• DDoS Detection Software

    Wanguard detects volumetric DDoS attacks by leveraging a very fast and highly innovative traffic anomaly detection engine which compares 130+ traffic-related metrics against user-defined thresholds, and profiles the online behavior of users to detect traffic spikes. It reacts automatically to threats by executing predefined action modules that send notification emails, announce prefixes in BGP, generate SNMP traps, modify ACLs and execute custom scripts with access to an easy-to-use API that exposes 80+ traffic parameters. DDoS attacks are detected via packet sniffing, SNMP polling, or by using multi-vendor flow-based technologies.

  • On-premise DDoS Mitigation

    Wanguard Filter ensures zero downtime for customers and services during Distributed Denial of Service attacks, automatically, without requiring operator intervention. It is designed to defend against DDoS attacks by cleaning the malicious traffic on-premise, and by notifying the attacker's Internet Service Provider. Each malicious packet is blocked by intelligent, dynamic filtering rules which are applied on stateless software or hardware firewalls, or on BGP FlowSpec-capable routers. It can perform side-filtering with BGP on/off-ramping, or it can be run on dedicated packet scrubbing servers deployed in the main data path.

  • Full Network Traffic Visibility

    Wanguard and Wansight provide full network traffic visibility by using distributed Sensors ("probes”) able to capture IP packets, query SNMP devices and analyze flow records exported by Cisco NetFlow, Huawei Netstream, Juniper jFlow, cflowd, sFlow and IPFIX. All the collected data are accessible in a web-based user interface that provides custom dashboards, real-time traffic graphs and top statistics. You can quickly generate complex analytics with aggregated data for hosts, departments, interfaces, applications, protocols, autonomous systems and countries; view accurate bandwidth graphs for thousands of IP addresses, inspect packets and flows.

  • Flow Collector and Analyzer

    Wanguard and Wansight include Flow Sensor which is a fully-featured flow analyzer and collector supporting all major flow technologies (NetFlow version 5, 7 and 9; IETF IPFIX; sFlow version 4 and 5) and containing a highly scalable traffic correlation engine capable of continuously monitoring hundreds of thousands of IPv4 and IPv6 addresses and ranges. Flows can be stored for as long as you wish in a compressed binary format. You can generate top listings and almost any other aggregation report you can think of. The extensive flow filtering expression options allow you to query individual flows quickly for ad-hoc forensic investigation.

  • Packet Sniffer and Payload Analyzer

    Wanguard and Wansight include Packet Sensor which inspects IP packets by sniffing 1/10/40 Gbps port-mirrored or in-line interfaces at wire-speed, and contains an entirely scalable IP traffic analysis engine able to monitor, in real time, tens of thousands of IPv4 and IPv6 addresses and ranges. Users can save packet dumps for forensic investigation or to aid network troubleshooting. Packet dumps can be downloaded or viewed online in a Wireshark-like interface that displays detailed layer 7 information or hexadecimal raw and ASCI data for inclusion in regular expressions. It supports Libpcap, PF_RING Vanilla, PF_RING ZC, Netmap and Sniffer 10G.

IP Monitoring & Anti-DDoS Software Solutions

Andrisoft develops two innovative and affordable Linux-based applications which are essential for Network Administrators and Security Experts from organizations that operate large IP networks such as Telecoms, Internet Service Providers, Cloud Hosting Data Centers, Content Delivery Networks or DDoS Mitigation Services:

Wansight provides bandwidth monitoring, IP accounting and in-depth traffic analysis. It includes Flow Sensor which analyzes flow records exported by Cisco NetFlow, IPFIX, and sFlow. It also includes Packet Sensor which analyzes in-line traffic, network TAPs or port mirroring configurations. An OS-independent, web-based Console provides single-point management and reporting.

Wanguard extends Wansight with advanced DDoS detection and mitigation capabilities. It is designed to protect networks and critical services against volumetric Distributed Denial of Service attacks by scrubbing malicious packets with dynamic filtering rules applied to software or hardware firewalls located at the network perimeter. It supports automated reaction tools, RTBH, BGP FlowSpec, traffic diversion, scripting and clustering.

DDoS Protection in Five Easy Steps

alt Learn about Wanguard, our software solution for monitoring and protecting large networks against DDoS attacks.

alt Fill in the software evaluation request form to obtain the download link and a free 30-day trial license key.

alt Build your very own DDoS mitigation appliance by installing the software on a spare Linux server.

alt Use the fully-featured trial version for 30 days. Our engineers will assist you during this time, at no cost.

alt Buy cost-effective annual software licenses, at any time, via our online store. Support is free.

Wanguard 6.3 was released! Changelog and upgrading instructions on
Follow Andrisoft on Twitter
Join our Newsletter to receive the latest news from us!


  • Telecom Operators: | | | | | |

  • Internet Service Providers: | | | | |

  • Cloud / VPS Hosting: | | | | |

  • Portals / Various Services: | | | | | |

  • Security / Anti-DDoS Services: | | | | |

  • Email / Web Hosting: | | | | |

  • Data Centers: | | | | | |