CURRENT THREAT SCENARIO
The recent distributed denial of service (DDoS) attacks, undertaken by supporters of the Wikileaks website targeting businesses including Mastercard, the Swedish Prosecutors office, Swiss PostFinance bank, Visa and Amazon, were said to be in response to perceived compliance with political pressures. The Anonymous group, who perpetrated the “Operation Payback” attacks, harnessed social networking mechanisms to engage in “cyber-retaliation.” Although the attacks were executed via relatively simplistic coordination mechanisms, the resulting impacts were significant. These multi-faceted attacks were hard to defend against as they took advantage of advanced high volume DDoS techniques and hit multiple targets within the assaulted sites simultaneously. In almost every case, the attack overwhelmed the targets even if they had “business appropriate” protection in place. Radware believes there is a clear need to complement network security technologies - such as behavioral analysis – with expert consultancy services to analyze attacks and evolve defense techniques that protect businesses against future attacks. Throughout the attacks, the businesses protected by Radware’s attack mitigation technology – those employing DefensePro – were able to maintain business continuity with no significant impact to on-line services. What we are now able to see are the characteristics of an emerging form of social networking architected attacks. Some initial observations about the attacks: (1) Cyber-retaliation by social networks is a new and significant threat, (2) social media networks are a viable mechanism for the distribution of malicious attack tools, (3) attacks will be generated by new previously unidentified attackers – no pre-existing profiles, (4) bundled, multi-layered DDoS attack structures are being used, and (5) attack scalability is unpredictable but potentially extremely large and from any number of locations.
WHAT DOES THIS TECHNOLOGY DO?
Radware’s APSolute Attack Prevention offering is an all-inclusive attack mitigation solution, integrating different tools/modules, plus management and reporting, which work in a synchronized manner to detect and prevent hybrid threats. The key elements include: DefensePro®: a real-time, all-in-one attack prevention and detection appliance combining an Intrusion Prevention System (IPS), Network Behavioral Analysis (NBA), Denial of Service (DoS) protection and Reputation Services to protect application infrastructure against network and application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft and other emerging network attacks; APSolute Vision™: a unified management system providing monitoring, forensics and reporting; and the Emergency Response Team (ERT): a security expert offering immediate, hands-on assistance. Specifically, DefensePro features full protection against vulnerability-based threats through proactive signature updates, which safeguard against already known attacks including worms, Trojans, Bots, SSL-based attacks and VoIP threats. Its behavioral-based signature technology detects and mitigates emerging network attacks in real-time, such as zero-minute attacks, DoS/DDoS attacks, application misuse attacks, network scanning and malware spread. DefensePro accomplishes this without blocking legitimate user traffic and without the need for human intervention. It is further strengthened with an integrated reputation engine that automatically receives real-time feeds from 3rd party reputation sources - each one with its own network security specialty and focus - complementing Radware's existing attack prevention capabilities and research team. This reputation engine forms the foundation for receiving online feeds from research centers that specialize in several security areas including but not limited to online fraud, website reputation, anti-Spam and anti-Bot.
One key distinguishing factor between DefensePro and competitive products is that DefensePro is based on Radware’s OnDemand Switch® to support network throughputs of up to 12Gbps per platform. It embeds two unique and dedicated hardware components: a DoS Mitigation Engine (DME) to prevent high volume DoS/DDoS flood attacks - without impacting legitimate traffic– and a StringMatch Engine (SME) to accelerate signature detection. Further, DefensePro received the coveted “Recommend” rating from NSS Labs, a leading independent security product testing organization. Throughout a comprehensive evaluation, DefensePro repeatedly showcased its ability to protect networks under low and “stealthy” as well as high rate attack, while maintaining high levels of performance.
Radware is the only networking company to offer an industry first attack prevention system – under the APSolute umbrella – that connects several defenses together, allowing them to work synchronously and provide network and data center infrastructures with comprehensive protection from hybrid network attacks that pose threats such: application vulnerability, information theft, authentication defeat, malware spread, network anomalies, application downtime, network downtime, and more. Designed for ecommerce, service providers and large enterprises, the APSolute Attack Prevention system is an all-inclusive attack mitigation solution, integrating different tools/modules, plus management and reporting, which need to work in a synchronized manner to best detect and prevent hybrid threats. The key elements of this solution include: DefensePro; an enhanced version of the award-winning network security solution; APSolute Vision, a new unified management system providing monitoring, forensics and reporting; and is rounded out with a new Emergency Response Team (ERT) service, a security expert offering for immediate, hands-on assistance.
575 Corporate Drive
Mahwah, NJ 07430
Tel: +1 (201) 512-9771U.S.
Toll Free: 1 (888) 234-5763
Fax: +1 (201) 512-9774