Radware (NASDAQ: RDWR), the leading provider of integrated application delivery solutions for business-smart networking, today announced the availability of DefensePro version 4.0, the latest version of the company's flagship Intrusion Prevention System (IPS). DefensePro 4.0 provides adaptive behavioral server-based IPS feature set, protecting against misuse of application authorization and preventing break-in attempts to enterprise critical application servers, with no need for human intervention. This allows the network to automatically respond to attacks targeted at revenue-generating applications. The new version complements Radware's DefensePro existing signature and behavioral network-based protections and reinforces the company's vision to provide business-smart networking solutions.
DefensePro version 4.0 features a new package of behavioral server-based protections, extending the adaptive behavioral network-based technology to detect application-level pre-attack probes, misuse of authorization and denial-of-service attacks, thus forms Radware's Full Spectrum Protection Technology. The new security features include HTTP, VoIP SIP, FTP, POP3, SMTP, IMAP, and MS-SQL adaptive server-based behavioral protections. Threats that are detected and prevented include brute-force attempts, dictionary attacks, HTTP vulnerability scanning, SIP spoofed Invite floods, SIP spoofed register floods, and more.
"Sophisticated threats and complex technology are driving network security solutions to bridge the gap between the single user host protection and the network-wide resource protection," says Charles Kolodgy, research director, IDC Security Products. "The integration of server protections with signature protections and Behavioral DoS prevention is a comprehensive and effective solution against business interruption and downtime."
While many revenue-generating web sites are equipped with tools to prevent common DoS/DDoS (Denial of Service/Distributed Denial of Service) flood attacks such as SYN floods, hackers are steps ahead. Aware that simple packet-based flood tools are becoming easier to detect and block, hackers are moving to session based flood tools that imitate real user activity by downloading complete pages from Web sites causing denial-of-service by exhausting web server resources, creating multiple database queries and updates or overloading the links with excessive connections.
DefensePro version 4.0 introduces the Web-Flood Mitigator, extending the behavioral security technology to prevent HTTP page flood attacks that are often generated by malicious tools such as HTTP BOTs and HTTP page flooders. These tools are used by hackers or installed unwittingly on legitimate users' computers, and systematically download web pages from a website attempting to exhaust its resources and create service denial.
"We have been using the HTTP Mitigator for the past three months protecting our web servers" says Jet Dove, Leumi Card IT Security Infrastructure manager. "And we have strong confidence that the new server protections suit improves our web presence. This feature improves the visibility of our web servers' behavior and mitigates in real time attacks aiming to degrade our web service."
Radware DefensePro integrates multiple layers of defense, including signature-based protection, adaptive behavioral network-based protection that covers threats such as zero-day worm propagation and DoS&DDoS network flood attacks and bandwidth management. Looking into the next level of attacks, the new feature set complements the IPS offering with the adaptive behavioral server-based protection technology that covers misuse of authorization attacks, application pre-attack probes activities and application-level DoS HTTP floods.
"The latest version of Radware's DefensePro unveils our new patent-pending behavioral application-based IPS features that, we believe, will change the 'ground rules' in the entire network IPS market," said Avi Chesla, vice president security products, Radware. "While many IPS solutions focus solely on user attack protections or network resource protection, Radware's DefensePro Full Spectrum Protection Technology is the only solution closing the enterprise security gap by providing also adaptive behavioral server-based protections that prevent the misuse of the service resources. The Server Protections feature set is a "smart" complementary solution to our existing signature-based IPS and Behavioral network-based DoS technology, thus exhibiting clear security advantages that enable wider security coverage."
Availability
DefensePro version 4.0 is available now for customers as a software upgrade for DefensePro models. More information on DefensePro 4.0 is available at www.radware.com/defensepro
About Radware
About Radware Radware (NASDAQ:RDWR), the global leader in integrated application delivery solutions, assures the full availability, maximum performance, and complete security of business-critical applications for more than 5,000 enterprises and carriers worldwide. With APSolute, Radware's comprehensive and award-winning suite of intelligent front end, access, and security products, companies in every industry can drive business productivity, improve profitability, and reduce IT operating and infrastructure costs by making their networks "business smart". For more information, please visit www.radware.com.
This press release may contain forward-looking statements that are subject to risks and uncertainties. Factors that could cause actual results to differ materially from these forward-looking statements include, but are not limited to, general business conditions in the Application Switching or Network Security industry, changes in demand for Application Switching or Network Security products, the timing and amount or cancellation of orders and other risks detailed from time to time in Radware's filings with the Securities and Exchange Commission, including Radware's Form 20-F.