Data Sheet. DPtech Anti-DDoS Series. Overview



Similar documents
DPtech ADX Application Delivery Platform Series

Huawei Traffic Cleaning Solution

Eudemon8000 High-End Security Gateway HUAWEI TECHNOLOGIES CO., LTD.

Eudemon8000E Anti-DDoS SPU

AntiDDoS1000 DDoS Protection Systems

High Performance 10Gigabit Ethernet Switch

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

AntiDDoS8000 DDoS Protection Systems

Huawei Eudemon1000E-X series Firewall. Eudemon 1000E-X Series Firewall. Huawei Technologies Co., Ltd.

Huawei Eudemon200E-N Next-Generation Firewall

DDoS Overview and Incident Response Guide. July 2014

Eudemon1000E Series Firewall HUAWEI TECHNOLOGIES CO., LTD.

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

co Characterizing and Tracing Packet Floods Using Cisco R

Radware s Attack Mitigation Solution On-line Business Protection

FortiDDos Size isn t everything

USG6600 Next-Generation Firewall

Automated Mitigation of the Largest and Smartest DDoS Attacks

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity

Gigabit Content Security Router

Cisco ASA 5500 Series IPS Solution

HARPP DDoS Mitigator Appliances and DDoS CERT

Automated Mitigation of the Largest and Smartest DDoS Attacks

INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS

SECURITY REIMAGINED. FireEye Network Threat Prevention Platform. Threat Prevention Platform that Combats Web-based Cyber Attacks

DDoS Protection Technology White Paper

TP-LINK. JetStream 28-Port Gigabit Stackable L3 Managed Switch. Overview. Datasheet T3700G-28TQ.

Strategies to Protect Against Distributed Denial of Service (DD

Service Description DDoS Mitigation Service

Security Technology White Paper

USG6300 Next-Generation Firewall

Cheap and efficient anti-ddos solution

NIP6300/6600 Next-Generation Intrusion Prevention System

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

Check Point DDoS Protector

Are you safe from DDoS attacks?

HUAWEI TECHNOLOGIES CO., LTD. Anti-DDoS Solution

NSFOCUS Network Traffic Analyzer (NTA)

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

A Layperson s Guide To DoS Attacks

Acquia Cloud Edge Protect Powered by CloudFlare

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

CloudFlare advanced DDoS protection

Complete Protection against Evolving DDoS Threats

DCRS-5650 Dual Stack Ethernet Switch Datasheet

HUAWEI Secospace USG6600 Next-Generation Firewall Datasheet

Campus LAN at NKN Member Institutions

SecurityDAM On-demand, Cloud-based DDoS Mitigation

Availability Digest. Prolexic a DDoS Mitigation Service Provider April 2013

Firewalls and Intrusion Detection

APV9650. Application Delivery Controller

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

Huawei Network Edge Security Solution

Load Balance Router R258V

The Product Description of SmartAX. MT882 ADSL2+ Router

WHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL

Analyzed compe.tors Cisco RadWare Top Layer RioRey IntruGuard. January Cristian Velciov. (+40)

NSFOCUS Anti-DDoS System White Paper

Arbor s Solution for ISP

TP-LINK L2 Managed Switch

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

HP Intelligent Management Center v7.1 Network Traffic Analyzer Administrator Guide

1. Firewall Configuration

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT

Cisco Intrusion Prevention System Advanced Integration Module for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Quidway AR 18-1X Series Router Datasheet

Gigabit Multi-Homing VPN Security Router

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL5428E.

THUNDER TPS Next-generation DDoS Protection

DCRS-5960F Dual Stack 10G Ethernet Optical Routing Switch

CS5008: Internet Computing

SHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper

Firewall. User Manual

McAfee Network Security Platform A uniquely intelligent approach to network security

CaptIO Policy-Based Security Device

Securing Networks with PIX and ASA

INDIAN INSTITUTE OF TECHNOLOGY BOMBAY MATERIALS MANAGEMENT DIVISION : (+91 22) (DR)

SVN5800 Secure Access Gateway

DDoS Protection on the Security Gateway

S5700-LI-BAT Switch Brochure

CloudEngine 5800 Series Data Center Switches

How To Stop A Ddos Attack On A Website From Being Successful

McAfee Network Security Platform A uniquely intelligent approach to network security

[Restricted] ONLY for designated groups and individuals Check Point Software Technologies Ltd.

McAfee Network Security Platform A uniquely intelligent approach to network security

Flow Analysis Versus Packet Analysis. What Should You Choose?

Application Delivery Testing at 100Gbps and Beyond

FortiDDoS. DDoS Attack Mitigation Appliances. Copyright Fortinet Inc. All rights reserved.

