Data Sheet. DPtech Anti-DDoS Series. Overview. Series

Similar documents
Data Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features

Data Sheet. DPtech FW1000 Series Firewall. Overview

Data Sheet. DPtech FW1000 Series Firewall. Overview

DPX19000 Next Generation Cloud-Ready Service Core Platform

NIP6000 Next-Generation Intrusion Prevention System

DPX17000 Deep Service Core Switch

Check Point DDoS Protector Introduction

SecBlade Firewall Cards Attack Protection Configuration Example

Table of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1

A10 DDOS PROTECTION CLOUD

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks

Eudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.

HUAWEI TECHNOLOGIES CO., LTD. HUAWEI Secospace USG2000&5000 Datasheet

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1

Corrigendum 3. Tender Number: 10/ dated

ISG-600 Cloud Gateway

LSW GP8GC: 24 SFP Gigabit ports, 8 10/100/1000 BASE-T Ethernet ports (Combo) and two

RUGE. Rugged IP load generator (Ruge) Ruge gives your network a serious beating. Just to make sure it does not fail when it is time to go live.

AXILSPOT 48-Port 10-Gigabit L3 Managed Switch AS-MT48-L3

Distributed Denial of Service

Fregata. DDoS Mitigation Solution. Technical Specifications & Datasheet 1G-5G

Attack Prevention Technology White Paper

LSW6600 are the industry's highest performance 1U stackable data center switch, featuring with 1.28Tbps

Datasheet. Gigabit Routers with SFP. Models: ER-4, ER-6P. Sophisticated Routing Features. Next-Generation Price/Performance Value

Network Security. Thierry Sans

Cisco ASA 5500 Series IPS Solution

Datasheet. Gigabit Router with SFP. Models: ER-4. Sophisticated Routing Features. Next-Generation Price/Performance Value. SFP Port for Fiber Uplink

Datasheet. 8-Port 10G SFP+ Router. Model: ER-8-XG. 80 Gbps Aggregate Throughput. 10G Ethernet SFP+ Ports. Hot-Swappable Modular Power Supplies

The DPtech LSW3600-SI series switches include the following models: LSW T2GC-SI: 24 10/100 BASE-T Ethernet ports, 2 Gigabit SFP ports (Combo).

Datasheet. S TF-2QF L3 Full Routing Switch 24-port 10G SFP+ Datasheet. Shenzhen TG-NET Botone Technology Co., Ltd.

USG2110 Unified Security Gateways

THUNDER TPS Next-generation DDoS Protection

SmartWall Threat Defense System - NTD1100

Mitigating Outgoing Spam, DoS/DDoS Attacks and Other Security Threats

McAfee Network Security Platform

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

McAfee Network Security Platform

Huawei NIP2000/5000 Intrusion Prevention System

Chapter 10: Denial-of-Services

DATASHEET. Advanced 6-Port Gigabit VPN Network Router. Model: ER-6. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Systrome Next Gen Firewalls

Network Security Monitoring with Flow Data

Anti-DDoS. User Guide (Paris) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

Next-Generation Firewall Series Datasheet

Eudemon8000E-X Series

Flow-based Traffic Visibility

Huawei Enterprise S6700 Series 10G Switches

Hillstone E-Series Next-Generation Firewall

H3C SecPath Series High-End Firewalls

Securing Online Businesses Against SSL-based DDoS Attacks. Whitepaper

Chapter 7. Denial of Service Attacks

Anti-DDoS. User Guide. Issue 05 Date

Venusense UTM Introduction


User s Manual. How to configure and use FortGuard Professional Anti-DDoS Firewall

Appliance Comparison Chart

S4600-SI Series L2 Gigabits Dual Stack Intelligent Switch Datasheet

Eudemon200E-X Series Unified Security Gateway

Insight Guide into Securing your Connectivity

Huawei Enterprise S2700 Series Switches

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016

It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security

HP High-End Firewalls

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

Quidway S2700 Series Enterprise Switches

PrepKing. PrepKing

Comprehensive datacenter protection

H3C SecPath Series Firewalls and UTM Devices

S5700-EI Series Gigabit Enterprise Switches

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

DDoS Mitigation & Case Study Ministry of Finance

ZXR A Series L3 Intelligent Ethernet Switch

CSE 565 Computer Security Fall 2018

XS26DS. L2/L3 10 G Optic Fiber Aggregation Switches. Features. Overview. XS26DS L3 10 G Optic Fiber Aggregation Switches

Appliance Comparison Chart

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:

Copyright Huawei Technologies Co., Ltd All rights reserved. Trademark Notice General Disclaimer

Network protection against DoS/DDoS attacks

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.

