Your First Line of Defense AGAINST DDOS ATTACKS. change the rules for inspection performance, security intelligence and

Similar documents
SmartWall Threat Defense System - NTD1100

SmartWall Threat Defense System - NTD120

Corero SmartWall TDS Real-time, Automatic and Highly-Scalable DDoS Defense Solutions

Corero SmartWall TDS Real-time, Automatic and Highly-Scalable DDoS Defense Solutions

DDoS Managed Security Services Playbook

Fregata. DDoS Mitigation Solution. Technical Specifications & Datasheet 1G-5G

Corrigendum 3. Tender Number: 10/ dated

McAfee Network Security Platform

McAfee Network Security Platform

Symantec Network Security 7100 Series

Comprehensive datacenter protection

WHITE PAPER Hybrid Approach to DDoS Mitigation

Cisco SCE 2020 Service Control Engine

Cisco ACE30 Application Control Engine Module

X1 X2. traditional security tools, allowing malware to propagate across the infrastructure. SPAN ports on the leaf and spine switches provide

A10 DDOS PROTECTION CLOUD

TALK. agalaxy FOR THUNDER TPS REAL-TIME GLOBAL DDOS DEFENSE MANAGEMENT WITH A10 DATA SHEET DDOS DEFENSE MONITORING AND MANAGEMENT

Cisco Firepower 9300 Security Appliance

ngenius 5100 Packet Flow Switch

Thunder TPS. Overview. A10 Networks, Inc.

FGS-2616X L2+ Managed GbE Fiber Switches

Cisco Nexus 7000 Series.

EFFECTIVE SERVICE PROVIDER DDOS PROTECTION THAT SAVES DOLLARS AND MAKES SENSE

VISION ONE: SECURITY WITHOUT SACRIFICE

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

CONNECTRIX MDS-9132T, MDS-9396S AND MDS-9148S SWITCHES

Cisco ASA 5500 Series IPS Solution

Features. HDX WAN optimization. QoS

4 PWR XL: Catalyst 3524 PWR XL Stackable 10/100 Ethernet

PSGS-2610F L2+ Managed GbE PoE Switch

Ixia Net Optics ilink Agg xstream

Imperva Incapsula Product Overview

THUNDER TPS Next-generation DDoS Protection

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

Data Sheet. DPtech Anti-DDoS Series. Overview. Series

GS-2610G L2+ Managed GbE Switch

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

Ixia xstream TM 10. Aggregation, Filtering, and Load Balancing for 1GbE/10GbE Networks. Aggregation and Filtering DATA SHEET

Cisco Nexus 9500 Series Switches

Gigabit Managed Ethernet Switch

VirtualWisdom SAN Performance Probe Family Models: ProbeFC8-HD, ProbeFC8-HD48, and ProbeFC16-24

ngenius 5010 Packet Flow Switch

S2250/S3250 NETWORK INTERFACE DEVICE

MS425 SERIES. 40G fiber aggregation switches designed for large enterprise and campus networks. Datasheet MS425 Series

Cisco SFS 7000D InfiniBand Server Switch

TALK THUNDER TPS SURGICAL MULTI-VECTOR DDOS PROTECTION WITH A10 DATASHEET DDOS PROTECTION & MITIGATION

IPS-1 Robust and accurate intrusion prevention

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

Cisco Nexus 7000 Series

CONNECTRIX DS-6500B SWITCHES

VISION ONE: SECURITY WITHOUT SACRIFICE

Check Point DDoS Protector Introduction

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection

Cisco Nexus 7000 Switches Supervisor Module

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

NIP6000 Next-Generation Intrusion Prevention System

Cisco Virtual Networking Solution for OpenStack

Cisco UCS B230 M2 Blade Server

haltdos - Web Application Firewall

Seceon s Open Threat Management software

Cisco Nexus 7000 Switches Second-Generation Supervisor Modules Data Sheet

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

VeloCloud SD-WAN Subscription

Cisco SR 520-T1 Secure Router

Cisco Nexus 7000 Series Supervisor Module

Cisco 3300 Series Mobility Services Engine. Open, Appliance-Based Platform for Delivering Mobility Services

