Internet service providers (ISPs), cloud providers and enterprises face a common problem. Distributed denial of service (DDoS) attacks are a major risk to service availability. The power, sophistication and frequency of DDoS attacks are rising. Data center operators and network providers need a defense that is effective, cost-efficient and easily managed. Arbor Networks® TMS is the acknowledged leader in DDoS protection. More service providers, cloud providers and large enterprises use TMS for DDoS mitigation than any other solution.

The Arbor Networks Solution for DDoS Protection

The Arbor Networks solution integrates network-wide intelligence and anomaly detection with carrier-class threat management to help identify and stop volumetric, TCP state exhaustion and application-layer DDoS attacks.

TMS network appliances provide the vital, traffic-scrubbing component of the Arbor Networks solution. TMS can be deployed inline to provide "always on" protection. Unlike other products, it also supports a mitigation architecture called "diversion/reinjection." In this mode, only the traffic stream carrying the DDoS attack is redirected to TMS through routing updates issued by the Arbor Networks solution. TMS removes only the malicious traffic from that stream and forwards the legitimate traffic to its intended destination.

This is highly advantageous for service providers, large enterprises and large hosting/cloud providers. It enables a single, centrally located TMS to protect multiple links and multiple data centers. It results in much more efficient use of mitigation and fully non-intrusive security. Inline devices must inspect all traffic all the time on the links they monitor. TMS only needs to inspect traffic that is redirected to it in response to an attack on a specific target.

TMS comes in a variety of mitigation platforms and capacities including: 2U appliances (500 Mbps-160 Gbps of mitigation), 6U chassis (10 -100 Gbps of mitigation) and Cisco ASR9K Router embedded (10-40 Gbps of mitigation).

Comprehensive Threat Detection

Data centers and public networks present multiple targets for DDoS attacks. These targets include infrastructure devices (e.g., routers, switches and load balancers), domain name systems (DNS), bandwidth capacity and key applications such as Web, eCommerce, voice and video. Even security devices such as firewalls and intrusion prevention systems are targets of attack. The Arbor Networks solution provides the most comprehensive and adaptive suite of threat detection capabilities in the industry, designed to protect diverse resources from complex, blended attacks. These capabilities include statistical anomaly detection, protocol anomaly detection, fingerprint matching and profiled anomaly detection. The Arbor Networks solution continually learns and adapts in real-time, alerting operators to attacks, as well as to unusual changes in demand and service levels.

Surgical Mitigation in Seconds

Key to effective mitigation is the ability to identify and block attack traffic while allowing non-attack traffic to flow through to its intended destination. Large-scale DDoS attacks affect not only the intended victim, but also other unfortunate customers who may be using the same shared network service.

• General Information
• • Manufacturer
  • Arbor Networks
  • Manufacturer Website Address
  • http://www.arbornetworks.com
  • Brand Name
  • Arbor
  • Product Type
  • Network Security/Firewall Appliance