Network & DDoS Threat Protection Appliance
 SmartWall® Network Threat Defense 1100

Real-time protection against DDoS Attacks 

Disruptions to Internet service availability as a result of Distributed Denial of Service (DDoS) attacks can cripple operations, impact customers and result in major economic losses. 

The SmartWall® Network Threat Defense 1100 (NTD1100) allows real-time, line-rate, DDoS detection and automatic mitigation, to 100 Gigabit Ethernet connections. Protection is delivered in a compact 1 RU form-factor – an industry first – scaling to 4Tbps of protection in a single rack.

The SmartWall NTD1100 is  dedicated technology for real-time mitigation of DDoS attacks in seconds vs minutes (in contrast to legacy solutions), allowing good user traffic to flow uninterrupted. With varied deployment topologies, (In-line or  scrubbing) the SmartWall NTD1100 utilizes modern DDoS mitigation architecture to automatically, and surgically remove DDoS attack traffic. 

It allows service providers, hosting providers, and the online enterprise to deploy centralized or distributed DDoS attack protection solutions via purpose-built network security appliances that provide real-time Layer 3-7 mitigation against volumetric attacks for both IPv4 and IPv6 traffic.

The NTD1100 protection is provided in cost effective scaling increments -  10Gbps-100Gbps, to support bandwidth, flow table and inspection requirements as you grow. This technology provides configurable policies to selectively enable a broad range of specific protection mechanisms to defend critical network assets against DDoS attack traffic.

This groundbreaking new appliance provides configurable policies to selectively enable a broad range of specific protection mechanisms to defend critical network assets against suspicious or malicious traffic types while allowing uninterrupted service access to legitimate users and applications. The SmartWall NTD1100 also utilizes the concepts of Flex-Rule and Smart-Rule technology to apply granular detecting and blocking filters to a very specific DDoS attack with ease. These rules, leverage heuristic and closed loop policy, allow for rapid creation and deployment, thereby providing customers with the ability to respond rapidly to the evolving nature of sophisticated DDoS attacks.

Easy-to-Use Centralized Management                                                                                     

Each appliance has a dedicated management port and is assigned a unique IP address. This centralized management minimizes IT overhead, speeds deployments and streamlines provisioning. In addition, Corero offers multiple management options for configuring, controlling, and monitoring the appliances including a flexible Browser-based GUI, a full SSH CLI and powerful REST API that supports open integration with existing management frameworks.

Management is performed via secure connection to the Corero Management Server (CMS). The CMS includes a dashboard for monitoring threat activity and viewing key security events. The CMS is delivered as a virtual appliance to run on customer-provided hardware.

Robust Security Protection

Category of
DDoS Attack Type

    DDoS Attack Coverage 

Volumetric DDoS Attacks
  • TCP Flood Attacks 
  • UDP Flood Attacks 
  • UDP Fragmentation Attacks
  • ICMP Floods
Reflective DDoS Attacks
  • NTP Monlist Response Amplification
  • SSDP/UPnP Responses
  • SNMP Inbound Responses
  • Chargen Responses
  • Smurf Attack
  • Fraggle Attack DNS
  • DNS Amplification
Resource Exhaustion DDoS Attacks
  • Malformed and Truncated Packets (e.g. UDP Bombs) 
  • IP Fragmentation/Segmentation AETs 
  • Invalid TCP Segment IDs 
  • Bad checksums and illegal flags in TCP/UDP frames 
  • Invalid TCP/UDP port numbers
  • Use of reserved IP addresses
Other DDoS Attacks
  • Command and Control Operations
  • NTP Monlist Requests 
  • Customized Protection with 
    • Blacklisting of IP Addresses 
    • Port address range filters (provides protection for generic TCP/UDP port based 
    • Rate Limiting Policies 
  • Flex-Rule – Programmable filters based on the Berkley Packet Format (BPF) syntax.  These can be programmed to address a variety of attack categories volumetric, reflective through to attacks leveraging specific payloads (Teamspeak, RIPv1, netbios).
  • Smart-Rule – Heuristics based engine leverages heuristics and behavioral analysis to track and rate limit L1-L4 attacks