The Cisco ASA 5500 Series Adaptive Security Appliances

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Ixia xbalancer. A Purpose-Built Load Balancer for 10G Networks. The Load Balancing Solution DATA SHEET. Highlights

F5 DDoS Hybrid Defender : Setup. Version

Imperva Incapsula Website Security

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

NSG100 Nebula Cloud Managed Security Gateway

Websmart 26-port Gigabit Ethernet Switch for cost-effective networks

Cisco Nexus 9500 Platform Switches for Cisco Application Centric Infrastructure

TALK THUNDER TPS SURGICAL MULTI-VECTOR DDOS PROTECTION WITH A10 DATA SHEET DDOS DETECTION, MITIGATION & CLOUD PROTECTION

Data Sheet. OceanStor SNS2624/SNS3664 FC Storage Switches. Product Features HIGHLIGHTS. OceanStor SNS2624/SNS3664 FC Storage Switches

Cisco Wireless LAN Controller Module

Cisco Meraki MS400 Series Cloud-Managed Aggregation Switches

New Product: Cisco Catalyst 2950 Series Fast Ethernet Desktop Switches

AKAMAI CLOUD SECURITY SOLUTIONS

Network Capacity Expansion System

Acme Packet Net-Net 14000

Product features. Applications

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Cisco Nexus Data Broker

Cisco Secure Network Server

Cisco Nexus 7000 F3-Series 6-Port 100 Gigabit Ethernet Module

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Cisco ASA 5500 Series Adaptive Security Appliances

Cisco 2-, 5-, 8-, and 10-Port Gigabit Ethernet Shared Port Adapters, Version 2

SEVONE DATA APPLIANCE FOR EUE

TALK THUNDER TPS SURGICAL MULTI-VECTOR DDOS PROTECTION WITH A10 DATA SHEET DDOS DETECTION & MITIGATION

NSG50/100/200 Nebula Cloud Managed Security Gateway

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

ABSOLUTE REAL-TIME PROTECTION SERIES

Transcription:

SmartWall THREAT DEFENSE SYSTEM FIRST LINE OF DEFENSE DATA SHEET NETWORK THREAT DEFENSE APPLIANCE KEY BENEFITS Robust security coverage Comprehensive network security protection against layers 3-7 for both IPv4 and IPv6 traffic. Industryleading density, scalability & performance Protection is provided through configurable access policies with scalability from 10/20Gbps up to 2Tbps in a single rack. Comprehensive Visibility Leveraging Splunk software for big data analytics and advanced DDoS visualization capabilities. Powerful centralized management Centralized Operational Management for configuring, controlling, and monitoring the appliances. Flexible deployment configurations Multiple appliances can be distributed to key control points in the Provider network or centrally combined in 1 RU shelves in various configurations. Your First Line of Defense AGAINST DDOS ATTACKS The Corero SmartWall provides First Line of Defense protection against DDoS attacks and cyber threats. It delivers the industry s highest performance in a compact, energy efficient form factor for scalability in 10/20Gbps up to 2Tbps in a single rack. Disruptions to Internet-facing online services can cripple operations, impact customers and result in major economic losses. The SmartWall is an intelligent, always on platform that inspects traffic, detects threats and blocks attacks against protected network resources. It allows Enterprises, Service Providers, Hosting Providers, and Managed Security Service Providers (MSSPs) to deploy centralized or distributed threat defense solutions via purpose-built network security appliances that provide advanced Layer 3-7 cyber threat protection. The SmartWall provides continuous visibility and security policy enforcement so that organizations can establish a proactive First Line of Defense for inspecting traffic, detecting threats and blocking attacks. It is capable of mitigating a wide range of DDoS attacks (including volumetric, multi-vector, layers 3-7, etc.) and cyber threats while maintaining full service connectivity and availability to avoid degrading the delivery of legitimate traffic. In addition, Service Providers and Hosting Providers can leverage scaleas-you-grow deployments of SmartWall s to create incremental service revenue streams by offering high-value DDoS and cyber threat protection services to their enterprise or hosted customers. This next-generation slimline appliance delivers 10Gbps full-duplex or 20Gbps unidirectional performance in a ¼ wide, 1 RU form factor. It is a member of the Corero SmartWall Threat Threat Defense System (TDS), an innovative family of space-saving, modular security platforms that will FEATURED PRODUCT change the rules for inspection performance, security intelligence and performance in a 1/4 wide, 10Gbps full-duplex or 20Gbps unidirectional network forensics, while providing 1 RU form factor with scalability from an unprecedented level of scalability 10/20Gbps up to 2Tbps in a single rack for First Line of Defense protection 20Gbps against cyber threats. ROBUST SECURITY COVERAGE The SmartWall Network Threat Defense Appliance provides comprehensive network security protection against layers 3-7 DDoS attacks and cyber-threats for both IPv4 and IPv6 traffic. It leverages the Corero award-winning DDoS defense technology to deliver non-disruptive, always on protection against the 80Gbps SmartWall Threat Defense System 320Gbps

