WANGuard Filter
| OVERVIEW |
WANGuard Filter is the WANGuard Platform component designed to protect organizations from internal and external threats (availability attacks on DNS, VoIP, Mail and similar services, unauthorized traffic resulting in network congestion), botnet-based attacks, zero-day worm and virus outbreaks. WANGuard Filter includes sophisticated traffic analysis algorithms that are able to detect and filter the malicious traffic.
TRAFFIC DIVERSION AND INJECTION TECHNIQUES
Traffic diversion is the mechanism by which an upstream router in the core network is instructed to send suspect traffic (syn floods, spoofed packets, and so on) to the WANGuard Filter system. After scrubbing off anomalous packets, the WANGuard Filter performs traffic injection to insert cleaned traffic back to the network - to a downstream router - using one of the following techniques:
Static Routing - In a Layer 2 topology, WANGuard Filter will forward cleaned traffic to a statically configured next-hop address
GRE/IPIP Tunneling - In a Layer 3 topology, WANGuard Filter will forward cleaned traffic via a GRE/IP over IP tunnel
Inline Deployment - When the WANGuard Filter system is deployed inline, no traffic diversion and injection is needed
|
| HIGHLIGHTS |
- Quickly see live information about DDoS attacks in your network from any location using only your web-browser, through WANGuard Console
- Defends against unknown, evolving and known attack patterns
- Recognizes and drops malicious traffic in under 5 seconds
- Does not block/blacklist valid customer traffic
- Per endpoint flexible threat management tools and easy to use API for scripting the reaction to traffic anomalies:
-
alert the NOC Staff by email (screenshot)
-
alert attacker's ISP via email (screenshot)
-
send custom Syslog messages to remote logservers (screenshot)
-
execute custom scripts (screenshot). Examples:
-
configure ACLs or execute PIX "shun" command to filter attacking IPs
-
issue route blackhole commands on the attacked Linux servers to filter attacking IPs
-
send SNMP TRAP messages to SNMP monitoring stations
- Does not require network baseline training and operator intervention
- Easy and non-disruptive installation on common server hardware
- The most cost-effective malicious traffic filtering solution on the market
|
| SIMPLE DEPLOYMENT |
 |
| DATASHEET |
| Server Requirements for protecting an OC-3 ( 155 Mbps ) WAN link |
| |
| Architecture |
x86 ( 32 or 64 bit ) |
| CPU |
1 x Pentium IV 2.6 GHz |
| Memory |
500 MBytes |
| Network Cards |
2 x Fast/Gigabit Ethernet ( Linux NAPI support strongly recommended ) |
| Operating System |
Linux kernel 2.6.x |
| Installed Packages |
perl 5.x quagga or zebra Net::Telnet iptables mysql 5.x perl-DBD-MySQL tcpdump |
| Disk Space |
5GB ( including OS ) |
|
| DOWNLOAD |
WANGuard Filter TRIAL VERSION can be downloaded here. |
|