Huawei One Net Campus Network Solution

Introducing FortiDDoS. Mar, 2013

Transcription:

Data Sheet DPtech Anti-DDoS Series DPtech Anti-DDoS Series Overview DoS (Denial of Service) leverage various service requests to exhaust victims system resources, causing the victim to deny service to its customers. DDoS (Distributed Denial of Service) grows rapidly with the rise of botnet, featuring with simple attack methods, great influence and difficulties in trace. Botnet consists of thousands of hijacked computers and provides bandwidth and hosts for DDoS attacks, it will forms a large attack scale and a significant amount of network flows, causing great harm to victims. With the continuous improvement and development of DDoS attack technology, service providers like ISP, ICP, IDC and etc face increasing security and operation challenges. In order to ensure normal network and service operation, service providers must inspect and clean flows before DDoS attacks influence key services and applications. Meanwhile, service providers can make probe and cleaning of DDoS attack flows as a kind of value-added service and get better user satisfaction. Traditional DDoS defense methods use devices based on network layer inspection like firewall, router and etc. But most DDoS attacks adopt with standard protocols during attack, traditional defense methods cannot correctly identify and protect. Meanwhile, firewall and router are not designed for DDoS attack defense. Therefore, it will suffer significant performance degradation and cannot work properly once this feature enables. To solve these technical problems, DPtech releases professional Anti-DDoS Series products against DDoS attacks, which include anomalous flows inspection(probe), anomalous flows cleaning (Guard) and anomalous flows cleaning service management platform. DPtech Anti-DDoS Series products use industry-leading technologies like Parallel Flows Filtering technology, Intelligent Flows Probe technology and able to find all kinds of DDoS threats in the network timely. It allow us to implement fast filtering of attack flows, thus to protect WAN, IDC, etc against massive DDoS attacks effectively. A single-machine processing capability can reach 12Gbps. Page 1 of 7

Series The following are the DPtech Anti-DDoS series product s portfolio. Probe3000-Blade Guard3000-Blade Guard3000-TS Guard3000-GE Guard3000-GA Probe3000-TS Probe3000-GE Probe3000-GA Features Efficient Flows Probe and Cleaning Technology DPtech Anti-DDoS Series not only supports Deep Packet Inspection (DPI), but also analyzes NetFlow / NetStream / SFlow information (DFI) outputted by network devices, thus to deeply identify attack packets hidden in background flows and implement accurate flows identification and cleaning. It adopts advanced distributed multi-core hardware structure and implements multi-device cluster, thus to create over 10 Gigabit anomalous flows cleaning platform. High Availability DPtech Anti-DDoS Series adopts inline or one-arm deployment to defend against DDoS attacks. When adopting one-arm deployment, it implements cleaning on required flows without influences on normal flows in any case. In order to satisfy various networking applications, good adaptability of network protocols supports network layer protocols like ARP, VLAN, Link aggregation, etc. and routing protocols like static route, RIP, OSPF, BGP, policy routing, etc. It supports real-time cleaning on threat flows under online deployment. Multi-layer Security Protection Through static vulnerability attack signature inspection, dynamic rules filtering, anomalous flows rate-limiting and advanced Intelligent Flows Inspection technology, DPtech Anti-DDoS Series implements multi-layer security protection, inspects and blocks various DoS/DDoS attacks and unknown malicious flows at network layer and application layer accurately, such as SYN Flood, UDP Flood, ICMP Flood, DNS Query Flood, HTTP Get Flood, CC attack and etc. Automatic Flows Redirection and Flexible Flows Reinjection Page 2 of 7

When finding DDoS attacks, anomalous flows cleaning device issues BGP updating route advertisement to neighbor s router or switch, redirect victim s flows to DPtech anomalous flows product and cleans them automatically and rapidly. Meanwhile, anomalous flows cleaning product returns clean flows back to users through various methods, such as policy routing, MPLS VPN, GRE VPN, Layer2 pass-through, etc without influences user s normal service flows. Detailed Analysis on Statistical Report For various flows after inspection and cleaning, DPtech Anti-DDoS Series provides rich attack logs and report statistics features for users to understand network flows state, such as flows information before attack, flows information after cleaning, attack flows scale, time and order, etc., and all kinds of detailed report information like attack trend analysis, etc. Typical Model One-arm Deployment: High reliability, inspection Inline Deployment: Simple deployment and cleaning can be deployed centrally and separately without Anomalous Flows Inspection at core layer or convergence layer of service provides device (Probe). MAN, or data center egresses. Specification Page 3 of 7

