DDoS Mitigation with DefensePro
Using dedicated, powerful hardware appliances, DefensePro is able to repel DDoS attacks on a network. Combined with the Local Out of Path Mitigation Solution (LOOP), DefensePro is ready to outperform other attack mitigation systems.
Dedicated Hardware Architecture
Each layer of DefensePro attack mitigation is supported by a dedicated hardware architecture specifically created to maximize the level of performance.
Throughout DefensePro, multi-purpose CPUs perform the background work. These CPUs provide the flexibility and scalability needed for standard operations - like statistical analysis to benefit the behavioral analysis module.
String Match Engine
The String Match Engine (SME) is a L7 Regex Engine working in the Directed Application DDoS attack protection layer of DefensePro. The SME is an ASIC based component, optimized to perform application pattern matching in multi-Gbps network environments. The SME protects against many of the most advanced DDoS techniques - attacks which may make it through initial defenses undetected.
DME & Network Based DDoS Protection Layer
The DoS Mitigation Engine (DME) supports the network based DDoS Protection Layer. The DME is a dedicated processor that has been optimized to perform L3 and L4 filtering operations at a rate of over 10 million PPS, offering superior protection and performance.
Attack Mitigation Specific Hardware
The hardware used in DefensePro is specifically designed for DDoS attack mitigation.
By completely separating mitigating tasks and giving each process a dedicated hardware component, DefensePro avoids internal resource cannibalization to deliver maximum protection.
Legitimate traffic is still allowed through, and specific attacks are dealt with by the hardware component best suited for the task. This efficient setup provides more protection, more reliably, than competing systems.
LOOP Attack Mitigation
Radware uses a Local-Out-of-Path attack mitigation solution to combine the best of in-line and out-of-path attack mitigation methods.
The LOOP attack mitigation solution has the same advantages of an in-line approach, while eliminating many weaknesses. LOOP capability allows DefensePro to switch into action quickly and integrate seamlessly into any network critical path. By performing in-line traffic processing only for the networks or specific applications/IP addresses that are under attack, all aspects of DefensePro function at their optimal level when needed.