• DefenseFlow NetFlow and SDN based DDoS Attack Defense

    DefenseFlow Product Video
    SDN-Based DDoS Protection with Radware's DefenseFlow

    What Does DefenseFlow Do?

    DefenseFlow is a network-wide DDoS attack detection and cyber command and control application designed to protect networks against known and emerging network attacks that threaten network resource availability. DefenseFlow supports traditional NetFlow and emerging software defined networks (SDN)/OpenFlow networks. Coupled with DefensePro, DefenseFlow enables carriers, Internet Service Providers (ISP) and cloud service providers to ensure service availability by removing network and application DDoS attacks.

    DefenseFlow Use Cases

    Radware offers three use cases with DefenseFlow attack detection and cyber control and command along with DefensePro for out of path DDoS attack defense and mitigation:

    NetFlow-based attack detection

    One stop shop attack detection and mitigation solution including NetFlow collector, attack detection, attack life cycle management and DDoS attack mitigation solution.

    3rd party NetFlow-based attack detection

    Integrating with existing third party NetFlow-based attack detection solutions, attack life cycle management and DDoS attack mitigation solution.

    Attack Life Cycle Control with DefensePro or NetFlow Detection

    Granular per-tenant attack detection, protecting hosting provider customers against lower volume DDoS attacks that would normally go undetected

    Attack Life Cycle Control with DefensePro as Attack Detector

    Datacenter applications are protected by advanced inline / SmarTap detection with signaling to activate higher tier mitigation when necessary

    OpenFlow-based attack detection (SDN)

    One stop shop DDoS attack detection and mitigation solution for SDN-enabled networks including OpenFlow based attack detection, attack life cycle management and attack mitigation solution.

    What Makes DefenseFlow a Better DDoS Attack Defense Solution?

    Easy-to-use user interface that enables operators to define actionable operations per security incident. Operations include:

    • Service provisioning per customer or network tenant
    • Attack detection using multiple detection sources: NetFlow-based, OpenFlow-based and inline/tap DefensePro
    • Apply actionable attack mitigation operations such as: local mitigation, traffic diversion to scrubbing center or peering DefensePro, black holing, etc.

    Assign an orchestrated and automated flow per protected customer that includes service provisioning, attack detection criteria and actions.

    Flexible deployment models that fit into any environment including infrastructure protection and per-tenant protection while simplifying service provider's operations.

    DefensePro appliances deployed on premises or at provider's edge to offer the following benefits:

    • Widest attack coverage - mitigate all type of DoS/DDoS attacks, network intrusions, brute force attacks, application level attacks and more in seconds
    • Highest mitigation accuracy - block attack traffic without blocking legitimate user traffic
    • Mitigate attacks in real-time

    DefensePro devices deployed at the carrier/SP scrubbing center remove volumetric attack traffic without blocking legitimate user traffic

  • We're here to help and ready to talk.

    We'd love the opportunity to speak with you and learn how Radware can help your business. Please complete the form below and a representative will contact you shortly.

    Radware respects your privacy. Personal Information is not used or provided to any third party. Read privacy policy & terms of use for more information.