ROBUST SECURITY COVERAGE (cont.) constantly evolving threat landscape. This ground breaking appliance provides configurable policies to selectively enable a broad range of specific protection mechanisms to defend critical network assets against suspicious or malicious traffic types while allowing uninterrupted service access to legitimate users and applications. The SmartWall TDS also utilizes the concepts of Flex-Rule and Smart-Rule technology to apply granular detecting and blocking filters to a very specific attack with ease. These rules, leverage heuristic and closed loop policy, allow for rapid creation and deployment, thereby providing customers with the ability to respond rapidly to the evolving nature of sophisticated DDoS attacks. You can also configure protection against known suspicious or malicious IP addresses with the Corero ReputationWatch service which receives the latest intelligence data on potential sources of cyber criminal activity. ReputationWatch continuously leverages global threat feeds to determine the current IP reputation of incoming traffic. Granular policy options can be selected to automatically monitor or block access from malicious sources such as botnets or DDoS attackers. ReputationWatch also supports country-based protection policies using SmartWall geolocation technology which allows you to control access, based on the reported national origin of an IP address. The geolocation capability lets you define policies to alert, limit or exclude traffic from countries that you do not need to connect with, or from countries associated with a high risk of potential attack. The SmartWall supports both symmetric and asymmetric traffic inspection to support flexible network deployment options. First Line of Defense DEPLOYMENT OPTIONS The SmartWall can be deployed to protect both infrastructure and cloud resources. INDUSTRY-LEADING SCALABILITY & PERFORMANCE The SmartWall offers new levels of scalability and performance in a compact and energyefficient platform. Each appliance provides dynamic threat level tracking of up to 16 million Internet based IP addresses and their associated flows. Protection is provided through configurable acceptable access policies supporting packet and connection rate limiting, reputation and geolocation checks, server and service connection limits, protocol checks, as well as blacklist, whitelist and temporary shun list enforcement. This high-performance platform is designed to maintain 10Gbps full-duplex or 20Gbps unidirectional throughput (pre appliance), even while under attack. Each appliance offers flow-based inspection of up to 10 million flows and can setup one million new flows per second. Traffic inspection can be performed in monitor or inline modes with under 0.5 microseconds of latency. 2

