Radware presents a new cloud web DDoS protection solution against so-called tsunami attacks. The state-of-the-art solution is designed to bridge the growing gap between standard DDoS mitigation and a new breed of more aggressive Layer 7 (L7) HTTPS flood attacks – also known as web DDoS tsunami attacks.
Radware's solution has the ability to combat encrypted, high-volume, and vectorial threats that bypass standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective.
“The dramatic rise in web DDoS tsunami attacks poses an imminent cyber threat. Organizations around the world, regardless of industry, have fallen victim to these attacks and are wondering why their existing defenses are failing,” says Gabi Malka, Radware's Chief Operating Officer. "Just because organizations have standard WAFs or network-based DDoS mitigation solutions in place, they shouldn't assume they're adequately protected."
Standard WAF and network-based DDoS protection solutions are not sufficient
The proliferation of web DDoS tsunamis has raised the bar for effective L7 DDoS detection and mitigation. In their recent campaigns, hackers are combining network and application layer attacks and using new tools to create these gigantic Web DDoS attacks with high requests per second (RPS). To evade detection, these L7 DDoS attacks impersonate legitimate traffic and use multiple evasion techniques such as: For example, HTTP header randomization, cookies, IP spoofing, and more.
"Off-the-shelf solutions that take a rate-limiting approach are not designed for this new generation of web DDoS tsunami attacks," Malka continued. “To mitigate these attacks, organizations need behavioral Layer 7 security solutions that adapt in real-time, scale many times higher than any on-premises solution, and that can surgically block attacks without blocking legitimate traffic.”
DDoS tsunamis: a special attack
Standard WAF and network-based DDoS protection solutions are unable to detect and mitigate web DDoS tsunamis without impacting legitimate traffic. Detecting these attacks requires decrypting and inspecting traffic's L7 headers, which network-based DDoS solutions are unable to do. At the same time, on-premises or cloud-based WAF solutions that rely on signature-based protection are unable to deal with the random nature, scale, and sophistication of these attacks.
Radware anticipated the shift in the threat landscape and developed a new Cloud Web DDoS Protection. Backed by research and development, the solution uniquely combines behavior-based, automated algorithms with the scale-up infrastructure required to precisely protect organizations against tsunami attacks.
Features of the Radware DDoS solution
- Minimal False Alert Rate – Special behavior-based algorithms quickly and accurately detect and block L7 DDoS attacks without disrupting legitimate traffic.
- Broad attack coverage against the most advanced threats and zero-day attacks - The solution protects organizations from a variety of L7 DDoS threats, including smaller, more sophisticated attacks, new L7 attack tools and vectors, and large-scale, sophisticated web DDoS tsunami attacks.
- Instant and Adaptive Protection – Using proprietary behavioral analysis and real-time signature generation, Radware instantly detects HTTPS floods and continually adjusts countermeasures in real-time to prevent downtime.
- Helps keep you safer – The automated and fully managed solution is designed to help organizations block these sophisticated attack campaigns consistently across all their applications and environments.
For organizations affected by DDoS attacks, Radware also offers an Emergency Onboarding Service to help neutralize security risks and secure operations before damage occurs.
More at Radware.com
About Radware Radware (NASDAQ: RDWR) is a global leader in application delivery and cybersecurity solutions for virtual, cloud and software-defined data centers. The company's award-winning portfolio secures the company-wide IT infrastructure and critical applications and ensures their availability. More than 12.500 enterprise and carrier customers worldwide benefit from Radware solutions to quickly adapt to market developments, maintain business continuity and maximize productivity at low cost.