• Defenseflow: Network-Wide DDoS Protection and Centralized Cyber Control

  • What Does DefenseFlow Do?

    DefenseFlow is a network DDoS attack prevention and cyber control application designed to detect and mitigate network-wide, multi-vector attacks. DefenseFlow supports always-on/SmarTap and hosted customer protection use cases for service providers to provide the widest DDoS attack defense and detection coverage coupled with immediate attack mitigation.

    SDN-Based DDoS Attack Prevention with Radware’s DefenseFlow

    Radware’s DefenseFlow is a network-wide DDoS attack prevention  and cyber security solution that supports SDN/Openflow networks by providing new ways of detecting and mitigating network-wide, multi-vector cyber-attacks. Overcome the challenges associated with network-wide security via a single, automated security solution that leverages network technologies to provide attack mitigation as a native network service.

  • Radware’s approach to addressing the challenges facing service providers involves three main components:

    Distributed Detection

    Able to detect a single threat across the entire network utilizing dedicated security probes, existing network elements and additional 3rd party security components. SDN DDoS attack prevention and detection capabilities include both infrastructure and application DDoS threats utilizing Layer 4-7 inline/SmarTap solution.

    Distributed Mitigation

    Able to mitigate SDN DDoS attacks and other cyber attacks at the optimal location utilizing different mitigation components.

    Centralized Control

    As the facilitator of the distributed network, it is able to collect input from Distributed Detection elements and then aggregate, correlate and analyze in the context of the protected service.

  • Radware delivers tremendous value in the form of a broad suite of DDoS mitigation solutions to meet the specific needs of any enterprise—solutions that are integrated, and that leverage the latest cutting-edge DDoS mitigation technologies to stop even the most determined threat actors.”

    - Chris Rodriguez
    Senior Industry Analyst, Frost & Sullivan

    Read the Frost & Sullivan Best Practice research
  • Key Benefits of DefenseFlow

    Automated attack life cycle management

    Workflow based model with an orchestrated and automated flow per protected customer that includes service provisioning, DDoS attack defense, detection criteria and attack mitigation actions.

    Workflow based model

    Assign an orchestrated and automated flow per protected customer that includes service provisioning, attack detection criteria and SDN DDoS attack defense actions.

    Always-on/SmarTap attack protection

    With DefensePro appliances deployed on premises or at provider's edge to offer the widest attack coverage and highest mitigation accuracy in real-time.

    Fits to multiple service provider use cases

    Flexible deployment models that fit into any environment including infrastructure protection and per-tenant protection while simplifying service provider's operations.

    Fully automated incident response

    Features a user-friendly interface that enables operators to define actionable operations per security incident.

  • DefenseFlow Use Cases

    Radware offers different use cases with DefenseFlow DDoS attack prevention and cyber control and command along with DefensePro for out of path DDoS attack defense and mitigation:

    Third party NetFlow-based attack detection

    Integrating with existing third party NetFlow-based attack detection solutions, attack life cycle management and DDoS attack mitigation solution.

    Integrated NetFlow-based attack detection

    Improves on use case 1 by offering DefenseFlow's patent-protected behavioral NetFlow based attack detection engine. One stop shop attack detection and mitigation solution including NetFlow collector, attack detection, attack life cycle management and DDoS attack mitigation solution.

    OpenFlow-based attack detection (SDN)

    One stop shop DDoS attack defense, detection and mitigation solution for SDN-enabled networks including OpenFlow based attack detection, attack life cycle management and attack mitigation solution.

    Attack Life Cycle Control with DefensePro as Attack Detector

    Datacenter applications are protected by advanced inline / SmarTap detection with signaling to activate higher tier mitigation when necessary.

    Attack Life Cycle Control with DefensePro or NetFlow Detection

    Granular per-tenant DDoS attack defense and detection, protecting hosting provider customers against lower volume DDoS attacks that would normally go undetected.