You are here: Home Software WANGUARD Filter for DDoS Mitigation

The DDoS Mitigation and Protection Firewall of WANGUARD

OVERVIEW: WANGUARD's Filter was designed to protect networks from internal and external threats (availability attacks on DNS, VoIP, Mail and similar services, unauthorized traffic resulting in network congestion), botnet attacks, zero-day worm and virus outbreaks. It includes sophisticated traffic analysis algorithms that are able to detect and side-filter malicious traffic in a granular manner without impacting the user experience or resulting in downtime. It can be used only in conjunction with the Flow Sensor (for NetFlow, sFlow, jFlow or IPFIX) or with the Sniffing Sensor (for Packet Sniffing, Port Mirroring or Network TAPs).
KEY
FEATURES:
  • Defends against known, unknown and evolving DoS, DDoS and other volumetric attacks by filtering dynamically:
    • Source or Destination TCP ports
    • Source or Destination UDP ports
    • Source or Destination IP Addresses
    • IP Protocols
    • Invalid IP packets
    • ICMP Types
    • Time To Live ( TTL ) field
    • Packets Lengths
  • Recognizes and firewalls malicious traffic in under 5 seconds
  • Does not block or blacklist valid customer traffic
  • Does not require network baseline training and operator intervention
  • The Filter system can be deployed in-line or can scrub the malicious traffic off-ramp
  • The cleaned traffic can be re-injected downstream into the network with Static Routing or GRE / IPIP tunneling
  • Per endpoint flexible threat management options and an easy to use API for scripting the reaction to attack patterns:
    • alert the NOC staff by email using user-defined email templates
    • email the ISP of the attacker
    • send custom syslog messages to remote log servers
    • capture the attacker's traffic for forensic investigation
    • execute custom scripts that extend the built-in capabilities, such as:
      • configure ACLs or execute PIX "shun" commands to filter attack patterns
      • filter attacking IP addresses by executing “route blackhole” commands
      • send SNMP TRAP messages to SNMP monitoring stations
  • Easy and non-disruptive installation on common server hardware
  • The most cost-effective DDoS protection and DDoS mitigation software solution on the market
SINGLE
FILTER DEPLOYMENT
EXAMPLE:		 DDoS Mitigation
TRAFFIC DIVERSION: Traffic diversion is the mechanism by which an upstream router in the core network is instructed to send suspect traffic (SYN floods, spoofed packets, and so on) to the WANGUARD Filter system. After scrubbing off anomalous packets, the Filter system performs traffic injection to insert cleaned traffic back into the network - to a downstream router - using one of the following techniques:
  • Static Routing - In a Layer 2 topology the Filter system forwards cleaned traffic to a statically configured next-hop address
  • GRE / IPIP Tunneling - In a Layer 3 topology the Filter system forwards cleaned traffic via a GRE/IP over IP tunnel
  • Inline Deployment - When the Filter system is deployed inline, no traffic diversion and injection is needed

MINIMUM
HARDWARE REQUIREMENTS:
DDoS Mitigation Capacity    1 Gbps link 10 Gbps link
Architecture x86 ( 32 or 64 bit ) x86 ( 64 bit )
Core x CPU 1 x Xeon 2.5 GHz or 1 x Opteron 1.8 GHz 4 x Xeon 2.4 GHz
RAM 2 GB 8 GB
Network Cards 1 x Gigabit Ethernet with NAPI support
1 x Gigabit Ethernet		 1 x 10 GbE card with Intel 82599 chipset
1 x Gigabit Ethernet
Operating System* RHEL / CentOS 5, RHEL / CentOS 6, OpenSUSE 12, Debian Linux 6, Ubuntu Server 12 RHEL / CentOS 5, RHEL / CentOS 6, OpenSUSE 12, Debian Linux 6, Ubuntu Server 12
Disk Space 10 GB ( including OS ) 10 GB ( including OS )
* Other Linux distributions might work but haven't been tested yet.

TRY IT !

 You can download and try the Filter for 30 days by requesting an evaluation license.
WANGUARD Filter licenses can be purchased directly from our on-line store.
If you have any questions or requests, please don't hesitate to contact us.