Arbor Networks Pravail APS 2003 PRA-APS-2003-AC Scheda Tecnica
Codici prodotto
PRA-APS-2003-AC
Advanced DDoS Defense
Gain protection against:
• Spoofed/Non-spoofed DoS Attacks
• TCP (SYN, etc.), ICMP, UDP Floods
• Botnets
• Blackenergy, Darkness,
YoYoDDoS, etc.
• Common DoS/DDoS Tools
• Slowloris/Pyloris, Pucodex, Sockstress,
ApacheKiller
• Voluntary Botnets (Anonymous, etc.)
• HOIC, LOIC, etc.
• Application Attacks
• HTTP URL GET/POST Floods
• Malformed HTTP Header Attacks
• Slow-HTTP Request Attacks
• SYN Floods Against SSL Protocols
• Malformed SSL Attacks
• SSL Renegotiation Attacks
• SSL Exhaustion (Single Source/
Distributed Source)
• DNS Cache Poisoning Attacks
• DNS Request Floods
• SIP Request Floods
• Custom Attacks—Unique to
Your Service
• Location-based IP Addresses
The Pravail Availability Protection
System also allows user-configured
custom protection.
System also allows user-configured
custom protection.
SSL Inspection
Many organizations rely on Secure Socket Layer (SSL) encryption for transmitting data
securely. Unfortunately, attackers can also encrypt their attacks, so the Pravail Availability
Protection System must also inspect encrypted traffic for threats. Using an off box SSL
decryption device, the Pravail Availability Protection System can inspect data that has been
previously encrypted to identify embedded attacks and help block those threats from harm-
ing the network. Once the traffic has been inspected, “clean” encrypted traffic is transmitted
to the intended destination.
securely. Unfortunately, attackers can also encrypt their attacks, so the Pravail Availability
Protection System must also inspect encrypted traffic for threats. Using an off box SSL
decryption device, the Pravail Availability Protection System can inspect data that has been
previously encrypted to identify embedded attacks and help block those threats from harm-
ing the network. Once the traffic has been inspected, “clean” encrypted traffic is transmitted
to the intended destination.
Automated and Advanced DDoS Protection
Because the cost of downtime is extremely high for many organizations, the Pravail
Availability Protection System is designed to automatically detect and prevent DDoS attacks
with little or no user interaction—before services are degraded. It also offers simple fallback
plans and resolution techniques when attacks cannot be readily identified. Moreover, the
Pravail Availability Protection System can recognize legitimate CDN traffic and will not
accidentally block it.
Availability Protection System is designed to automatically detect and prevent DDoS attacks
with little or no user interaction—before services are degraded. It also offers simple fallback
plans and resolution techniques when attacks cannot be readily identified. Moreover, the
Pravail Availability Protection System can recognize legitimate CDN traffic and will not
accidentally block it.
ATLAS
®
Intelligence Feed
Arbor enjoys a close and privileged relationship with leading ISPs around the world.
Through its extensive network of sensors and data feeds, Arbor has real-time visibility
into over 80% of global Internet traffic. This gives Arbor unmatched insight into emerging
threats—information that is used to develop effective countermeasures against the latest
attacks. ATLAS Intelligence Feed is an update service that automatically provisions the
Pravail Availability Protection System appliances with the latest defenses to new threats
and updates IP location data—all in real time.
Through its extensive network of sensors and data feeds, Arbor has real-time visibility
into over 80% of global Internet traffic. This gives Arbor unmatched insight into emerging
threats—information that is used to develop effective countermeasures against the latest
attacks. ATLAS Intelligence Feed is an update service that automatically provisions the
Pravail Availability Protection System appliances with the latest defenses to new threats
and updates IP location data—all in real time.
Advanced Web Crawler Service
The Pravail Availability Protection System delivers superior availability protection without
impacting a Web site’s page ranking and search engine results. ASERT maintains policies
in the ATLAS Intelligence Feed that allow specific Web crawlers to access your site, but
blocks those that are malicious or irrelevant.
impacting a Web site’s page ranking and search engine results. ASERT maintains policies
in the ATLAS Intelligence Feed that allow specific Web crawlers to access your site, but
blocks those that are malicious or irrelevant.
Visibility, Control and Alerting
The Pravail Availability Protection System is not a “black box.” While it delivers automated
protection from DDoS, the Pravail Availability Protection System also provides real-time
visibility into attacks, blocked hosts and even packets. It offers the flexibility operators need
to alter attack countermeasures and thresholds if required. It includes active alerting that
notifies security engineers of ongoing attacks that are blocked, as well as other network
events that may require their attention.
protection from DDoS, the Pravail Availability Protection System also provides real-time
visibility into attacks, blocked hosts and even packets. It offers the flexibility operators need
to alter attack countermeasures and thresholds if required. It includes active alerting that
notifies security engineers of ongoing attacks that are blocked, as well as other network
events that may require their attention.
Real-Time and Historical Attack Forensics and Reporting
The Pravail Availability Protection System offers detailed attack reports in real time, so
operators can visually understand the actions taken by the appliance. Besides documenting
these actions in audit logs, it provides forensic reports detailing blocked hosts, origin
countries of attacks and historical trends. These easy-to-understand reports can be given
to peers or management to educate them on the threats to service availability and the steps
taken to address the attacks.
operators can visually understand the actions taken by the appliance. Besides documenting
these actions in audit logs, it provides forensic reports detailing blocked hosts, origin
countries of attacks and historical trends. These easy-to-understand reports can be given
to peers or management to educate them on the threats to service availability and the steps
taken to address the attacks.
“ During recent elections,
our networks were
under constant attack.
We deployed the Pravail
Availability Protection
System in advance of the
elections as a precaution
and the attacks were
not successful.”
under constant attack.
We deployed the Pravail
Availability Protection
System in advance of the
elections as a precaution
and the attacks were
not successful.”
Rene Miranda, CIO, IFE
The Pravail Availability Protection
System provides detailed reports
on attack traffic and allows users
to easily enable different attack
protections based on a variety
of factors including IP Location,
Web Domains or Top Services.
System provides detailed reports
on attack traffic and allows users
to easily enable different attack
protections based on a variety
of factors including IP Location,
Web Domains or Top Services.