DDoS Protection & Mitigation Services

Today’s enterprises are truly dependent on their online presence, whether it is for generating revenues, ensuring high employee productivity, or providing a superb customer experience. Ubiquitous Internet access also makes the online enterprise susceptible to cyber-attacks such as DDoS, from around the world. The resulting service outages cause costly downtime, lost productivity, brand damage and impact the enterprise’s legitimate users.

Unfortunately, traditional security solutions like firewalls and IPS devices are ineffective against advanced cyber-threats and are frequently a target of attacks themselves. What enterprises require is a First Line of Defense solution which is built to withstand modern cyber threats, such as DDoS attacks and ensuring business continuity of their Internet facing services and applications.

About

Corero First Line of Defense products are divided in two main categories:

Corero DDS Threat Defense System, a network security product deployed between the Internet and the enterprise network, designed to meet the evolving protection requirements of modern enterprise’s mission critical infrastructure.

SmartWall® Threat Defense System, designed for Hosting Providers and Datacenter operators giving them the ability to offer comprehensive DDoS and cyber threat protection to their hosted customers as an extension of their current service offerings, improving their overall value proposition and providing an opportunity to offer differentiated value added security services.

Solution Key Benefits

  • Detects and mitigates both network-layer DDoS attacks and more advanced application-layer attacks
  • Protects your network at all times, ensuring legitimate communications pass without delay
  • Ensures business continuity and availability
  • Protects and optimizes your organization’s investment in IT infrastructure
  • Through ReputationWatch, provides automated real-time defense against previously identified DDoS attack sources
  • With IP address geolocation technology, enables enforcement of security policies based on national origin of IP addresses
  • Provides low latency and high throughput, even while under attack
  • Offers solid state reliability with redundant power supplies and an MTBF rating of 20 to 30 years, no rotating media and no chip fans
  • Features advanced clustering capability for high availability and increased performance

Corero DDS Threat Defense System

The Corero DDoS Defense System (DDS) is your organization’s First Line of Defense® against crippling, costly The Corero DDoS Defense System Distributed Denial-of-Service (DDoS) attacks, delivering the most comprehensive DDoS protection available in a purpose-built, high performance, on-premises appliance. DDS detects and blocks both familiar network-layer flooding attacks, as well as the more difficult to detect, low and slow application-layer attacks, which have become the stealth attackers’ weapon of choice.

Traditional cloud-based on demand anti-DDoS services are typically ineffective against these application-layer attacks as they never see them. The Corero DDS uses an always on, adaptive, patented DDoS defense algorithm to ensure your online business is always protected keeping services up and available — blocking malicious incoming requests while reliably passing legitimate traffic to the company’s online servers. Positioned at the Internet gateway, DDS protects your existing IT infrastructure – from the firewall to the backend server – allowing it to perform as intended.

DDS Platform

Corero Network Security’s DDoS Defense System (DDS) product family draws its leadership threat detection capabilities and multi-gigabit performance from a purpose built DDoS-specific software implementation hosted on Corero’s powerful, extensible and flexible multicore networking platform. Corero’s First Line of Defense utilizes patented DDoS Defense algorithms, granular rate-based protection mechanisms, hardened stateful firewall filtering and deep packet inspection for malicious content protection. In addition, real time anomaly detection leverages techniques such as Demerit Scoring Systems, Requestor Behavioral Analysis, Acceptable Application Use and Stateful Protocol Analysis.

This purpose built combination of hardware and software technologies provide a effective, reliable and powerful on-premises DDoS defense solution that efficiently mitigates network layer and application layer DDoS Service attacks while ensuring legitimate network traffic and web servers to function at normal levels.

