HARPP Defense

DDoS Mitigator is the first level of protection of your network against cyber attacks keeping you online and ensuring business continuity with minimal investment.

In addition to state-of-the-art defense functions providing high-level protection to your web and DNS infrastructure by its normalization, protection and protocol-specific security tools, preemptive defense functions are continually active day and night. The DDoS Mitigators all around the world create a wide security intelligence network you can access in real-time which is one of the key-differentiators.

Defense Functions

Normalization IP Spoof scrubbing

Bogon IP scrubbing

Botnet zombie determination

TCP/IP protocol anomaly scrubbing

Packet defragmentation

DOS/DDOS packet generator tool blocking

Traditional DOS/DDOS tools blocking

(Teardrop, Land, smurf, fruggle, winnuke,

ping of death, oversized ICMP vb.)

URPF

Automatic aggressive session time-out

Mitigation/Prevention Time-out based on attack magnitude

Rate limiting

Packet dropping

IP/Network/Country blocking

Ability to give automatic access, only to

specific countries, white list, dynamicaly

produced frequent users, in case of

an emergency level exceeded

Challenge-Response Page

Protocol-Specific

Methods

Robot detection and prevention methods

for TCP, UDP and DNS protocols

Preemptive Defense Functions

Coordinated

Mitigators

Coordination of associated DDOS Mitigators

State, alarm, data, log sharing

Automatic ISP notification

IP reputation feedbacks

Setting Trap IP and port

Individual

Mitigators

IP reputation feedbacks

Automatic ISP notification

Setting Trap IP and port

Case Evidences & Forensic Analysis

Attack Lists Chronologic attack list

Chronological subattack list

Attack filtering by

– interfaces

– attack type

– attack duration

– the beginning of the attack

– the end of the attack

Block IP Lists Searchable Blocked IP lists
Case Evidences Case evidence log file

Ability to work on evidence logs on

management screen

Ability to download evidence log file(pcap)

Attacker IP List

Filtering of block lists Filtering current blockages list by

– attacker IP

– attacker country

– attack type

– the beginning of blockage

Alarms E-mail/SMS notification

Attack report e-mail

Customizable alarms