Table 1 Lists the Hardware Features and Performance of DPtech Probe3000-GA, GE and TS series Probe Item Probe3000-GA Probe3000-GE Probe3000-TS Probe3000-Blade Interface 4xGE SFP, 4xGE 8xGE 8Combo, 16xGE SFP 12xGE SFP, 14xGE, 2xGE SFP+ 12xGE, 12xGE SFP Slot 1 slot - - - CF Card 1GB 2GB 2GB 2GB DDR SDRAM 2GB 8GB 2GB 2GB Dimensions (W D H) 430x261x44 mm 436x360x44 mm 436x470x88.8 mm Blade Type Power Supply 2 2 2 - Rated Voltage Max Current 1.5A 1.8A 1.8A - Max Power Consumption 150W 150 W 300 W - MTBF 36 years 36 years 36 years 36 years Operating Temperature Relative Humidity 10% to 95% 10% to 95% 10% to 95% 10% to 95% Weight 3.75 kg 5.6 kg 8.2 kg - Table 2 Lists the Hardware Features and Performance of DPtech Guard3000-GA, GE and TS series Guard Item Guard3000-GA Guard3000-GE Guard3000-TS Interface 4xGE SFP, 4xGE 8xGE 8Combo, 16xGE SFP 4xGE SFP+, 2xGE, 4xGE Comboo Slot 1 slot 2 slot 4 slot - CF Card 1GB 2GB 2GB 2GB DDR SDRAM 2GB 8GB 16GB 2GB Guard3000-Blade -S 12xGE SFP, 12xGE Dimensions (W D H) 430x261x44 mm 436x360x44 mm 436x510x88 mm Blade Type Power Supply 2 2 2 - Rated Voltage Max Current 1.5A 1.8A 1.8A - Page 4 of 7

Item Guard3000-GA Guard3000-GE Guard3000-TS Max Power Consumption 150 W 150 W 300 W - MTBF 36 years 36 years 36 years 36 years Operating Temperature Relative Humidity 10% to 95% 10% to 95% 10% to 95% - Weight 3.75 kg 5.6 kg 22 kg - Guard3000-Blade -S - Table 3 Lists the Feature of DPtech Anti-DDoS series Item Description Deployment One-arm deployment and inline deployment Attacks CC attack, DNS Query Flood, SYN Flood, UDP Flood, ICMP Flood, HTTP Get Flood, Land, Smurf, Fraggle, WinNuke, Ping of Death, Tear Drop, TCP flag anomaly, address scanning, port scanning and etc Inspection NetFlow/ NetStream/ SFlow protocol based deep flows inspection method (DFI) Deep Packet Inspection (DPI) Redirection BGP redirection Clean Flows Reinjection Policy routing, MPLS VPN, GRE VPN, two layers pass-through and etc Management Web GUI, SSH and serial port console Centralized management platform Ordering Information Hardware List Part Number Model Description Remarks 02050066 DPtech Probe3000-GA Double AC Power Host Required 02050374 DPtech Probe3000-GE Double AC Power Host Required 02050065 DPtech Probe3000-TS Double AC Power Host Required 02050072 DPtech Guard3000-GA Double AC Power Host Required Page 5 of 7

02050352 DPtech Guard3000-GE Double AC Power Host Required 02050343 DPtech Guard3000-TS Double AC Power Host Required Interface Module and Transceivers Part Number Interface Module Remarks 02010023 4-Port 1000M Ethernet Electrical Interface Module Optional 02010036 4-Port 1000M Ethernet Optical Interface Module Optional 02010005 1000BASE-SX SFP Transceiver, Multi-Mode (850nm, 550m, LC) Optional 02010004 1000BASE-LX SFP Transceiver, Single Mode (1310nm, 10km, LC) Optional 02000013 1000BASE-LH40 SFP Transceiver, Single Mode (1310nm, 40km, LC) Optional 02010014 1000BASE-LH40 SFP Transceiver, Single Mode (1550nm, 40km, LC) Optional 02010008 10GBASE-SR XFP Module, Multi-Mode (850nm, 300m, LC) Optional 02010018 10GBASE-LR/LW XFP Module, Single Mode (1310nm, 10km, LC) Optional 02010016 10GBASE-ER/EW XFP Module, Single Mode (1550nm, 40km, LC) Optional 02010133 * DPtech 4 Ports 10-GigaBit Optical Interface Module(SFP+) Optional 02010131 * DPtech 8 Ports GigaBit Electrical Interface Module(RJ45) Optional 02010132 * DPtech 8 Ports GigaBit Optical Interface Module(SFP) Optional 02010075 * DPtech SFP+ 10-GigaBit Optical Module,Multi-mode,(850nm,0.3km,LC) Optional 02010078 * DPtech SFP+ 10-GigaBit Optical Module,Single Mode,(1310nm,10km,LC) Optional 02010079 * DPtech SFP+ 10-GigaBit Optical Module,Single Mode,(1550nm,40km,LC) Optional * Only for Guard3000-TS Unified Management Center Part Number Model Description Remarks 02010001 UMC Management Platform Software Required 53010129 DPtech UMC Guard Manager License Required Page 6 of 7

Note: Required indicates that the item described is provided directly with the ordered host. The user does not need to purchase it specially. Optional indicates the item described should be purchased by the user if it is needed. Copyright@2013 Hangzhou DPtech Technologies Co., Ltd. All rights reserved. Statement: DPtech attempts to provide the accurate information for users, but they cannot take any responsibility for the technical error or print mistake, DPtech has all rights to modify the document without any notify or information. Page 7 of 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information