Vulnerabilities / Threats
2/26/2014
06:52 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Huawei Launches Next Generation Anti-DDoS Solution At RSA Conference 2014

AntiDDoS8000 series protects against application layer, mobile device, and outbound DDoS attacks

SAN FRANCISCO, Feb. 24, 2014 /PRNewswire/ -- RSA -- Huawei, a leading global information and communications technology (ICT) solutions provider today announced the launch of its next-generation anti-DDoS solution at the RSA Conference 2014. Huawei's best-in-class, AntiDDoS8000 Series offers industry leading security capabilities, including 1Tbps performance and protection from application layer, mobile device and outbound Distributed Denial of Service (DDoS) attacks.

"DDoS attacks have become much more varied. Today we're seeing a rise in application-based attacks as well as attacks launched directly from mobile devices," said Liu Shaowei, Huawei's Networking Business Unit General Manager. "These new breeds of advanced attacks are hard to detect with traditional flow-based anti-DDOS solutions but can be detected with Huawei's new AntiDDoS8000 appliance."

Huawei's new AntiDDoS8000 appliance can defend several hundred Gigabits-per-second DDoS threats by employing advanced features such as signature learning, behavior analysis, reputation mechanism and Big Data analytics.

"Huawei's anti-DDoS solution protected us from over 40,000 DDoS attacks last year -- equivalent to over 100 attacks per day -- at a maximum traffic rate of 100 Gbps. This is a powerful and user-friendly system that provides precise protection," said Xinguo Wei, Senior Expert of Information Security Center, Alibaba Group.

"We tested Huawei's anti-DDoS solution against every DDoS attack that we have ever encountered. Its performance was excellent; therefore, we selected Huawei," Xinguo added.

As the fastest-ever anti-DDoS solution in the industry, Huawei's AntiDDoS8000 appliance can support a new service card with 160Gbps protection performance and a high-density line card with ten 10GE ports. Consequently, the largest model of AntiDDoS8000 can support upwards of 960Gbps performance.

Designed for carriers, data centers, large enterprises, and large Internet commerce providers, the AntiDDoS8000 appliance enhances the defense against application-layer attacks and the attacks in IPv6-IPv4 composite networking. Feature highlights include:

Detection and Mitigation of 100+ DDoS attacks including Application Layer DDoS (HTTP/HTTPS/DNS/SIP, etc.)

Accurate mobile DDoS attack detection mechanism and zero false positive to mobile traffic when protecting mobile Internet service

Prevention of outbound DDoS from data center with a daily update botnets library of 5 million active botnet IP addresses.

The new AntiDDoS8000 is available now. The 160Gbps service card will be available in Q4 of 2014.

For a demo of Huawei's Next Generation AntiDDoS portfolio, visit Booth 2101, South Hall, at RSA 2014 from Feb. 25 – 27.

About Huawei

Huawei is a leading global ICT solutions provider. Through our dedication to customer-centric innovation and strong partnerships, we have established end-to-end advantages in telecom networks, devices and cloud computing. We are committed to creating maximum value for telecom operators, enterprises and consumers by providing competitive solutions and services. Our products and solutions have been deployed in over 140 countries, serving more than one third of the world's population. For more information about Huawei ICT solutions, please visit: http://enterprise.huawei.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9710
Published: 2015-05-27
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time windo...

CVE-2014-9715
Published: 2015-05-27
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that trig...

CVE-2015-2666
Published: 2015-05-27
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to t...

CVE-2015-2830
Published: 2015-05-27
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate...

CVE-2015-2922
Published: 2015-05-27
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Dark Reading Radio
Listen Now Incident Response War Gaming: Practicing the Post-Breach Panicking
After a serious cybersecurity incident, everyone will be looking to you for answers -- but you’ll never have complete information and you’ll never have enough time. So in those heated moments, when a business is on the brink of collapse, how will you and the rest of the board room executives respond?