NSFOCUS ADS Series by NSFOCUS
Distributed Denial of Service (DDoS) attacks are a nearly instantaneous volumetric assault on the intended target through the use of a massive number of networked machines (often called “Zombies”). These overwhelming attack packets clog the links of the victim and exhaust the resources of the network infrastructure, disabling a legitimate user’s access.
Recently, there has occurred super-large scale DDoS attacks of up to 300G and multi-round month-long attacks on the banking industry; with many government and enterprise websites worldwide falling victim. These constant attacks, sometimes at increasing scale, pose immense threats to all levels of networks.
Generally speaking, DDoS attacks can mainly be classified into two types based on their different features:
Traffic-based attacks can lead to an unavailability of the network infrastructure and congestion of available bandwidth. Application-based attacks directly target various applications to deliver a potentially fatal blow. There also has emerged a noteworthy trend for DDoS targeting Web systems — the hybrid attack, which mixes traffic-based and application-based attacks. This style attack can thwart any single – layer DDoS protection measure. No matter the attack type, they represent a direct threat to carriers and service providers, data centers, enterprises and various other businesses.
Based on decades of research of DDoS technologies, NSFOCUS has developed a complete set of dedicated DDoS protection products, covering traffic detection, cleaning and management. The first 100M NSFOCUS Anti-DDoS System (NSFOCUS ADS) was released in 2001. Since then, NSFOCUS DDoS protection products have also diversified to orient to different threats as they arise and have been expanding their protection power. At present, the NSFOCUS ADS offers up to 20Gbps line-speed protection, which can provide hundreds of Gbps of mitigation power as total via device clusters to defend against volumetric DDoS attacks.
NSFOCUS' dedicated DDoS protection products can be deployed out-of-path in the backbone routers on large-scale networks or deployed in-line at the access point of small-scale networks to combat both the high-volume and most complicated DDoS attacks and application-based (or slow-rate DDoS attacks), ensuring pure inbound traffic. The NSFOCUS ADS systems are capable of delivering the following DDoS protection capabilities:
NSFOCUS ADS can defend against not only DDoS attacks on the transport layer, like SYN Flood, SYN-ACK Flood, ACK Flood, FIN/RST Flood, UDP Flood, ICMP Flood and IP Fragment Flood, but also those targeting the application layer, such as HTTP GET /POST Flood, slow-rate attacks, DNS attacks, game service attacks and audio/video attacks. Furthermore, in terms of application scenarios, the ADS system can defeat DDoS attacks launched via multitude agent servers, like CDN and WAP gateways.
Instead of relying solely on traditional fingerprint matching or other similar methods, the NSFOCUS ADS conducts behavior anomaly detection and filtering by virtue of an embedded “intelligent multi-layer identification and cleaning matrix” which consolidates the mechanisms of anti-spoofing, protocol stack behavior analysis, specificapplication protection, user behavior analysis, dynamic fingerprint identification, bandwidth control and so forth.
NSFOCUS WAF Series by NSFOCUS
The NSFOCUS Web Application Firewall (WAF) safeguards your web applications against current and future security threats by combining multiple web security inspection methods into one COMPLETE solution. Integrated with a behavior-based Anti-DDoS mechanism, the NSFOCUS WAF provides all-around protection against traditional web-based threats (e.g., the OWASP Top 10), a wide range of DDoS attack types (network-, bandwidth-, and application-based), and offers PCI-DSS compliance reports. The NSFOCUS WAF offers organizations transparent inline deployment, layered web security, and low operational expenditure. It can provide your business with a highly secure solution that ensures your web applications and related data remain safeguarded. NSFOCUS' WAF provides carrier-grade power and functionality for all sizes and types of businesses. It safeguards the world's largest Telecommunication provider, as well as the world's largest Mobile provider and has been installed in companies all over the world. According to the Frost & Sullivan reports, NSFOCUS WAF is the market share leader in Greater China in the Web Application Firewall Market in three successive years, from 2010 to 2012.
"In comparison with many other contenders in the market which tend to focus on diversity of functionalities, NSFOCUS's WAF solutions emphasize the capability of attacks protection and simplicity in terms of policy management. This resulted in a better user experiences for many of their users." - Frost & Sullivan
NSFOCUS NIPS Series by NSFOCUS
Security threats and attacks at the application layer are becoming more complex and more sophisticated. More than ever, you need to achieve the highest level of effective network intrusion security; it's critical to maintaining the high level of protection that keeps your business running.
NSFOCUS's Network Intrusion Prevention System (NIPS) provides the answer. It is a next-generation inline-deployed security gateway, providing a comprehensive and easy-to-use solution that identifies, classifies and stops known and unknown malicious traffic and threats to your network. With its advanced built-in web reputation evaluation, online behavior management and traffic control engines, NSFOCUS's NIPS delivers high-performance security effectiveness, manageability, stability and reliability in threat detection and protection, ensuring network availability and business continuity.
