Radware: Assuring Complete Security of Business Critical Applications

Today, DDoS attacks have evolved into a complex and overwhelming security challenge for organizations, both large and small. The impact is rather frightening in terms of reduced revenue, higher expense, declining consumer trust and damaged reputation, with the continuous rise of cyber-attacks. Subsequently, there has been an increase in more sophisticated application-level attacks and Secure Sockets Layer (SSL) encryption-based attacks. “It represents about 25 percent of the attacks,” says Carl Herberger, VP, Security Solutions, Radware. As several businesses fall target to hackers, in spite of deploying firewalls and advanced security measures, Radware [NASDAQ:RDWR], based in Tel Aviv, Israel, engineers scalable security products and platforms to ensure optimal service levels for applications.

“We generally look at DDoS attacks across three parameters— duration, size, and complexity,” states Herberger. The firm’s on-premise DDoS devices cover different types of attacks and scales to meet the size and type of the attacks. “When attacks exceed a customer’s inbound traffic volume, we offer cloud-based scrubbing to mitigate threats outside of the customer's network regardless of their duration and size without requiring redirection of all traffic” says Herberger. Radware’s solution also includes dedicated hardware to handle the complexity of SSL-encrypted flood attacks and uses behavioral analysis and response technologies to mitigate attacks.

DefensePro from Radware is the core product offering behind its DDoS protection and one of the primary elements of the firm’s Attack Mitigation Service which is a fully managed DDoS attack mitigation service and protection solution. DefensePro provides world-class security including SSL-based protection to fully protect applications and networks against known and emerging network security threats. Additionally, DefensePro embeds two unique and dedicated hardware components—a DDoS Mitigation Engine (DME) to prevent high volume DDoS and data flood attacks, without impacting legitimate traffic, and a String Match Engine (SME) to accelerate signature detection. “The other protection layers and network based operations are done by multi-purpose CPUs which provide the required flexibility and scalability for more standard operations,” affirms Herberger.