Analytics
12/5/2012
10:32 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DDoS Mitigation Technology From Arbor Networks Now Available in Solutions for the Enterprise Ranging From 500 Mbps To 40 Gbps Mitigation Capacity

Pravail APS protects enterprises that rely on Internet availability

Arbor Networks, Inc., a leading provider of security and network management solutions for enterprise and service provider networks, today announced the latest version of the Pravail® Availability Protection System (APS), as well as new hardware options to provide greater flexibility in deployment. Pravail APS protects enterprises that rely on Internet availability, securing business continuity and availability by automatically neutralizing application-layer DDoS attacks before they impact critical services. This easy-to-deploy appliance relies on the world's most advanced and sophisticated attack detection and mitigation technology and is now available in traffic inspection capacities ranging from 500 Mbps all the way up to 10 Gbps. Arbor's Peakflow SP Threat Management System provides up to 40Gbps mitigation capacity -- providing deployment options for every size organization.

World Leader in DDoS Mitigation Arbor Networks' customers include the vast majority of the world's service providers and many of the largest enterprise networks in use today. According to a recent report from Infonetics Research titled, DDoS Prevention Appliance Market Outlook, Arbor Networks was cited as top supplier of DDoS prevention solutions overall as well as in the Carrier, Enterprise, Government and Mobile market segments.

Stateless Analysis Filtering Engine (SAFE) Arbor's Stateless Analysis Filtering Engine (SAFE) is the backbone technology powering Arbor's Peakflow and Pravail DDoS mitigation solutions worldwide. That same technology that protects the vast majority of the world's service provider networks is now available to enterprises of all sizes, with mitigation capacity ranging from 500Mbps to 40Gbps.

The Stateless Analysis Filtering Engine is a unique packet-based engine that provides the foundation for both Pravail APS and the Arbor service provider solutions. Unlike load balancers, IPS or firewalls, SAFE detects and mitigates most DDoS attacks without tracking any session state. In cases where tracking is required, SAFE only stores minimal information for a short period of time. As a result, Pravail APS can withstand targeted attacks that overwhelm state tables in other security products and threaten availability. Further, SAFE incorporates advanced DDoS countermeasures developed by Arbor's Security Engineering & Response Team (ASERT). These countermeasures include advanced packet-based protections which neutralize hundreds of malware families that make up the vast majority of the global botnet threat.

"Pravail APS provides what other perimeter-based security devices cannot, and that is the ability to proactively protect against DDoS attacks," said Richard Martinez, enterprise security analyst with Frost & Sullivan. "Given the threat complexity and the business impact of DDoS, a full-spectrum solution is required. A common response by many administrators to the challenges of DDoS is the belief that their firewall and IPS infrastructure will protect them from attack. Unfortunately, this is not true. Firewalls and IPS devices, while critical to network protection, are not adequate to protect against complex DDoS attacks."

"DDoS is a complex problem that combines multiple attack techniques, tools and targets. Enterprises are realizing that existing solutions, such as firewalls and IPS, are not designed for availability threats such as application layer DDoS attacks," said Arbor Networks President Colin Doherty. "Pravail APS is purpose-built for application layer DDoS and for deployment in an enterprise environment. We're bringing the same technology that protects the vast majority of the world's ISP's to the enterprise."

What's new in Pravail APS 3.0:

Advanced Web crawler service: Pravail APS delivers superior availability protection without impacting a Website's page ranking and search engine results. The ASERT team has created policies that allow specific Web crawlers, but blocks those that are malicious or irrelevant. This provides a constant update on legitimate Web crawlers with protections in place to identify spoofing and illegitimate crawlers. Insights into Advanced Botnet Attacks: Pravail APS 3.0 includes updates to the ATLAS® Intelligence Feed (AIF) that simplify attack identification and reporting. AIF automatically provisions Pravail APS appliances with the latest defenses to new threats as well as updates to IP location data -- all in real-time. The AIF is made possible as a result of Arbor's close and privileged relationship with leading ISPs around the world with an extensive network of sensors and data, giving Arbor real-time visibility into 35Tbps of global Internet traffic. This gives Arbor unmatched insight into emerging threats -- information used by ASERT to develop defenses to new, emerging threats. A Focus on the Security Operations Center (SOC): Pravail APS 3.0 includes new reporting and protection features including SOC notification of blocked attacks, increased protection mechanisms and identification of unusual traffic patterns that could be indicative of an attack. Pravail APS 3.0 also gives the SOC the ability to customize attack responses for only the assets and services targeted by the attack (which minimizes impact for unaffected assets). All of these features better arm SOC engineers to intelligently and surgically mitigate attacks.

For more information on Arbor Networks® DDoS detection and mitigation solutions:

Download the Pravail APS data sheet found here: http://www.arbornetworks.com/products/pravail/aps Or, please visit www.youtube.com/user/ArborNetworks

About Arbor Networks Arbor Networks, Inc. is a leading provider of network security and management solutions for enterprise and service provider networks, including the vast majority of the world's Internet service providers and many of the largest enterprise networks in use today. Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS® Active Threat Level Analysis System. Representing a unique collaborative effort with 240+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions.

For technical insight into the latest security threats and Internet traffic trends, please visit our website at arbornetworks.com and our blog athttp://ddos.arbornetworks.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?