Anti-Distributed Denial of Service

Anti-Distributed Denial of Service

 

ANTI-DDoS

(Anti-Distributed Denial of Service)

 

The Network Box Anti-DDoS engine provides Distributed Denial of Service (DDoS) Attack mitigation, so that ‘bad traffic’ is kept at bay, while ‘good traffic’ is allowed through to secured web facing servers, defending business continuity during ongoing attacks. Using real-time automated fingerprinting to identify and blacklist attacks, the engine takes milliseconds to respond to brute force attacks coming from thousands of sources.

 

The engine keeps track of DDoS information on a per-source basis (which it periodically maintains and prunes), and imposes limits on reasonable behavior. Sources which exceed those limits are deemed to be DoS/DDoS attack sources and mitigated.

 

 

 

Anti-DDoS Overview

The diagram below illustrates the Anti-DDoS engine in action, whilst your network is under a DDoS attack.

DDoS Attack

 

 

 

The Anti-DDoS engines offers

DoS/DDoS mitigation facilities:

 

Total connections limiting

Total connection rate limiting

Per-source connections limiting

Per-source connection rate limiting

Per-source-per-method rate limiting

SYN cookies for SYN flood protection

 

 

 

Key Features

Real-time fingerprinting

Real-Time automated fingerprinting

to identify and blacklist attacks.

Mitigation factor of 1000

Slows down attacks

by a factor of 1,000.

Millisecond response

Millisecond response

to brute force attacks.