Radware's family of DDoS security solutions and intrusion prevention systems provide integrated application and network security and security tool management for a best of breed, multi-layered security architecture. Our Attack Mitigation Systems (AMS) is the industry's first fully integrated IT security solution that protects application infrastructure in real time against network and application downtime, application vulnerability exploitation, malware spread, information theft, Web services attacks and Web defacement.
Our Attack Mitigation Network (AMN) is a holistic security architecture designed to address the emerging DDoS security challenges. AMN combines distributed detection and mitigation elements which are maintained synchronized with legitimate traffic baselines and attack information in real-time. AMN expands the detection coverage across all enterprise resources and automates the mitigation by selecting the most effective tools and locations – in the data center, at the perimeter or in the cloud. As a result AMN offers unprecedented protection against today's and tomorrow's availability-based threats on all fronts.
As methods of attack increase in frequency, sophistication, and severity, application and security solutions need to meet and surpass these threats. Radware's dynamic real-time DDoS security solutions provide the necessary level of defense for today's application and network security needs, and are ready for tomorrow's challenges. Based on adaptive behavioral-based and signature based technologies the intrusion prevention systems and solutions provide organizations with integrated intrusion detection and prevention systems and Denial of Service (DoS) and Distributed Denial of Service (DDoS) DoS protection. Radware's DoS/DDoS attack prevention solution defend against both network- and application-level attacks, delivering a holistic approach to application- and network-level threats, while enhancing the overall performance of security across the organization.
DefensePipe is a cloud-based service to mitigate volumetric DDoS attacks and protect against Internet pipe saturation. Available to Radware customers that deploy an on-premise Attack Mitigation Systems (AMS), DefensePipe is a scalable solution that automatically engages once the customer's AMS detects that pipe saturation is imminent.
Radware DefensePro is a real-time network device that provides reliable DDoS/DoS attack prevention, security and protection for both networks and applications.
DDoS flood attacks intentionally misuses bandwidth resources in order to bring down your sites, networks and applications. These types of DDoS attacks can be launched at any time and many make use of automated programs that allow thousands of users to attack a network or application. DefensePro, DDoS security protects against these threats by analyzing user behavior and requests and matching behavior to recognized patterns and attack signatures in its memory. When a DDoS/DoS attack is detected, DefensePro, part of Radware's Attack Mitigation Systems (AMS), blocks attacks without blocking legitimate users from your network or applications. You will be able to defend against intrusions and flood attacks without stopping real user from accessing the information that you need.
DefensePro rapidly and accurately distinguish between three broad categories of behavior: legitimate normal traffic, attack traffic and unusual patterns created by legitimate activity. This module has two features to provide this protection.
If you're a cloud/hosting provider, take a look at our DDoS-as-a-Service solution.
Radware's DefenseSSL is a module within Radware's Attack Mitigation System (AMS) that protects online businesses from SSL based-DDoS attacks. AMS is comprised of multiple DoS & DDoS layers of defense including network based protections and application layer protections, which also cover SSL based DoS & DDoS attacks. The integrated solution which mitigates both clear and encrypted traffic is enabled by:
DefensePro - DefensePro is an advanced SSL attack mitigation solution with dedicated high performance hardware to confront all types of DDoS attacks. DefensePro's layers of defense contain DDoS security technologies that were designed to detect and mitigate both high rate DoS & DDoS and "low & slow" attacks in the network and application layers, traffic anomaly attacks, connection-based misuse attacks, service cracking attacks, and application scan pre-attack probes – all of which misuse network and application resources and are part of multi-vulnerability based attack campaigns.
Alteon NG - Alteon NG provides a powerful SSL acceleration engine. Through a dedicated hardware accelerator, the Alteon product delivers the extendable throughput that large on-line businesses need to encrypt and decrypt SSL traffic.
This integrated solution uniquely mitigates floods that are directed to HTTPS pages and it provides unlimited SSL decryption and encryption capabilities. Additionally, Radware's solution for SSL DDoS attacks can operate in symmetric and asymmetric environments.
Radware offers organizations a hybrid web application firewall solution to protect against web-based attacks. At the core is AppWall - an advanced web application firewall (WAF) securing Web applications and enabling PCI compliance. AppWall incorporates advanced, patent-protected Web application security filtering technologies to seamlessly detect threats, block attacks and report events. It is recognized by ICSA for its ease of implementation, low cost operation overhead, depth and breadth of Web application vulnerability protection.
The industry’s first Hybrid Cloud WAF Service helps organizations with migrating applications to the cloud by protecting applications everywhere from web-based attacks. Radware’s hybrid cloud WAF offering is based on its AppWall WAF product and provides a fully managed, always-on enterprise grade WAF that protects both on-premise and cloud-based applications, using a single technology solution. This single technology approach makes migrating applications to the cloud safer, easier and more secure.
Radware's WAF offering is the most comprehensive Web application threat mitigation, protecting against:
If you're a cloud/hosting provider, take a look at our WAF-as-a-Service solution.
Radware's solutions help companies become PCI DSS compliant in a cost-effective manner. The solutions are fully integrated into the existing infrastructure in the data center with nearly non-existent disruption to existing, non-PCI compliant projects. Radware's integrated solution set for PCI compliance includes:
Radware's client-side SSL sniffing solution, which consists of Content Inspection Director (CID) and AppXcel, allows fully addressing the aforementioned challenges. Radware CID, a transparent smart redirection and dynamic policy enforcement device, transparently intercepts traffic, enabling to load balance bump-in-the-wire devices (such as IDS, IPS, DLP, anti-Malware, etc.) and pin traffic for client-side SSL inspection. Using a deep packet/flow inspection (DPI/DFI) engine, CID enables to employ a logical topology of the network devices, meaning that they can be quickly bypassed inspections if needed.
The client-side SSL inspection takes place by Radware AppXcel, which uses a highly-scalable SSL decryption/encryption architecture which is FIPS 140-2 Level 2 & 3 compliant. This allows sending clean traffic to further inspection by the designated security devices, and then re-encrypting traffic before it is sent out to additional services in the Internet.
Radware's Attack Mitigation System (AMS) is a real-time network and application security solution that protects the application infrastructure against network and application downtime, application vulnerability exploitation, malware spread, information theft, web service attacks and web defacement. AMS is a set of patented technologies for the most advanced internet-borne cyber-attacks. It extends the "network" of attack detection and mitigation capabilities beyond the data center for:
AMS contains these key components:
Radware Attack Mitigation Network (AMN) is a holistic security architecture designed to address the emerging security challenges. AMN combines distributed detection and mitigation elements which are maintained synchronized with legitimate traffic baselines and attack information in real-time. AMN expands the detection coverage across all enterprise resources and automates the mitigation by selecting the most effective tools and locations – in the data center, at the perimeter or in the cloud. As a result AMN offers unprecedented protection against today's and tomorrow's availability-based threats on all fronts.
Key benefits of AMN include
Brinkster customers can be assured that their cloud-hosted data and businesses that depend on it are secure and available." - Nathaniel Kemberling, CTO, Brinkster
Read the Customer Success Story