Item ATS T ATS T-POE ATS T 26x10/100/ x10/100/ x10/100/1000 Base-T Base-T

EFFECTIVE SERVICE PROVIDER DDOS PROTECTION THAT SAVES DOLLARS AND MAKES SENSE

S5750E-SI Series L3 Lite Gigabits Dual Stack Intelligent Switch Datasheet

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Cisco Traffic Anomaly Detector Module

DPtech IPS2000 Series Intrusion Prevention System User Configuration Guide v1.0

DATA SHEET MODEL AXC1000 HIGHLIGHTS OVERVIEW. Redefining Enterprise Wireless Management

Inline DDoS Protection versus Scrubbing Center Solutions. Solution Brief

Clean Pipe Solution 2.0

S5750E-SI Series L3 Lite Gigabits Dual Stack Intelligent Switch Datasheet

Huawei S6700 Series Switches Product Brochure

TABLE OF CONTENTS. Section Description Page

Driving Network Visibility

H3C S5130S-LI Gigabit Access & 10G Uplink Switch Series

DDoS Detection&Mitigation: Radware Solution

IxLoad-Attack TM : Network Security Testing

Data Sheet. DPX8000 Series Deep Service Switch Gateway. Product

Transcription:

Data Sheet DPtech Anti-DDoS Series DPtech Anti-DDoS Series Overview DoS (Denial of Service) leverage various service requests to exhaust victims system resources, causing the victim to deny service to its customers. DDoS (Distributed Denial of Service) grows rapidly with the rise of botnet, featuring with simple attack methods, great influence and difficulties in trace. Botnet consists of thousands of hijacked computers and provides bandwidth and hosts for DDoS attacks, it will forms a large attack scale and a significant amount of network flows, causing great harm to victims. With the continuous improvement and development of DDoS attack technology, service providers like ISP, ICP, IDC and etc face increasing security and operation challenges. In order to ensure normal network and service operation, service providers must inspect and clean flows before DDoS attacks influence key services and applications. Meanwhile, service providers can make probe and cleaning of DDoS attack flows as a kind of value-added service and get better user satisfaction. Traditional DDoS defense methods use devices based on network layer inspection like firewall, router and etc. But most DDoS attacks adopt with standard protocols during attack, traditional defense methods cannot correctly identify and protect. Meanwhile, firewall and router are not designed for DDoS attack defense. Therefore, it will suffer significant performance degradation and cannot work properly once this feature enables. To solve these technical problems, DPtech releases professional Anti-DDoS Series products against DDoS attacks, which include anomalous flows inspection(probe), anomalous flows cleaning (Guard) and anomalous flows cleaning service management platform. DPtech Anti-DDoS Series products use industry-leading technologies like Parallel Flows Filtering technology, Intelligent Flows Probe technology and able to find all kinds of DDoS threats in the network timely. It allow us to implement fast filtering of attack flows, thus to protect WAN, IDC, etc against massive DDoS attacks effectively. A single-machine processing capability can reach 12Gbps. Series The following are the DPtech Anti-DDoS series product s portfolio. Guard3000-Blade-EI Guard3000-Blade-NI Guard3000-Blade-A Page 1 of 6

Guard3000-TS Guard3000-GE Guard3000-GA Probe3000-Blade-AI Probe3000-TS Probe3000-GE Features Efficient Flows Probe and Cleaning Technology DPtech Anti-DDoS Series not only supports Deep Packet Inspection (DPI), but also analyzes NetFlow / NetStream / SFlow information (DFI) outputted by network devices, thus to deeply identify attack packets hidden in background flows and implement accurate flows identification and cleaning. It adopts advanced distributed multi-core hardware structure and implements multi-device cluster, thus to create over 10 Gigabit anomalous flows cleaning platform. High Availability DPtech Anti-DDoS Series adopts inline or one-arm deployment to defend against DDoS attacks. When adopting one-arm deployment, it implements cleaning on required flows without influences on normal flows in any case. In order to satisfy various networking applications, good adaptability of network protocols supports network layer protocols like ARP, VLAN, Link aggregation, etc. and routing protocols like static route, RIP, OSPF, BGP, policy routing, etc. It supports real-time cleaning on threat flows under online deployment. Multi-layer Security Protection Through static vulnerability attack signature inspection, dynamic rules filtering, anomalous flows rate-limiting and advanced Intelligent Flows Inspection technology, DPtech Anti-DDoS Series implements multi-layer security protection, inspects and blocks various DoS/DDoS attacks and unknown malicious flows at network layer and application layer accurately, such as SYN Flood, UDP Flood, ICMP Flood, DNS Query Flood, HTTP Get Flood, CC attack and etc. Automatic Flows Redirection and Flexible Flows Reinjection When finding DDoS attacks, anomalous flows cleaning device issues BGP updating route advertisement to neighbor s router or switch, redirect victim s flows to DPtech anomalous flows product and cleans them automatically and rapidly. Meanwhile, anomalous flows cleaning product returns clean flows back to users through various methods, such as policy routing, MPLS VPN, GRE VPN, Layer2 pass-through, etc without influences user s normal service flows. Detailed Analysis on Statistical Report Page 2 of 6