Next-Generation Network Security by Sourcefire
Sourcefire offers the smartest way to buy the best network security available. Our innovative, platform approach to network security via FirePOWER™ appliances enables us to deliver consistent security effectiveness, performance and value across a broad portfolio of industry-leading, next-generation network security products.
The Sourcefire Next-Generation IPS sets a new standard for advanced threat protection integrating real-time contextual awareness, full-stack visibility and intelligent security automation to deliver industry-leading security effectiveness, performance and low total cost of ownership. Passive intrusion detection (IDS) mode notifies of suspicious network traffic and behavior while inline IPS mode blocks threats. The NGIPS solution can be further expanded with optional subscription licenses to add Application Control/URL Filtering and Advanced Malware Protection. Centrally manage hundreds of appliances through the Sourcefire FireSIGHT® Management Center.
Sourcefire NGIPS has been consistently recognized as a leader in the Gartner Magic Quadrant for Network IPS and received top ranking in NSS Labs’ 2012 Security Value Map for IPS security effectiveness and TCO.
Read more about the features that set the Sourcefire NGIPS apart.
Application Control/URL Filtering
Sourcefire offers the first Application Control solution you can deploy as part of a Next-Generation IPS without the need to introduce new hardware, detection or management points within your network. Gain granular control of over 1,800 applications, detected and classified by risk and business relevance.
In addition, the URL Filtering subscription is available for the NGIPS or NGFW, adding the ability to filter more than 280 million top level domains by risk level and over 82 categories.
The Sourcefire NGFW includes the world’s most powerful NGIPS, granular application control and advanced firewall functionality in a flexible, high-performance security appliance, bringing together control and effective prevention. An optional Advanced Malware Protection license can also be added. The NGFW is managed by the same Sourcefire FireSIGHT® Management Center as the NGIPS appliances.
In NSS Labs’ 2012 NGFW Product Analysis Report the Sourcefire NGFW set a new standard in security effectiveness, protecting against 99 percent of all attacks and demonstrating superior performance and total cost of ownership. The Sourcefire NGFW also received top ranking in NSS Labs’ 2013 Security Value Map for NGFW security effectiveness and TCO.
Read more about the features that set the Sourcefire NGFW apart.
The Sourcefire Virtual Appliances and Sourcefire Virtual FireSIGHT® Management Center are available for VMware platforms and provide the same control and protection as their physical counterparts. These virtual NGIPS and NGFW appliances enable you to inspect traffic between virtual machines (VMs) and combine and manage up to 25 physical and virtual appliances with a single Management Center.
Sourcefire SSL Appliances can decrypt SSL traffic at up to 4.5Gbps line rate to enable existing security appliances to effectively inspect SSL traffic and then place the SSL-encrypted traffic back on the network for its final destination. The SSL Appliances support both passive and inline network configurations with a range of interface options, which all include a programmable fail-open capability.
McAfee Network Intrusion Prevention by McAfee
McAfee Network Intrusion Prevention products keep your business up, running, and secure with industry-leading protection against hackers, malware, and zero-day exploits of all kinds. While the coverage is comprehensive and the protections are robust, management is easy via a simplified, centralized, web-based console.
McAfee Network Security Manager
McAfee Network Security Manager enables you to configure, deploy, and manage multiple McAfee intrusion prevention systems (IPS) through a single, easy-to-use console.
McAfee Network Security Platform
McAfee Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced threat detection techniques, it defends against stealthy attacks with extreme accuracy at speeds of up to 80 Gbps, while providing rich contextual data about users, devices, and applications for fast, accurate responses to network-borne attacks.
McAfee Network Threat Response
McAfee Network Threat Response is a network security solution that specializes in finding that single, all-important security threat: the attack that gets inside the network itself. Network Threat Response is a framework of next-generation detection engines specializing in thwarting advanced persistent threats (APTs), and prioritizes and presents only those security threats that require investigation — cutting analysis time from weeks to minutes.
McAfee Network Security Platform (NSP) by McAfee
McAfee Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced threat detection techniques, it moves beyond mere pattern matching to defend against stealthy attacks with extreme accuracy, while its next-generation hardware platform scales to speeds of over 80 Gbps to meet the needs of demanding networks.
With its Security Connected approach to network security management, Network Security Platform streamlines security operations by combining real-time McAfee Global Threat Intelligence feeds with rich contextual data about users, devices, and applications for fast, accurate response to network-borne attacks.
Radware DefensePro by Radware
DDoS Protection and Attack Mitigation Service
What Does DefensePro Do?
Cyber criminals don't keep regular hours. Instead, they work around the clock to find and exploit holes in your network. You need comprehensive enterprise network security designed to meet today's ever changing security challenges.
Enter Radware's DefensePro ― a real-time, behavioral based attack mitigation device that protects your infrastructure against network and application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft and other emerging cyber-attacks.
DefensePro provides world-class security including distributed denial of service (DDoS) mitigation and SSL-based protection to fully protect applications and networks against known and emerging network security threats such denial of service attacks, DDoS attacks, Internet pipe saturation, attacks on login pages, attacks behind CDNs, and SSL-based flood attacks with:
What Makes DefensePro a Better DDoS Mitigation?
