Service Chaining/Stitching
Test case 2b: Radware DefensePro on Firepower 9300
SUMMARY: We reviewed the Radware DefensePro DDoS protection technology running on the Firepower 9300 platform, verifying the solution's ability to quickly detect and mitigate DDoS attacks on services and infrastructure through behavioral traffic analysis.
Test description
Radware DefensePro is a third-party solution for DDoS protection that is capable of running on the Cisco Firepower 9300 platform as a decorator application.
In this test case, we reviewed the functionality and management of DefensePro, as well as use cases for its utilization on the Firepower platform. Subsequently, we verified the DDoS protection function by simulating three widespread types of attacks -- SYN Flood, NTP Amplification Attack (i.e. UDP Flood) and the DNS Flood. As the source of attacks, we used a Linux PC running Kali Linux, which is equipped with various tools for network security testing.
Test setup for DDoS attack simulation
Test Results
The Radware Defense Pro is designed to mitigate DDoS attacks and provide an additional line of defense for the protected networks and services. It is available as a standalone appliance, a KVM image for generic virtualization, or as a Firepower 9300 application, which we evaluated in this test series.
The recommended location for the DDoS protection is in front of the firewall. This way, DefensePro is able to detect the attacks and analyze their behavior before they can be affected by other security infrastructure and at the same time protect the security infrastructure from the attacks.
When integrated to the Firepower 9300 platform, the DDoS protection function is placed in the similar way and inserted as a decorator application on top of the main application of the security module, e.g. the ASAv firewall.
Click here to read full article