For various flows after inspection and cleaning, DPtech Anti-DDoS Series provides rich attack logs and report statistics features for users to understand network flows state, such as flows information before attack, flows information after cleaning, attack flows scale, time and order, etc., and all kinds of detailed report information like attack trend analysis, etc. Typical Model One-arm Deployment: High reliability, inspection Inline Deployment: Simple deployment and cleaning can be deployed centrally and separately without Anomalous Flows Inspection at core layer or convergence layer of service provides device (Probe). MAN, or data center egresses. Specification Table 1 Lists the Hardware Features and Performance of DPtech Probe3000 series Item Probe3000-GE Probe3000-TS Probe3000-Blade-AI Interface 8Combo, 16xGE SFP 8xGE SFP, 8xGE Slot 2 2 - CF Card 2GB 2GB 2GB DDR SDRAM 8GB 16GB 16GB 12xGE, 12xGE SFP,2x10GE SFP+ Page 3 of 6

Item Probe3000-GE Probe3000-TS Probe3000-Blade-AI Dimensions (W D H) 436x470x44 mm 436x470x88.8 mm Blade Type Power Supply 2 2 - Rated Voltage Max Current 100-240VAC; 1.8A 100-240VAC; 1.8A - Max Power Consumption 300 W 300 W 150w MTBF 36 years 36 years 36 years Operating Temperature Relative Humidity 10% to 95% 10% to 95% 10% to 95% Weight 8 kg 10 kg - Throughput 2Gbps 5Gbps 5Gbps Concurrent Connections 1,500,000 2,000,000 2,000,000 New Connections per Second 150,000 180,000 180,000 Table 2 Lists the Hardware Features and Performance of DPtech Guard3000 series Item Guard3000-GA Guard3000-GE Guard3000-TS Interface 4xGE SFP, 4xGE 8Combo, 16xGE SFP 4x10GE SFP+, 4xGE Comboo Slot 2 slot 2 slot 4 slot CF Card 1GB 2GB 2GB DDR SDRAM 2GB 8GB 16GB Dimensions (W D H) 430x261x44 mm 436x360x44 mm 436x510x88 mm Power Supply 2 2 2 Rated Voltage Max Current 100-240VAC; 1.5A 100-240VAC; 1.8A 100-240VAC; 1.8A Max Power Consumption 150 W 150 W 300 W MTBF 36 years 36 years 36 years Operating Temperature Relative Humidity 10% to 95% 10% to 95% 10% to 95% Weight 3.1 kg 8 kg 10 kg Throughput 3Gbps 6Gbps 10Gbps Page 4 of 6

Item Guard3000-GA Guard3000-GE Guard3000-TS Concurrent Connections 3,000,000 3,000,000 8,000,000 New Connections per Second 40,000 150,000 300,000 Item Guard3000-Blade-A Guard3000-Blade-NI Guard3000-Blade-EI Interface 12GE, 12xGE SFP, 2x10GE SFP+ 12xGE SFP, 4x10GE SFP+ 12xGE Combo, 4x10GE SFP+ Slot - - - CF Card 2GB 2GB 2GB DDR SDRAM 8GB 8GB 8GB Dimensions (W D H) Blade Type Blade Type Blade Type Power Supply - - - Rated Voltage Max Current - - - Max Power Consumption - - - MTBF 36 years 36 years 36 years Operating Temperature - - - Relative Humidity - - - Weight - - - Throughput 10Gbps 20Gbps 40Gbps Concurrent Connections 8,000,000 20,000,000 25,000,000 New Connections per Second 300,000 500,000 600,000 Table 3 Lists the Feature of DPtech Anti-DDoS series Item Description Deployment One-arm deployment and inline deployment Attacks CC attack, DNS Query Flood, SYN Flood, UDP Flood, ICMP Flood, HTTP Get Flood, Land, Smurf, Fraggle, WinNuke, Ping of Death, Tear Drop, TCP flag anomaly, address scanning, port scanning and etc Inspection NetFlow/ NetStream/ SFlow protocol based deep flows inspection method (DFI) Page 5 of 6

Item Description Deep Packet Inspection (DPI) Redirection BGP redirection Clean Flows Reinjection Policy routing, MPLS VPN, GRE VPN, two layers pass-through and etc Management Web GUI, SSH and serial port console Centralized management platform Ordering Information Hardware List Model Model Description Remarks Probe3000-GE DPtech Probe3000-GE Double AC Power Host Required Probe3000-TS DPtech Probe3000-TS Double AC Power Host Required Probe3000-Blade-A DPtech Probe3000-Blade-A Service Module Required Guard3000-GA DPtech Guard3000-GA Double AC Power Host Required Guard3000-GE DPtech Guard3000-GE Double AC Power Host Required Guard3000-TS DPtech Guard3000-TS Double AC Power Host Required Guard3000-Blade-A DPtech Guard3000-Blade-A Service Module Required Guard3000-Blade-NI DPtech Guard3000-Blade-NI Service Module Required Guard3000-Blade-EI DPtech Guard3000-Blade-EI Service Module Required Unified Management Center Model Model Description Remarks SW-UMC-PLAT UMC Management Platform Software Required LIS-UMC-GuardM DPtech UMC Guard Manager License Required Copyright@2013 Hangzhou DPtech Technologies Co., Ltd. All rights reserved. Statement: DPtech attempts to provide the accurate information for users, but they cannot take any responsibility for the technical error or print mistake, DPtech has all rights to modify the document without any notify or information. Page 6 of 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback