Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


06:51 PM
Dark Reading
Dark Reading
Products and Releases

Arbor Networks Enhances The Pravail APS Enterprise DDoS Mitigation Solution

Enhancements include customized network tuning, multidevice management capabilities, and enhanced SSL protection

Arbor Networks, Inc., a leading provider of network security and management solutions for enterprise and service provider networks, today announced the availability of the next generation of the Pravail® Availability Protection System (APS). New enhancements to Pravail APS include customized network tuning, multi-device management capabilities and enhanced SSL protection.

Pravail APS is the first on-premise security product focused on securing the network perimeter from threats against availability-- specifically, application-layer DDoS attacks. Purpose built for the enterprise, Pravail APS delivers out of the box, proven attack identification and mitigation capabilities that can be rapidly deployed with little configuration, even during an attack. In addition to its on-premise protection, Pravail APS allows organizations that are experiencing a DDoS attack to alert their ISPs or cloud providers to the attack and provide salient details that can assist the providers in blocking the attack upstream.

According to Infonetics Research's most recent DDoS Prevention Appliances market report published in June 2013, Arbor's Pravail® Availability Protection System (APS) is the most broadly deployed enterpriseDDoS detection and mitigation solution in the market today.

"In Pravail APS, Arbor has leveraged its experience in the service provider market to bring a purpose built, easy to deploy and operate solution to the enterprise at a time when on-premise protection has become increasingly important," said Jeff Wilson, analyst with Infonetics Research. "Without a doubt, the number one driver for DDoS prevention solutions is the attacks themselves. There is no indication that the pace of innovation in the creation of attacks and the ingenuity that drives the distribution of those attacks will slow down, so prevention solutions need to evolve. Arbor has been the market leader in DDoS for over a decade and they continue to innovate."

"DDoS has come to the enterprise in a significant way, and many businesses are beginning to understand that existing infrastructure such as firewalls and IPS cannot provide adequate protection from today's complex availability threats," said Arbor Networks President Colin Doherty. "By deploying Pravail APS on-premise, the enterprise is able to maintain control over mitigation, and is not reliant on either a device built for a different problem, like a firewall, or the responsiveness of a cloud-based DDoS service."

What makes Arbor's Pravail APS such an important product for the enterprise is that it not only helps protect against availability threats, it provides additional investment protection to existing security infrastructure. For example, firewalls and IPS are designed for important security problems other than DDoS. They were built to stop unauthorized access to critical resources, enforce corporate security policies and prevent data loss. These all remain critical security problems. What's changed is that availability itself is now under assault and it requires a solution designed specifically for today's complex DDoS problem.

Among the new features in Pravail APS 3.1 are:

· Customized Network Learning and Traffic Tuning: Pravail APS now combines out-of-box default attack protection with network behavior learning and traffic analysis. This built-in intelligence tailors Pravail APS' protection capabilities specific to each organization's network through automated traffic recommendations, providing more comprehensive protection.

· Multi-device Management API: To meet the management challenges of large enterprise and MSSP environments, Pravail APS now includes a multi-device management API. With this API, enterprises and MSSPs can use their current management investment to deploy, make configuration changes, or update devices, without adding another management console or portal.

· SSL Inspection and Protection: Pravail APS now includes enhanced SSL inspection and protection capabilities aimed at blocking DDoS attack traffic that may be lurking in SSL encrypted traffic. Once attack traffic has been detected within SSL encrypted traffic, Pravail APS will help block those threats from harming the network, only allowing the "clean" encrypted traffic to be transmitted to the intended destination.

These new features, along with the ATLAS® Intelligence Feed (AIF) – which is integrated into Arbor's solutions, including Pravail APS – provide the powerful detection and mitigation needed to tackle emerging threats. The feed is constantly updated to address dynamic threats such as botnets, and it simplifies threat responses because it is updated in real time without software updates. The threat feed also utilizes application-layer analysis designed to stop complex application-layer attacks. The Arbor Security Engineering & Response Team (ASERT) verifies every threat feed update to ensure customers can trust the quality of the feed.

Supporting Resources:

· Download the Pravail APS data sheet here

· Download the Enterprise Guide to DDoS Protection here

About Arbor Networks

Arbor Networks, Inc. is a leading provider of network security and management solutions for enterprise and service provider networks, including the vast majority of the world's Internet service providers and many of the largest enterprise networks in use today. Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS® Active Threat Level Analysis System. Representing a unique collaborative effort with 270+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions.

For technical insight into the latest security threats and Internet traffic trends and to learn about our DDoS mitigation services, please visit our website at arbornetworks.com and visit our blog.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-11-14
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
PUBLISHED: 2019-11-14
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.
PUBLISHED: 2019-11-14
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
PUBLISHED: 2019-11-14
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
PUBLISHED: 2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent withi...