Validating Cisco’s Threat-Centric Security Solutions
Light Reading commissioned its independent test lab partner European Advanced Networking Test Center AG (EANTC) to evaluate Firepower 9300 next generation Firewall. I am sharing with you the industry’s first, third party validation of Radware DefensePro on Firepower 9300.
Service providers and enterprises are challenged by an evolving threat landscape resulting in reduced revenues, higher expenses, and damaged reputations. The number and complexity of cyber-attacks such as DDoS is continuously increasing.
Radware DefensePro helps service providers and enterprises win the ongoing security battle against availability attacks, by detecting and mitigating known and zero-day DoS/DDoS attacks in real-time.
That is why Cisco selected Radware DDoS Mitigation solution for its threat-centric NGFW Firepower 9300 and Firepower 4100 series, designed as consolidated security service platforms for service providers and enterprises.
The Light Reading Report provides a 3rd party validation of our key DDoS Mitigation solution differentiators – the real-time signature detection engine – detecting and mitigating zero-day network and application DDoS attacks in real-time and without blocking legitimate user traffic. Let me share with you a few highlights of the Light Reading test case 2b: Radware DefensePro on Firepower 9300.
[You might also like: DevOps and Security: Yes We Can ]
Behavioral-based real-time signature technology protecting against zero-day attacks
We reviewed the Radware DefensePro DDoS protection technology running on the Firepower 9300 platform, verifying the solution’s ability to quickly detect and mitigate DDoS attacks on services and infrastructure through behavioral traffic analysis.
Block attacks without blocking legitimate user traffic
While the attack was ongoing, we accessed the web server located in the protected network and verified that there was no observable impact on the legitimate traffic.
DefensePro detects attacks and mitigates them in real-time
We observed that BDoS engine reported a new attack and generated a new dynamic rule to classify the attack traffic flow. Under BDoS Traffic Monitoring Reports, we observed that the attack traffic was quickly mitigated after detection.
DefensePro Protect tenants and the application Infrastructure
The recommended location for the DDoS protection is in front of the firewall. This way, DefensePro is able to detect the attacks and analyze their behavior before they can be affected by other security infrastructure and at the same time protect the security infrastructure from the attacks.
Light Reading full report is available here: Validating Cisco’s Threat-Centric Security Solutions