If you’re doing research about DDoS protection solutions there are many choices out there, and it can be challenging to find the solution that best fits your organization. Scrubbing service solutions can be expensive, simply because if you’re suddenly hit with a volumetric DDoS attack you’d be surprised how much it costs to mitigate that attack; the bigger the attack, the more the service costs, and it’s impossible to predict the size of an attack. These solutions also usually require human intervention to notice a DDoS attack; this adds latency to the remediation process. The average time that it takes from detection to mitigation in a scrubbing center is 30 minutes, but by that time a hacker may have already infiltrated your network with malware, or conducted a security breach.
You may be considering a cloud-based mitigation/scrubbing service, but that cannot fully protect your network against all DDoS attacks; it protects against only large, volumetric attacks, and fails to provide adequate protection against low and slow application layer attacks. Hackers increasingly use sophisticated, low-threshold attacks that evade cloud-based scrubbing; to protect against such attacks requires granular analysis to customize filters and block attacks.
Alternatively, an on-premises solution, such as the Corero SmartWall® Threat Defense System (TDS), is a wise choice for those who want the best value for total cost of ownership (TCO).
Elements of the SmartWall® TDS
The SmartWall TDS is a family of DDoS mitigation hardware appliances that eliminate cyber threats in real-time. There are four components: the SmartWall appliance, SmartWall Network Bypass Appliance, the Corero Management Server (CMS) and SecureWatch® Analytics. Below is a brief summary of each component.
- The SmartWall is a slim-line DDoS protection appliance capable of mitigating a wide range of DDoS attacks, while maintaining full connectivity to avoid disrupting the delivery of legitimate traffic. It is designed to handle large network-based DDoS attacks or floods, reflective amplified spoof attacks, as well as application layer attacks that are typically too low to be detected by out-of-band solutions. It delivers 10Gbps full-duplex or 20Gbps unidirectional performance in a ¼ wide, 1 RU form factor. 1 RU delivers up to 80Gbps, and 4 RU delivers up to 320Gbps. It also allows for 24/7 visibility into DDoS attacks at layers 3 thru 7 for both IPv4 and IPv6 traffic.
- The SmartWall Network Bypass Appliance has network bypass functionality, and with it organizations can ensure 100% network connectivity and eliminate downtime in case of power or equipment failures and during maintenance. Network availability is the key to maintaining a constant Internet presence.
- The Corero Management Server (CMS) offers centralized management of the SmartWall hardware family; it allows multiple management options for configuring, controlling, and monitoring the appliances, including a flexible Browser-based GUI, a full SSH CLI and powerful REST API that supports open integration with existing management frameworks. The CMS includes a dashboard for monitoring threat activity and viewing key security events. The CMS is delivered as a virtual appliance to run on customer-provided hardware.
- Corero SecureWatch® Analytics is included with the purchase of SmartWall TDS hardware, which seamlessly integrates with a variety of Security Information and Event Management (SIEM) and Operational Intelligence solutions, such as Splunk. Corero leverages Splunk software for big data analytics and visualization capabilities that together transform security event data into sophisticated dashboards. The advanced security data and dashboards are accessible via Corero SecureWatch® Analytics portal. Organizations can utilize this portal as a window into DDoS attacks and cyber threats targeting their Internet-facing services.
The SmartWall TDS hardware and analytics deliver comprehensive DDoS protection in rapidly scalable deployments for higher performance, greater connectivity and broader functionality than legacy DDoS defenses. They can, if desired, be paired with a cloud-based DDoS mitigation service.
For more information about Corero’s DDoS threat protection solutions, please contact us.