DDoS Detection and Mitigation Software
- You can try Wanguard for 30 days by requesting an evaluation license.
- Licenses for Wanguard components can be purchased through the online store.
- Frequently asked questions are answered in the Knowledge Base and User Guide.
- A list with a few companies that currently use Wanguard can be found here.
- If you need any further information, do not hesitate to contact us.
Andrisoft Wanguard is enterprise-grade software that delivers to NOC, IT and Security teams the functionality needed for effective monitoring and protecting large WAN networks through a single integrated package.
Unforeseen traffic patterns affect user satisfaction and clog costly transit links. Providing reliable network services is imperative to the success of today's organizations. As the business cost of network malfunctions continues to increase, rapid identification and mitigation of threats to network performance and reliability become critical in order to meet expected SLAs and network availability requirements. Such threats include DDoS attacks, misuse of services, and interference of best-effort traffic with critical or real-time traffic. Wanguard's network-wide surveillance of complex, multilayer, switched or routed environments together with its unique combination of features is specifically designed to meet the challenge of pinpointing and resolving any such threats.
- Flow Sensor and Packet Sensor provide in-depth traffic analysis, traffic accounting, bandwidth monitoring, traffic anomaly and DDoS attack detection. The collected information allows you to generate complex traffic reports, graphs, and tops, instantly pin down the cause of network incidents, automate reactions to attacks, understand patterns in application performance and make the right capacity planning decisions.
- Filter gets activated during DoS, DDoS or DrDOS attacks to detect and apply filtering rules that scrub abnormal traffic in a granular manner without impacting the user experience or resulting in downtime.
- Console is a multi-tenant web application that functions as the administrative core of the software. It offers single-point management and reporting by consolidating data received from Sensors and Filters deployed within the network.
Multi-level DDoS Protection Technology
- Sensor can announce upstream provider(s) through BGP to stop routing traffic towards the attacked destinations. This widely-used DDoS protection technique called RTBH (Remotely Triggered Black Hole) requires only an agreement with the BGP peer(s). The attacked targets are effectively blocked from accessing the Internet; upstream links and all other destinations are not congested during attacks.
- Sensor can announce the upstream Internet Service Provider (ISP) or a Managed Security Service Provider (MMSP) that offers anti-DDoS services to scrub malicious packets in cloud.
- Filter can scrub and/or rate-limit malicious packets by applying dynamic filtering rules on stateless software firewalls, hardware packet filters or BGP FlowSpec-capable routers. Dedicated filtering servers can be clustered in packet scrubbing farms. It can protect critical services against attacks that do not congest upstream links.
- Filter can automatically send notification emails to the ISPs originating non-spoofed attacks.
- Filter can apply filtering rules and ACLs on third-party DDoS mitigation appliances, firewalls, and routers.