Based on standard signature detection technology to prevent the known application vulnerabilities, DefensePro consists of patent protected behavioral based real-time signatures technology that detects and mitigates emerging network attacks in real time such as zero-minute attacks, DoS/DDoS attacks and application misuse attacks ― all without the need for human intervention and without blocking legitimate user traffic.
DefensePro is a core part of Radware's next generation Attack Mitigation System (AMS) a set of patented technologies designed for the most advanced internet-borne cyber-attacks. AMS extends the "network" of attack detection and mitigation capabilities beyond the data center for:
Extreme Networks Intrusion Prevention System by Extreme Networks
The IPS provides exceptional functionality by locating, containing, and removing the source of the attack from the network.
Intrusion Prevention System (IPS) ensures the confidentiality, integrity, and availability of business-critical resources with industry-leading Intrusion Prevention capabilities, including:
IPS is unique in its ability to gather evidence of an attacker’s activity, remove the attacker’s access to the network, and reconfigure the network to resist the attacker’s penetration technique. IPS stops attacks at the source of the threat and can proactively protect against future threats and vulnerabilities. IPS offers an extensive range of detection capabilities, host-based and network-based deployment options, a portfolio of IPS appliances, and seamless integration with the Extreme Networks architecture. IPS utilizes a state-of-the-art high-performance, multi-threaded architecture with virtual sensor technology that scales to protect even the largest enterprise networks.
IPS is a core component of the Extreme Networks architecture. When deployed in combination with Security Information & Event Manager (SIEM) and NMS Automated Security Manager, it facilitates the automatic identification, location, isolation, and remediation of security threats. IPS integrates seamlessly with Network Access Control (NAC) for post-connect monitoring of behavior once network access has been granted.
Huawei NIP2000/5000 Series by Huawei
The Huawei Network Intelligent Protection system (NIP) is a new generation of dedicated intrusion detection and prevention products. It is designed to resolve network security issues in modern IT environments that utilize Web2.0 and cloud age. The NIP provides such features as virtual patching, web application protection, client protection, malicious-software control, network application management, and network-layer and application-layer DDoS attack prevention.
Comprehensive Protection Ranging from System Service to Application Software
The NIP provides traditional intrusion protection system (IPS) functions such as vulnerability attack defense, web application protection, malicious-software control, application management, and network-layer DDoS attack prevention.
The NIP provides comprehensive protection for client systems exposed to the prevalent attacks that target web browsers, media files, and other document file formats.
The NIP provides industry-leading defense against application-layer DDoS attacks that spread through HTTP, DNS, or SIP.
The NIP can detect attacks and upgrade signatures in a timely manner with the global vulnerability trace capability.
Accurate Detection and Intelligent Interception
The NIP detects attacks accurately without false positive errors with the advanced vulnerability feature detection technology.
The NIP automatically learns the traffic baselines to prevent incorrect threshold configurations.
The NIP automatically intercepts major and severe threats without signature modification.
High performance: the real IPS performance, highest 12Gpbs applications layer detection capability
XLR multi-core + IA general-purpose processor + FPGA architecture to ensure 天the reliable performance;
In the case of traffic spikes, remained stable performance
Application Awareness for Accurate Control of User Behavior
The NIP can identify more than 1000 network applications. With precise bandwidth allocation strategies, the NIP restricts the bandwidth used by unauthorized applications and reserves sufficient bandwidth for office applications such as OA and ERP.
The NIP can fully monitor and manage various network behaviors, such as instant messaging (IM), online games, online video, and online stock trading. This enables enterprises to identify and prevent unauthorized network behaviors and better implement security policies.
Automatic Configuration and Easy Management
Zero configuration network access: The device functions properly once it is powered on. No complex signature modification or network parameter adjustment is required.Applications & Benefits
NIP2000/5000 can be deployed in carrier IDC and enterprise network to detect attack, truly implement "comprehensive detection, accurate analysis of the multi-faceted show.
IBM® Security Network Intrusion Prevention System appliances are designed to stop constantly evolving threats before they impact your business. This means providing both high levels of protection and performance, while lowering the overall cost and complexity associated with deploying and managing a large number of point solutions.IBM Security Network Intrusion Prevention System:
In-line threat protection that defends critical data and applications without affecting performanceand productivity.
Stop the Most Advanced and Sophisticated Attacks with TippingPoint NX Platform.
Protect yourself from cyber threats that target applications, networks, and critical data with in-line, real-time intrusion and proactive network security.
Get Up to 8 Gbps of In-line, Real-time Intrusion Protection with TippingPoint N Platform.
Secure your network and critical data with an intelligent, adaptive security Intrusion Prevention System that will protect you against cyber threats.
Cisco ASA 5500 Series IPS Solution
Cisco IPS 4500 Series Sensors
Cisco IPS 4300 Series Sensors
Cisco IOS Intrusion Prevention System (IPS)