prevention System (IPS) module is based on stateful static signature detection technology with periodic signature updates and emergency updates in case of a newly discovered high risk attacks.
Network Behavioral Analysis
- The Network Behavioral Analysis (NBA) module employs patented behavioral-based real-time signature technology. It creates baselines of normal network, application and user behavior. When an anomalous behavior is detected as an attack the NBA module creates a real-time signature on- the-fly that uses the attack characteristics and start blocking the attack immediately. In case of DDoS attacks it injects the real-time signature into the DME hardware offloading the main CPUs from the excessive unwanted traffic.
Denial-of Service Protection
- The Denial-of Service (DoS) Protection module is based on several technologies: signature detection, behavioral based real-time signatures and SYN cookies mechanism that challenge new connections prior to establishing a new session with the servers.
Reputation Services Engine
- The reputation engine offers real-time Anti-Trojan and Anti-Phishing service , targeted to fight against financial fraud, information theft and malware spread.
Maintain business Continuity of Operations (COOP) even when the network is under attack
- Full protection of data center applications against emerging network threats
- Maintain network performance even when under high volume network attacks
- Maintain excellent user response time even under attack
Best security solution for data centers in a single box
- Combining intrusion prevention system (IPS), network behavioral analysis (NBA), denial-of-service (DoS) protection and Anti Trojan & Anti Phishing
Most accurate attack detection and prevention
- Blocks attacks without blocking legitimate user traffic
Best in class unified monitoring and reporting solution
- Per user customization of real-time dashboards and historical reports
- Helps achieve compliance with pre-defined report sets for PCI, HIPAA, SOX etc.
Reduces total cost of ownership (TCO) of security management
- Multitude of security tools in a single box
- Single management application to manage multiple DefensePro units cross multiple data centers
- Full investment protection and extending platform life time thanks to the pay-as-you-grow license upgrade scalability delivering best ROI and CAPEX investment protection