APSolute Immunity: Your Business’ Clear Choice for Proactive Network Security

Extend Your Protection to Both Known and Emerging Attacks

Radware’s DefensePro™ is a real-time Intrusion Prevention System (IPS) that maintains your business continuity by protecting your IP infrastructure against existing and emerging network-based threats that can’t be detected by traditional IPS’ such as: application misuse threats, SSL attacks and VoIP service misuse.

DefensePro features full protection against vulnerability-based threats through proactive signature updates, which safeguard against already known attacks including worms, Trojans, Bots, SSL-based attacks and VoIP threats. Unlike market alternatives that rely on static signatures, DefensePro provides unique behavioral-based and automatically, generated real-time signatures that prevent non-vulnerability-based threats and zero-minute attacks such as application misuse attacks, server brute force attacks, application and network flooding. And, DefensePro accomplishes this all, without blocking legitimate user traffic and without the need for human intervention.

With a pay-as-you-grow license upgrade approach and ease of management through ‘hands-off’ security features such as no-configuration and self-tuning, DefensePro is the industry’s leading IPS for best functionality, maximum affordability and ease of management.

APSolute Immunity: Real-Time Signatures Provide Protection against Real-Time Network Attacks

DefensePro is the industry’s first solution to provide unparalleled security by offering adaptive, behavior-based protection capabilities at client, application server and network levels. It immediately identifies and mitigates a wide range of network attacks (including non-vulnerability threats and zero-minute attacks) by automatically generating real-time signatures. The real-time signature "engine" is an adaptive multi-dimension decision engine that deploys fuzzy logic technology for accurate attack detection and mitigation without blocking legitimate user traffic.

Adaptive Decision Engine

DefensePro’s behavior-based, self-learning mechanism proactively scans for anomalous network, server and client traffic patterns. When detecting an attack, DefensePro characterizes the attack’s unique behavior, establishes a real-time signature and creates a blocking rule. A closed feedback mechanism dynamically modifies the signature characteristics as the attack unfolds and mutates, protecting against even the most sophisticated attacks with a high degree of accuracy. DefensePro is unique in its ability to rapidly and accurately distinguish between three broad categories of behavior: legitimate normal traffic, attack traffic and unusual patterns created by legitimate activity.

A Solution for Every Need

As an in-line intrusion prevention, DoS protection and traffic-shaping solution, DefensePro is designed for core and perimeter deployments for the protection of internal enterprise data centers, eComemrce sites and service provider hosting / colo data centers. It offers a wide range of defense capabilities including:

• Vulnerability-based attack protection (e.g., worms, Trojans, Bots, and SSL-based attacks)
• Non-vulnerability threats and zero-minute attack protection (e.g., application misuse attacks, server brute force attacks, and application and network flooding)
• Encrypted SSL attack protection
• VoIP infrastructure protection
• Access control
• Bandwidth management

On Demand IPS Scalability

Radware is the first to offer on demand IPS scalability across its line of IPS models, which range from 100 Mbps all the way up to 8Gbps. The line is complemented by Radware’s set of behavioral protection products, which range from 4 Gbps up to more than 12 Gbps of throughput to offer the highest performance available. An initial deployment of an IPS can use the IPS model that supports the throughput the business currently requires. When the business grows or network bandwidth grows, the business can simply upgrade the IPS to a higher bandwidth product model by applying a software license key. There is no need for hardware replacement, configuration conversion, lab testing, staging or training.

The on-demand IPS scalability offers clear benefits:

• Buying what is needed. The business saves on CAPEX by avoiding overspending on the IPS solution when trying to size future network growth.
• Paying as the business grows. The business requires no forklift upgrade when the network bandwidth needs to increase. In addition, upgrading to the next DefensePro model occurs without service downtime.

Key Business Values

• Maintains business Continuity of Operations (COOP) even when the network is under attack
  • Maintains critical application availability while under attack
  • Blocks attacks without blocking legitimate user traffic
• Best security coverage
  • Real-time protection from non-vulnerability-based attacks, zero-minute attacks, SSL-based attacks and VoIP service misuse
  • Vulnerability-based signature detection engine with proactive signature updates for preventing known application vulnerability exploitations
• Accurate attack detection and prevention – extremely low false-positives due to:
  • Real-time signature is generated per attack pattern only, using up to 20 different parameters
  • Closed feedback mechanism optimizes the real-time signature based on the ongoing attack’s evolvement / mutation and removes the signature when the attack is over
  • Vulnerability-based signatures are tested extensively at real customer beta sites
• Reduces total cost of ownership (TCO) of security management
  • Full investment protection and extended platform life time provided based on pay-as-you-grow license upgrade scalability; delivers highest ROI and CAPEX investment protection
  • Increased savings on OPEX through a self learning, self adapting system that requires minimum configuration and is maintenance free
  • Seamless integration into the network environment

Insite Centralized Management and Reporting

Radware’s Insite provides the management interface for all APSolute products, including DefensePro. With features that enable centralized device configuration, monitoring and reporting, Insite management solution increases visibility and control of network security.