DDoS Attack Mitigation

Distributed Denial of Service attacks (DDoS) have become widespread and highly-visible over the past years. The rise of "hacktivist" organizations has led to a number of highly publicized DDoS attacks that have encouraged other equally damaging attacks in their wake. As the frequency and sophistication of these attacks continues to grow, it is important that businesses find ways to improve their DDoS attack mitigation capabilities. There are numerous DDoS mitigation tactics. Radware brings many of them together in one highly effective package with DefensePro.

DDoS Attack Consequences

A DDoS attack can result in lost revenue, lost data, and lost consumer trust for a business. A distributed denial of service attack uses a swarm of computers - sometimes hijacked through a worm or virus, other times willing volunteers - to flood a network with requests. The volume and frequency of requests to the network eventually overrides the available resources, crashing the network. This is sometimes referred to as "resource exhaustion flooding."

DDoS attack tools are not difficult to develop and can be distributed through a wide variety of channels - including internet relay chat (IRC), peer-to-peer networks, email worms, malicious websites, and social engineering. These devastating attacks require significant attention and protection from any network.

Radware offers a four layer protective system to help networks deal with threats and attacks.

Radware Attack Mitigation System

I. DefensePro Real-time Protection

DefensePro is a real-time network intrusion prevention device that prevents your infrastructure from being disabled by malicious attacks. DefensePro is a guard against downtime, vulnerability exploitation, malware, theft, and other network attacks.

The following security modules are included with DefensePro:

Intrusion Prevention System: Based on a stateful static signature detection technology, IPS uses periodic updates and emergency updates to protect your network.

Network Behavioral Analysis: This module uses patented behavioral-based real-time signature technology to detect anomalous behavior that may signal an attack. Using this data, the NBA module then begins blocking the attack.

Denial of Service Protection: Protect against distributed denial of service attacks by identifying potential threats and behavior in real-time and challenging new connections to ensure their safety.

Reputation Engine: Real-time Anti-Trojan and Anti-Phishing technology targets potential threats engaging in financial fraud, information theft, and the spread of malware.

I. DefensePro Real-time Protection

The goal of a service oriented architecture (SOA) is to make application components reusable and interchangeable between the various business processes that they support. While the deployment of SOA lets enterprises reuse existing components to preserve capital expenditures and make the business more flexible, maintaining the sequencing and management of iterative transactions is cumbersome. SOA transactions involve multiple services which represent the coupling of different operating systems, programming languages, and technologies underlying the application environment. From a network point of view, implementing SOA means a significant increase in the number of connections and more application to application interaction to complete transactions. This requires higher data center capacity and availability to ensure service level agreements (SLA) are met and also creates more points of exposure along the transaction path.

II. AppWall

Radware's AppWall is a Web Application Firewall (WAF) that protects Web applications from existing and emerging threats providing the best web application security coverage. It prevents data leakage and manipulation of sensitive corporate and customer information. No matter what software the web application is deployed on, AppWall effectively protects it.

III. APSolute Vision

The security risk management layer provides full visibility into network security. Using the SEIM engine, administrators can collect and analyze events from all security modules for full enterprise-view situational awareness.

Using APSolute Vision, administrators are able to gather the information they need to successfully defend against, and identify, potential attacks.

IV. Emergency Response Team (ERT)

The Emergency Response Team at Radware consists of knowledgeable, specialized security experts that are ready to help you with comprehensive help. Available 24 hours, 7 days a week, the Radware ERT is ready to help with instantaneous services for customers facing a DDoS attack. They can help you restore network and service operational status.