INDUSTRY-LEADING SCALABILITY & PERFORMANCE (cont.) The modular architecture of the SmartWall enables cost-effective scaling in increments up to 20Gbps, as bandwidth, flow table and inspection requirements increase. Four appliances can be deployed in a single 1 RU shelf to deliver a combined 40Gbps full-duplex or 80Gbps unidirectional throughput or up to four times the 20Gbps inspection rate for four times the number of IP addresses. 4 RUs of appliances can deliver 160Gbps of full-duplex or 320Gbps unidirectional throughput. T TURN-KEY VISIBILITY INTO DDOS ATTACKS Leveraging Splunk software for big data analytics and advanced visualization capabilities, Corero has transformed its sophisticated security event data into dashboards of actionable security intelligence, accessible via Corero SecureWatch Analytics. Real-time security engineered dashboards accessible via the Corero SecureWatch Portal, or via Splunk Apps http://apps. splunk.com/app/1835/ provide never-before-seen visibility into an organization s network and security activity for rapid response in combating these threats. Additionally, SecureWatch Analytics supports archived security event data to enable forensic analysis of past threats and compliance reporting of security activity. SecureWatch Analytics can also be leveraged as a comprehensive virtual Security Operations Center (SOC) by Corero partners to deliver new revenue streams in the form of managed security services to the enterprise, such as 24x7 monitoring, alerting and reporting. COMPREHENSIVE VISIBILITY GREEN, ENERGY-EFFICIENT PLATFORM Compact packaging provides the best performance to size and power ratio in the industry. This green, energy-efficient design with front-to-back cooling fully supports economic and environmental initiatives to reduce rack space and cut back on cooling and electrical requirements. POWERFUL CENTRALIZED MANAGEMENT SecureWatch Analytics provides turn-key visibility into DDoS attacks for quick and actionable diagnosis as well as proactive reporting and analysis. Each unit has a dedicated management port and is assigned a unique IP address. Centralized operational management of multiple appliances minimizes IT overhead, speeds deployments and streamlines provisioning. Corero offers multiple management options for configuring, controlling, and monitoring the appliances including a flexible Browser-based GUI, a full SSH CLI and powerful REST API that supports open integration with existing management frameworks. Centralized management of the SmartWall Threat Defense System is performed via secure connection to the Corero Management Server (CMS). The CMS includes a dashboard for monitoring threat activity and viewing key security events. The CMS is delivered as a virtual appliance to run on customer-provided hardware. The SmartWall provides seamless integration with Security Information and Event Management (SIEM) and Operational Intelligence solutions, such as Splunk. FLEXIBLE DEPLOYMENT CONFIGURATIONS A single appliance can be deployed in a standalone configuration to provide 10Gbps full-duplex or 20Gbps unidirectional performance, multiple SmartWall s can be distributed to key control points in the Provider network or centrally combined in 1 RU shelves in various high throughput configurations. The modular design enables rapid, flexible and expandable deployments, and lowers your risk by limiting your investments to match your current requirements while allowing you to add capacity as your needs grow. Redundant or hot-standby SmartWall s can be deployed in high-availability configurations to provide backup protection in up to 20Gbps increments. Multiple appliances can also be deployed in dynamic load-balanced configurations to accommodate peak period demands. 3

SECURITY COVERAGE Category of Attack Type Volumetric DDoS Reflective DDoS Resource Exhaustion Other Attack Coverage TCP Flood Attacks HTTP GET/POST Floods UDP Flood Attacks UDP Fragmentation Attacks ICMP Floods NTP Monlist Response Amplification SSDP/UPnP Responses SNMP Inbound Responses Chargen Responses Smurf Attack Fraggle Attack DNS DNS Amplification Malformed and Truncated Packets (e.g. UDP Bombs) IP Fragmentation/Segmentation AETs Invalid TCP Segment IDs Bad checksums and illegal flags in TCP/UDP frames Invalid TCP/UDP port numbers Use of reserved IP addresses Slow HTTP requests (from tools like Slowloris, RUDY, Slowread) Command and Control Operations Tunnel Inspection (GRE, MPLS etc.) GRE, MPLS etc. NTP Monlist Requests Whitelisting Known malicious IP Addresses (botnets, scanners, anonymization services, phishing sites, spammers) Customized Protection with IP Reputation and Geolocation Policies Blacklisting of IP Addresses Port address range filters (provides protection for generic TCP/UDP port based attacks) Rate Limiting Policies Flex-Rule Programmable filters based on the Berkley Packet Format (BPF) syntax. These can be programmed to address a variety of attack categories volumetric, reflective through to attacks leveraging specific payloads (Teamspeak, RIPv1, netbios). Smart-Rule Heuristics based engine leverages heuristics and behavioral analysis to track and rate limit L1-L4 attacks TECHNICAL SPECIFICATIONS Order Part Number Regulatory Model Number 6000-10 Interfaces Copper 10/100/1000 Ethernet Ports Pluggable 1G and 10G Ethernet Ports (SFP and SFP+ Modules) SmartWall 1 MGMT Other Ports (Serial Console, Authentication Service) 1 USB 2.0 Performance Maximum Throughput (Gbps) Maximum Throughput (Packets Per Second) MTU Performance Max PDU 9100 Jumbo Frames Typical Latency 1 Typical Inspected Latency 1 Maximum Concurrent Sessions Maximum Session Setup/Teardown Maximum SYN Flood DoS Protection Rate 4 10 Gbps full-duplex or 20 Gbps unidirectional (1 Gbps when deployed with 1G SFP modules) 30 Mpps (3 Mpps when deployed with 1G SFP modules) Line rate, 10 Gbps 30 Mpps Yes <0.5uS < 60 usec 16 Million 1 Million/Sec Line-rate 4

