DDoS Protection Innovation in Corero’s Latest SmartWall® Release


When looking for a distributed denial of service (DDoS) protection solution, the choices may seem overwhelming. Should you choose an on-premises solution? A cloud-based service? Or, a hybrid combination of the two? Maybe, you should just get DDoS protection from your service provider? The answers to these questions depend largely on your organization’s risk tolerance, requirements around business continuity, record of past DDoS attacks and, of course, how the rapidly evolving DDoS threat landscape affects your business now, and into the future.

What to look for in a DDoS mitigation solution

Organizations should ideally look for a solution that is always-on, automatic, scalable, and easy to deploy, with excellent customer support, especially if they are averse to risk and have stringent requirements around business continuity. On-demand cloud scrubbing services can be useful as a backup, for the small amount of attacks that are large enough to exceed the available link capacity. However, they should not be relied upon as during the time period it usually takes them to swing the impacted traffic and engage mitigation most of the damage is typically already done. Any solution that depends heavily on human security analyst intervention should also be avoided; even the most experienced security analysts cannot possibly observe, catch or keep up with every DDoS event, especially with the cybercriminals’ increasing use of multiple dynamic DDoS vectors in a single attack.

Better visibility, accuracy, and effectivity

The latest release of our SmartWall® Threat Defense System (TDS) should be good news to anyone shopping for a new DDoS mitigation solution, because it represents significant improvements to a solution that already delivered industry-leading speed and accuracy of protection. For example, in response to the increasing sophistication of DDoS attacks, including the latest Botnet flood and Spectrum attacks, our engineering team has delivered innovative new protection mechanisms to distinguish legitimate from suspicious traffic sources. This includes further enhancements to our patented Smart-Rules, which leverage heuristics and closed-loop policy for rapid creation and deployment of filters that surgically drop DDoS packets, thereby enabling organizations to remain protected from the rapidly evolving nature of modern DDoS attacks.

SmartWall TDS also now offers a simple new way for its comprehensive visibility and protection to be enhanced, without the need for a software upgrade.  The new plug-in capability enables additional threat and traffic intelligence and policy capabilities to be added on the fly to a running SmartWall system, because comprehensive visibility is essential not only to quickly combat DDoS threats but also to enable compliance reporting and forensic analysis of past threats.

Price-performance has always been a strong point for Corero, but this release takes it to another level, especially for customers wanting to migrate to 100G Internet connectivity, including the ability to deploy up to a Terabit of protection, in just 5RU of rack space. The latest enhancements also deliver integrated link protection for devices that are deployed always-on, inline, with incoming traffic, as well as in-service software updates for increased network uptime and resilience. If your organization is interested in a Proof of Value evaluation to experience the benefits of this SmartWall TDS release for yourselves, then contact us.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here.  If you’d like to learn more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.