Corero SmartWall Threat Defense System


What is the Corero SmartWall Threat Defense System?

The Corero SmartWall Threat Defense System (TDS) is a centrally managed family of appliances that eliminate Distributed Denial of Service (DDoS) threats, in real-time, while allowing legitimate traffic to pass uninterrupted:

  • SmartWall Network Threat Defense appliance: Detection and mitigation for the widest range of DDoS attacks; all while maintaining 10 Gigabit, full-duplex, line-rate throughput to avoid disrupting the delivery of legitimate traffic. And designed specifically to handle network-based DDoS attacks of all sizes, from fully saturating extended-duration attacks, to the latest breed of sub-saturating surgically crafted attacks, including; protocol floods and reflective amplified spoof attacks, as well as application layer attacks that are typically too low-level to be detected by out of band solutions.
  • SmartWall Network Bypass Appliance: Network availability is key to maintaining a constant Internet presence. The SmartWall bypass appliance ensures organizations can maintain 100% network connectivity and eliminate downtime in the case of power or equipment failures and during maintenance periods.
  • SmartWall Central Management Server: Centralized policy management and correlation of traffic statistics for all SmartWall appliances deployed in a network.
  • SecureWatch Analytics: Comprehensive visibility and analysis of legitimate and attack traffic from all SmartWall appliances deployed in a network.

What are the Key Benefits of Corero’s SmartWall Threat Defense System?

Corero’s SmartWall Threat Defense System delivers several key business benefits:

  • Automated real-time defense against DDoS attacks of all sizes, allowing legitimate users and their communications to continue, without delay or interruption, even while under attack
  • Enables the highest levels of business continuity and availability, in the rising tide of crippling DDoS attacks
  • Assures your organization’s IT infrastructure investments and ensures you get the maximum return
What is SecureWatch®?

SecureWatch is Corero’s standard support service, which enables customers to keep their SmartWall deployments up-to-date and operating optimally.

What is SecureWatch® PLUS?

SecureWatch PLUS is Corero’s advanced support service, providing configuration optimization, monitoring and response services for DDoS defense. With SecureWatch PLUS, customers receive expert DDoS defense services, including organization-specific implementation and tuning, around-the-clock monitoring and immediate and effective response in the event of an attack.

Do I Need to Change my Current Network Security Configurations to Deploy Corero’s SmartWall Threat Defense System?

No – Corero’s SmartWall Threat Defense System uses completely transparent, Layer 2, bump-in-wire technology that is easily inserted into any network infrastructure. The device has no MAC or IP addresses on its filtering interfaces and supports full out-of-band management. No network or security configuration changes are required when deployed upstream of firewalls, IPS devices, web application firewalls (WAF), load-balancers or any other network technology. Corero’s SmartWall operates as a pre-filter for all downstream devices, removing DDoS attack traffic from the network, protecting all infrastructure and eliminating downtime.

How Does the Corero SmartWall Threat Defense System Maintain Availability Under Heavy DDoS Attack?

Corero’s SmartWall Threat Defense System uses purpose-built low-power appliances with solid-state media, straight-forward cooling systems, redundant power and N+1 fan assemblies to deliver an MTBF of over 20 years. This DDoS protection solution offers zero-power bypass, which reverts to bypass mode for any software or hardware failures, while notifying operators of any issues. This First Line of Defense is sound, reliable and extremely high-performing, delivering full packet-rate throughput in all conditions. Through patented algorithms, well-designed hardware and extremely efficient software, the solution stays up with extremely low latency, mitigating DDoS attacks of all sizes, even when the system is operating at 100% utilization.

How Does SmartWall Threat Defense System Differ from Other DDoS Solutions?

Most anti-DDoS solutions, including cloud-based offerings, delivering volumetric attack protection rely on separate monitoring systems and re-routing of suspicious traffic to sets of DDoS protection appliances, which then inspect that traffic for attacks before finally providing mitigation.  These solutions are far from real-time, as traffic statistics have to be first collected and analyzed, followed by routing changes and subsequent detection and mitigation, often adding up to tens of minutes of delays before mitigation of a DDoS attack commences.  This may have been acceptable five or more years ago, when DDoS almost exclusively resulted in long-duration highly saturating attacks.  However, as with the attack landscape in general, many of today’s DDoS attacks are much more sophisticated, being surgically crafted to deliver enough traffic volume, for just enough duration, to knock out its target. This requires DDoS protection in real-time, else the attacks will be over before protection can kick-in.

Corero’s SmartWall is the first solution to be architected around delivering in-line, line-rate, real-time protection under all traffic conditions.  Combined with affordable pricing models, SmartWall enables Enterprises, Service, and Hosting Providers to protect their entire infrastructure from DDoS attacks of all sizes, under all conditions.

I Have a Firewall Installed at My Perimeter – Why Do I need Corero’s SmartWall Threat Defense System?

Cybercriminals are continually shifting tactics, looking for the next easy way to make money.  Ransom and Extortion attacks are now big business and DDoS attacks, or the threat of DDoS, are forming a significant part of that trend.  The challenge with modern firewalls, by definition, is that they are stateful, which means they have to keep track of traffic flows in order to deliver their protection effectively and efficiently.  The internal memory and processing resources required to keep track of all this state information makes them a soft target for DDoS attackers, who can easily overwhelm these resources with specific attack techniques and take your whole network offline.

Corero’s SmartWall Threat Defense System is designed to work with your Firewalls, providing a first line of defense which protects them, and the rest of your infrastructure, from the crippling effects of DDoS attacks.  SmartWall continuously filters out DDoS traffic, without impacting user experience or causing downtime.