• Current DDoS Attacks & Software-Defined Networking (SDN) Solutions

    Enable Network Wide Services via SDN Applications

    Radware SDN applications improve application security, performance, availability and prevention of current DDoS attacks by programming the SDN to collect data and optimally forward traffic to deliver network services. The native component of the new network stack introduced by SDN includes the data plane networking devices and the control plane SDN controllers. The Radware SDN applications constructing the SDN application control plane, interact with the SDN controller using dedicated SDN drivers and work together with the Radware systems' using the Radware API to collect data throughout the application infrastructure using specific data collection drivers.

    With SDN applications, ADC and security services transform from device-based solutions requiring a static traffic forwarding configuration, to network wide services that intelligently divert traffic to service engines. Network services can scale to support larger networks at lower capital and operational cost. By building SDN applications that continuously interact with the SDN control plane and program the network (and by leveraging the Radware Virtual Application Delivery Infrastructure (VADI) architecture – which enables pooling of disperse resources to operate uniformly) Radware enables an anywhere and everywhere network service paradigm.

    Key benefits from the Radware SDN network service infrastructure include:

    More intelligent application delivery and security decisions

    Throughout the network break existing network barriers when developing business applications. Every application everywhere is entitled for advanced services.

    Simpler implementation

    Of network services allows improved operational efficiency of network management alongside application changes. Not every project needs to become a networking project.

    Greater scalability

    Scale your network services throughout the network. No more limited areas are protected or load balanced. Offer uniform services throughout the SDN.

    Lower overall network service solution costs

    As network service delivery is partially offloaded to the SDN, there is no need to invest in excess network service appliances and capacity. Deploy network services as needed, and use by many tenants and applications throughout the datacenter.

    Easier operation

    Changing and managing security and ADC functionality becomes simpler as the deployment operates as if it is centralized. Not only does SDN streamline network operations, but Radware SDN applications streamline network service operations.

    DefenseFlow™ is the first commercially available offering in Radware's SDN product lineup. DefenseFlow is an SDN application that enables network operators to program the network to provide DDoS attack protection, against current DDoS attacks - as a native network service. DefenseFlow features an adaptive behavioral-based DoS attack detection engine and a traffic diversion mechanism that utilizes the programmable characteristics of the software defined network elements for attack cleansing. Designed as part of the Radware SDN application framework, DefenseFlow operates in any SDN enabled network infrastructure.

    Legacy DDoS protection solutions that make use of scrubbing centers are costly: need hardware detectors in every network location; BGP for traffic diversion; and GRE tunnels to forward the traffic to its designated network object. With SDN, a DDoS protection solution turns into a software application that adds intelligence to the network – no need for additional hardware, BGP or GRE operations.

    Best design for SDN DDoS attack mitigation

    • DDoS attack detection is always performed out of path (OOP)
    • During attack only suspicious traffic is diverted through the mitigation device

    Most scalable mitigation solution: DefensePro mitigation devices can be placed in any location, DefenseFlow diverts the traffic to the nearest mitigation device.

    Unprecedented coverage against all type of network DDoS attacks

    Radware's ElasticScale is an SDN application that wraps existing network service virtual appliances and provides provisioning and traffic distribution logic to consistently deliver network services in an elastic demand environment. ElasticScale can be utilized for service provider internal services, managed services to end customers and can help providers adopt network function virtualization paradigms.

    ElasticScale offers network operators the following key features and benefits:

    • Ultra-scalable traffic steering solution (multi Tbps of combined capacity)
    • Ultra-scalable load balancing solution
    • Based on industry leading, carrier grade Alteon load balancing product line
    • Specially designed for NFV environments with up to 160Gbps capacity per Alteon VA instance
    • Runs on commercially off the shelf x86 server
    • Compatible with leading SDN controllers; OpenDaylight, Cisco XNC, NEC OpFlow & HP Flare
    • Seamless integration with OpenStack and vCloud Director
    • Runs over any physical SDN network equipment

    The SDN eco-system is a critical focus for Radware. Through partnerships with the industry's leading SDN forums and vendors, Radware can ensure customers that our application delivery and security solutions integrate successfully into target architectures.

    Radware is an active contributor in the following industry and vendor SDN initiatives: Big Switch Networks, Cisco Open Network Environment (ONE), Floodlight, HP Virtual Application Networks, IBM Distributed Overlay Virtual Ethernet (DOVE), NEC, Mellanox, Open Daylight Project, and the Open Networking Forum (ONF). Radware is also a member of VMware's NSX partner ecosystem for network functions virtualization (NFV).

    Radware will continue to invest in extensive joint design, development and certification with industry partnerships such as these to help drive SDN innovation in the industry.

    Contact Us to Get Started.