• Default WanGuard Dashboard
    Default WanGuard Dashboard
  • Live IP Traffic Statistics
    Live IP Traffic Statistics
  • IP Traffic Profile Analysis
    IP Traffic Profile Analysis
  • DDoS Attacks Summary
    DDoS Attacks Summary
  • Distribution of Applications
    Distribution of Applications
  • IP Traffic Accounting Report
    IP Traffic Accounting Report
  • NetFlow Collector
    NetFlow Collector
  • NetFlow Analyzer
    NetFlow Analyzer
  • Top Autonomous Systems
    Top Autonomous Systems
  • Packet Analyzer Web Interface
    Packet Analyzer Web Interface
  • Bandwidth Accounting Report
    Bandwidth Accounting Report
  • Monitor Router Traffic
    Monitor Router Traffic
  • AS graph with 95th percentile
    AS graph with 95th percentile
  • Customer's bandwidth graph
    Customer's bandwidth graph
  • Network Traffic Information
    Network Traffic Information
  • WAN Switch Parameters
    WAN Switch Parameters
  • Pkts/s graph with stats & sums
    Pkts/s graph with stats & sums
  • Dashboard with Events
    Dashboard with Events
  • Dashboard with Live Resources
    Dashboard with Live Resources
  • Google,Yahoo,Facebook traffic
    Google,Yahoo,Facebook traffic

DDoS Detection and Mitigation Software

  • You can try WanGuard for 30 days by requesting an evaluation license.
  • Licenses for WanGuard components can be purchased through the online store.
  • Frequently asked questions are answered in the Knowledge Base and User Guide.
  • A list with some companies that currently use WanGuard can be found here.
  • If you need any further information, do not hesitate to contact us.

Andrisoft WanGuard is an enterprise-grade software that delivers to NOC, IT and Security teams the functionality needed for effectively monitoring and protecting large networks through a single, integrated package.

Unforeseen traffic patterns affect user satisfaction and clog costly transit links. Providing reliable network services is central to the success of today's organizations. As the business cost of network malfunctions continues to increase, rapid identification and mitigation of threats to network performance and reliability becomes critical in order to meet expected SLAs and network availability requirements. Such threats include DDoS attacks, misuse of services, and interference of best-effort traffic with critical or real-time traffic. WanGuard's network-wide surveillance of complex, multilayer, switched or routed environments together with its unique combination of features is specifically designed to meet the challenge of pin-pointing and resolving any such threats.

WANGUARD Components

  • The Console is a web application that functions as the administrative core of the software. It offers single-point management and reporting by consolidating data received from Sensors and Filters deployed within the network.
  • The Flow Sensor and Packet Sensor provide in-depth traffic analysis, traffic accounting, bandwidth monitoring, traffic anomaly and DDoS detection. The collected information allows you to generate complex traffic reports, graphs and tops; instantly pin down the cause of network incidents; automate reactions to attacks; understand patterns in application performance and make the right capacity planning decisions.
  • The Filter gets activated during DoS, DDoS or DrDOS attacks to detect and apply filtering rules that scrub off abnormal traffic in a granular manner, without impacting the user experience or resulting in downtime.

Multi-level DDoS Protection Technology

  • The Sensor can announce upstream provider(s) through BGP to stop routing traffic towards the attacked destinations. This widely-used DDoS protection technique called RTBH (Remotely Triggered Black Hole) requires only an agreement with the BGP peer(s). The attacked destinations are effectively blocked from accessing the Internet; upstream links and all other destinations are not congested during attacks.
  • The Sensor can announce the upstream Internet Service Provider (ISP) or a Managed Security Service Provider (MMSP) that offers anti-DDoS services to scrub off malicious packets in cloud.
  • The Filter can scrub off and/or rate-limit malicious packets by applying dynamic filtering rules on stateless software firewalls and hardware packet filters. Dedicated filtering servers can be clustered in packet scrubbing farms. It can protect critical services against attacks that do not congest upstream links.
  • The Filter can automatically send notification emails to the ISPs originating non-spoofed attacks.
  • The Filter can apply filtering rules and ACLs on third-party DDoS mitigation appliances, firewalls and routers.

WANGUARD Key Features and Benefits

DDoS Detection & Mitigation

alt An innovative traffic anomaly detection engine detects DDoS attacks. The malicious traffic is blocked in a granular manner.

Powerful Reaction Tools

alt Responds automatically to threads by sending BGP routing updates, emails, executes custom scripts, etc.

Detailed Forensics

alt View packets and flow records for each attack. Detailed attack reports can be emailed to interested parties.

Full Network Visibility

alt Supports the latest traffic monitoring technologies: packet sniffing at 10 Gbps, NetFlow, sFlow, IPFIX, NetStream, cflowd and SNMP.

Advanced Web Console

alt Consolidated management through a single, interactive and configurable HTML5 web portal with customizable dashboards and user roles.

Complex Analytics

alt Generates complex reports with aggregated data for hosts, IP groups, interfaces, applications, protocols, countries, ASNs and many more.

Flow Analyzer and Collector

alt Provides a fully featured NetFlow, sFlow, and IPFIX analyzer and collector. Flows can be searched, filtered, sorted and exported.

Distributed Packet Sniffer

alt A distributed packet sniffer can save packet dumps from different parts of the network. You can download the dumps or view them online.

Flexible Configuration

alt You can fine-tune the system in great detail: IP graph accuracy, LDAP or RADIUS authentication, user profiles, data retention intervals, etc.

Real-Time Reporting

alt Bandwidth graphs are animated and can have a short-term accuracy of just 5 seconds. Live readings are available for all parameters.

Historical Reporting

alt You can view reports from the last 5 seconds to the last 10 years by selecting any custom time period. Supports 95th percentile billing.

Scheduled Reporting

alt Any report can be generated and emailed automatically to interested parties at preconfigured intervals of time, hourly, daily, weekly, monthly.

Affordable On Premise Anti-DDoS

alt The most cost-effective on-premise DDoS mitigation solution on the market! Annual subscriptions include free support and upgrades.

Fast & Fully Scalable

alt The software was designed to run on low-cost commodity hardware. The components can be distributed on any number of clustered servers.

Outstanding Support

alt All support inquiries are answered by experienced engineers. Corporate support ensures a one hour maximum response time, 24/7/365.


  WanGuard supports the sFlow standards. To learn more about sFlow please visit http://www.sflow.org.
WanGuard 6.0 was released! The changelog is here: http://t.co/MfN8VC9u9u, upgrade instructions here: https://t.co/K0ot7axdmH.
Follow Andrisoft on Twitter
Join our Newsletter to receive the latest news from us!