SmartWall® Threat Defense System

The Corero DDoS Defense System (DDS) is your organization’s First Line of Defense® against crippling, costly The Corero DDoS Defense System Distributed Denial-of-Service (DDoS) attacks, delivering the most comprehensive DDoS protection available in a purpose-built, high performance, on-premises appliance. DDS detects and blocks both familiar network-layer flooding attacks, as well as the more difficult to detect, low and slow application-layer attacks, which have become the stealth attackers’ weapon of choice.

Service Providers, Hosting providers, Managed Security Service Providers and large Enterprises all impacted by the challenges of DDoS attacks and cyber threats. These attacks have grown in size, frequency and sophistication in recent years. Not surprisingly, customer expectations for improved service availability and security have risen in unison. Enterprises are increasingly calling on their service providers to assist them in the detection, analysis and mitigation of DDoS attacks and other cyber threats before they have an impact on their operations and ultimately, their business.

DDoS and Cyber Threat Protection SmartWall TDS

The Corero SmartWall TDS is a purpose-built family of network security appliances that is configurable to meet the needs of the business. These appliances deliver comprehensive threat defense services in rapidly scalable deployments for higher performance, greater connectivity and broader functionality than previously possible. This unique, slim line appliance delivers 10Gbps full-duplex performance in a ¼ wide, 1 RU form factor. Organizations can deploy a combination of SmartWall TDS appliances to deliver the performance, connectivity and security required. Customers benefit from progressive inspection, threat detection and policy-based protection with always on visibility at any throughput – 1 RU delivers 40Gbps, and 4 RU delivers 160Gbps. Simultaneously providing continuous visibility and security policy enforcement at layers 3, 4 and 7 for both IPv4 and IPv6 traffic.

SmartWall Network Threat Defense Appliance

Provides continuous visibility and security policy enforcement so that hosting providers can establish a proactive First Line of Defense for inspecting traffic, detecting threats and blocking attacks. It is capable of mitigating a wide range of DDoS attacks while maintaining full service connectivity and availability to avoid degrading the delivery of legitimate traffic. The SmartWall Network Threat Defense appliance is designed to handle volumetric network based DDoS attacks or floods, reflective amplified spoof attacks, like DNS and NTP attacks, as well as application layer attacks that are typically too low to be detected by out of band solutions—such as slow loris, slow read etc.

SmartWall Network Forensics Appliance

As sophisticated threats continue to evolve, effective security analysis requires continuous visibility into the traffic flowing between the protected network and the Internet. The Corero SmartWall TDS supports 10Gbps line rate packet capture to enable network forensics of security incidents.

SmartWall Network Bypass Appliance

Network availability is the key to maintaining an always on Internet presence. The Corero SmartWall Network Bypass Appliance provides organizations with 100% network connectivity to eliminate downtime of their Internet presence in case of power or equipment failures as well as during maintenance windows.

The Corero Management Server (CMS)

Corero offers multiple management options for configuring, controlling, and monitoring the appliances including a flexible Browser-based GUI, a full SSH CLI and powerful REST API that supports open integration with existing management frameworks. Centralized management of the SmartWall Network Threat Defense Appliance as well as other family members of the SmartWall Threat Defense System is performed via secure connection to the Corero Management Server (CMS). The CMS includes a dashboard for monitoring threat activity and viewing key security
events. The CMS is delivered as a virtual appliance to run on customer-provided hardware.


Unparalleled Visibility

The SmartWall Network Threat Defense Appliance provides seamless integration with Security Information and Event Management (SIEM) and Operational Intelligence solutions, such as Splunk. Leveraging Splunk software for big data analytics and advanced visualization capabilities, Corero has transformed its sophisticated security event data into dashboards of actionable security intelligence, accessible via Corero SecureWatch® Analytics. Organizations are now empowered to utilize this portal as a single pane of glass into the DDoS attacks and cyber threats targeting their Internet-facing services.

Corero SecureWatch Analytics is included with the purchase of the Corero First Line of Defense products, as part of your DDoS defense investment. The portal transforms the sophisticated Corero security feeds into dashboards of actionable security intelligence.