TECHNICAL SPECIFICATIONS (cont.) Attack Reaction Time IP Reputation / Geolocation lookups per second IP Addresses Blocked/Shunned Per Second Maximum Number of TCP Connections/ UDP flows Device Management Management Interfaces Management Station Management Options Command Line Web-Based Programmatic API Management Protocols for Monitoring Software Upgrade Mechanism Security Dashboards Reporting and 3 rd -Party Management Authentication Mechanisms Physical/Environmental Size Weight < 3 seconds 1 Million/Sec 1 Typical latency values measured for packet sizes up to 1518 bytes *Available Q4 2015 ABOUT CORERO NETWORK SECURITY Corero Network Security, an organization s First Line of Defense against DDoS attacks and cyber threats, is a pioneer in global network security. Corero products and services provide online enterprises, service providers, hosting providers, and Managed Security Service Providers with an additional layer of security capable of inspecting Internet traffic and enforcing real-time access and monitoring policies designed to match the needs of the protected business. Corero technology enhances any defense-in-depth security architecture with a scalable, flexible and responsive defense against DDoS attacks and cyber threats before they reach the targeted IT infrastructure allowing online services to perform as intended. For more information, visit www.corero.com. Corporate Headquarters EMEA Headquarters 1 Cabot Road Regus House, Highbridge, Oxford Road Hudson, MA 01749 USA Uxbridge, England Phone: +1.978.212.1500 UB8 1HR, UK Web: www.corero.com Phone: +44.0.1895.876579 15 Million/Sec blocked, 1 Million/Sec shunned 16 Million 1 10/100/1000 Management Port Virtual Machine Deployable in VMware-capable environments GUI, Command Line, Programmatic API (RestAPI) SSH Access Through the Management Station HTTP/HTTPS Access Through the Management Station JSON-Based REST API Through the Management Station SNMP v2/v3* Standard MIB GETs, SYSLOG Remotely Upgradeable Image and Configuration Stored on Internal SSD Link utilization (Gbps/PPS), Attack targets, Attack vectors, Alerts, Detailed drilldowns, Top IPs/Ports/TTLs/Packet Sizes, Export to PCAP Security events and sflow data available in a standard SYSLOG format and via a REST API for SIEM integration. Full integration supported with Splunk Enterprise and available as an app at https://apps.splunk.com/app/1835/ Role-Based Access Control (Active Directory, RADIUS and LDAP) 1-RU 4.0cm (H) x 10.8 cm (W) x 60.4cm (D) 3.6 Kgs (7.9 lbs.) Operating Temperature 0 C to 40 C (32 F to 104 F) Storage Temperature -25 C to 70 C (-13 F to 158 F) Humidity 5% to 95% Non-Condensing MTBF Rating Operating Altitude Tamper Protection Power & Cooling Power Feeds AC Input DC* Input >100,000 Hours (25 deg. C Ambient) 0-10,000 Feet Maximum Power Consumption <150W Cooling Compliance & Approvals Compliance to EMC Emissions Tamper-Evident Seal Single AC and DC* support, DC supports dual A/B feeds 100 to 240 VAC Auto-Ranging, 50-60Hz -75 to -40V DC Internal N+1 Fans FCC Part 15-7.10.2008, EN55022: 2006+A1: 2007, CISPRR 22:2005+A1+A2:2005, VCCI-3 2009.04, AS/NZS CISPR22:2006, EN 61000-3-2:2006, EN61000-3-3:1995 +A1:2001+A2:2005, EN61000-3- 11:2000, EN 61000-3-12:2005 Version: 18-Nov-2015 Copyright 2015 Corero Network Security, Inc. All rights reserved. 867-5309-005 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback