The Changing Threats Landscape

Bots, HTTP flood attacks, Trojan horses, Worms, application-specific vulnerabilities, application and network floods, brute force attacks – they are all out there, multiplying every day. Millions of opportunities ready to shut down, exploit or misuse your business network – resulting in anything from a mere workday nuisance to a national security threat. Hackers’ motivation has evolved from notoriety to financial gain. Zero-minute threats have exploded with vulnerabilities being sold instead of being disclosed. Of more concern is a new breed of ‘stealth attacks’, non-vulnerability threats which do not exploit any software design flaw and go undetected below the existing network security radar. Protecting the network perimeter alone is no longer sufficient in a world where boundaries are increasingly erasing and threat sources are rapidly multiplying. Standard network security tools are no longer sufficient against non-vulnerability and zero-minute attacks, as standard signature protections and rate-based protections cannot detect these attacks, which aim to shut your network down or misuse your applications.

Beyond Traditional Security Protection

Radware’s award-wining DefensePro® is a real-time Intrusion Prevention System (IPS) and DoS protection device that maintains your business continuity by protecting your application infrastructure against existing and emerging network based threats that can’t be detected by a traditional IPS such as: network & application resource misuse, malware spreading, authentication defeat and information theft. DefensePro features full protection from traditional vulnerability-based attacks through proactive signature updates that prevent already known attacks including worms, Trojans, Bots, SSL-based attacks and VoIP attacks.

Unlike market alternatives that rely on static signatures, DefensePro provides unique behavioral-based and automatically generated real-time signatures to prevent non-vulnerability-based and zero-minute attacks. These attacks include: network & application floods, HTTP page floods, malware propagation, Web application hacking, brute force attacks aiming to defeat authentication schemes, and more. And, DefensePro does this all without blocking legitimate users' traffic and without need of human intervention.

With multiple segments protection in a single unit, a pay-as-you-grow license upgrade approach, and ease of management with ‘hands-off’ security features such as no-configuration and self-tuning, DefensePro is the industry’s leading IPS for best functionality, maximum affordability and ease of management.

Multiple Network Protection Profiles

eCommerce
DefensePro protects revenue-generating Web-enabled services. Online businesses rely on Web applications to generate their revenues. DefensePro coexists with other security tools such as firewalls, Web application firewalls (WAFs) and even signature-based IPSs, which are incapable of fending off high-volume DoS/DDoS flood attacks and application-flood attacks.

Internal enterprise data center
DefensePro protects internal applications such as Web, CRM, ERP, Order Management, Mail, VoIP, portals, and other similar mission-critical business applications. The enterprise data center runs a mix of data and real-time applications. DefensePro offers the widest protection set for known application vulnerabilities (Web, Mail, SQL, VoIP, etc.) and server protections preventing the misuse of applications that can lead to authentication defeat, information theft, and on up to denial of service. DefensePro is installed in conjunction with firewalls and anti-virus gateways (such as mail anti-virus), adding another layer of needed service protection.

Service providers (hosting/colo)
DefensePro facilitates value-added service offerings (DoS, IPS) for hosting/colo customers and provides infrastructure protection against high-volume attacks.

DefensePro is installed in a scrubbing center as an anti-DoS service or IPS service. It may coexist with other equipment such as firewalls or service gateways for BWM/DPI. High-end UTM (unified threat management) solutions may also be deployed for URL filtering and anti-virus services.