• DDoS Detection Software

    WanGuard Sensor uses an extremely fast and highly innovative traffic anomaly detection engine that detects volumetric attacks by profiling any on-line behaviour and by comparing over 120 live traffic parameters against user-defined thresholds. You can automate reactions to threats using predefined or custom modules that send notification emails, announce prefixes in BGP, generate SNMP traps, modify ACLs and execute your own scripts with access to over 70 operational parameters through an easy-to-use API. DDoS attacks are detected using multi-vendor flow-based technologies, by sniffing IP packets, and through SNMP polling.

  • On-premise DDoS Mitigation

    WanGuard Filter ensures zero downtime for customers and services during Distributed Denial of Service attacks without operator intervention. It defends against DDoS attacks by several complementary methods: cleans the malicious traffic on-premise when the upstream links are not congested, null-routes attacked destinations in BGP to prevent bandwidth saturation and the subsequent network outage, notifies the attacker's ISP. Attacks are blocked by applying intelligent, dynamic filtering rules on stateless software or hardware firewalls. Dedicated packet scrubbing servers can be deployed in the main data path, or can perform side-filtering through BGP-based traffic diversion.

  • Full Network Traffic Visibility

    WanGuard and WanSight provide full network traffic visibility through distributed Sensors ("probes"), able to analyze IP packets, SNMP data and flow records exported by Cisco NetFlow, Huawei Netstream, Juniper jFlow, cflowd, sFlow and IETF IPFIX. All collected data are accessible in a rich, web-based user interface with custom dashboards, real-time traffic graphs and top listings. You can easily generate complex analytics with aggregated data for hosts, departments, interfaces, applications, autonomous systems and countries. You can view extremely accurate bandwidth graphs for hundreds of thousands of IP addresses, inspect packets and flows, and much more.

  • Flow Collector and Analyzer

    Flow Sensor provided by WanGuard and WanSight is a fully-featured flow analyzer and collector that supports all major flow technologies: NetFlow version 5, 7 and 9; IPFIX; sFlow version 4 and 5. It contains a highly scalable traffic correlation engine capable of continuously monitoring hundreds of thousands of IPv4 and IPv6 addresses and ranges. Flows can be stored for as long as you wish in a compressed binary format. You can generate top listings and almost any other aggregation report you can think of. The extensive flow filtering expression options allow you to quickly query individual flows for ad-hoc forensic investigation.

  • Packet Sniffer and Analyzer

    Packet Sensor provided by WanGuard and WanSight inspects IP packets by sniffing 10 Gbps port-mirrored or in-line interfaces at wire-speed. It contains a completely scalable IP traffic analysis engine able to monitor, in real time, tens of thousands of IPv4 and IPv6 addresses and ranges. Users can save packet dumps for forensic investigation and aiding network troubleshooting. Packet dumps can be downloaded or viewed online in a Wireshark-like interface that displays detailed layer 7 information and hexadecimal raw and ASCI data for inclusion in regular expressions. It supports PF_RING and Sniffer 10G.

Software News

IP Monitoring & Anti-DDoS Software Solutions

Andrisoft develops innovative and affordable Linux applications essential to Network and Security Professionals from companies operating large IP networks such as Telecoms, Internet Service Providers, Content Delivery Networks, Cloud Hosting Data Centers and DDoS Mitigation Services:

provides in-depth traffic analysis, IP accounting and bandwidth monitoring. It includes Flow Sensors that processes flow records exported by Cisco NetFlow, IPFIX and sFlow. It also includes Packet Sensors that analyze in-line or mirrored traffic from mirroring ports or network TAPs. An OS-independent web-based Console provides single-point management and reporting.

contains all features of WanSight and adds advanced DDoS detection and mitigation capabilities. It is designed to protect networks and critical services against Distributed Denial of Service and other volumetric attacks by scrubbing malicious packets using dynamic filtering rules applied on software or hardware firewalls located at the network perimeter. It supports powerful automated reaction tools, BGP black hole routing, diversion, scripting and server clustering.

DDoS Protection in Five Easy Steps

alt Try WanGuard, our software solution for monitoring and protecting large networks against DDoS attacks.

alt Fill in the software evaluation request form to receive the download link and a 30-day trial license key.

alt Build your very own DDoS mitigation appliance by installing the software on a spare Linux server.

alt Use the fully-featured trial version for 30 days. Our engineers will assist you during this time, at no cost.

alt Buy cost-effective annual software subscriptions, at any time, through our online store. Support is free.

WanGuard 6.1 was released! The changelog link: The upgrade instructions link:
Follow Andrisoft on Twitter
Join our Newsletter to receive the latest news from us!


  • Telecom Operators: | | | | | |

  • Internet Service Providers: | | | | |

  • Cloud / VPS Hosting: | | | | |

  • Portals / Various Services: | | | | | |

  • Security / Anti-DDoS Services: | | | | |

  • Email / Web Hosting: | | | | |

  • Data Centers: | | | | | |