Inbound and outbound DDoS attacks, which aim to overwhelm your network infrastructure and interfere with service availability, are becoming more frequent and sophisticated. So you must defend your data network from them. BSL DDoS Secure is used by mobile, fixed, and cloud service providers worldwide to quickly mitigate volumetric DoS/DDoS attacks and neutralize outbound threats before they impact network service and business continuity
Before Denial of Service attacks can endanger or interfere with your network service, identify and stop them in a matter of seconds. To make sure no threat is overlooked, every packet on your network is examined.
Use full packet analysis, event analytics, and comprehensive attack reporting to look into threats in real time. Receive real- time alerts about attack detection and mitigation.
Automatically identify and stop abusive activity produced by compromised IoT and bot-infected endpoints, as well as incoming and outgoing DDoS attacks
Use BGP Flowspec and RTBH to alert upstream routers and firewalls to prevent massive attacks that could overwhelm your network infrastructure.
With Tbps scalable platforms that maximize uptime and fault tolerance through internal bypass, dual power supply, and high availability, you can defend against the biggest volumetric attacks
By providing DDoS protection services to your clients using a multitenant framework that enables each client to manage and view their own network, you can safeguard your network and boost your earnings.
In order to proactively stop attacks throughout the network, a centralized controller enables real-time sharing of attack information between inline sensors
Whether its on-premises, cloud, hybrid, or virtual deployment, choose the solution that best suits your network and efficiency needs.
A central management controller and a license-activated sensor make up BSL’s DDoS Secure. Sensor detection data and surgical network-level mitigation capabilities are offered by BSL Service Gateways. The Controller automatically generates an attack mitigation pattern and disseminates it to enforcement platforms after evaluating the network data it receives from deployed sensors. Additionally, the Controller console dashboard offers a web GUI for threat intelligence, forensics, and real-time attack visibility.
Network-level DDoS Protection | |
Detection | |
Approach | Inline |
Technology | Behavior Anomaly Detection and ML |
Depth of Traffic Inspection | Inspects entire packet headers and payload from network traffic collected directly from the network |
Supported Networks | Ethernet, VLAN, MPLS, L2TP, IPv4, IPv6 (NW-level DDoS only) |
Types of Events | o High packet rate o Small packet size or large packet size o Fan-in or DDoS (many IPs to one IP); o Fan-out (one IP to many IPs); o Swarms (many IPs to many IPs); o DoS (one IP to one IP) o L3/L4 TCP attacks (SYN, FIN, ACK, RST, invalid flag combinations) o L3/L4 UDP attacks o Zero-day attacks o Long persistent attacks (up to 72h) o Pulsed attacks o ICMP (including echo request, echo reply, unreachable) o L7 HTTP floods o L7 SSL Floods o Attacks involving fragmented packets, truncated or malformed packets o Slow evolving attacks o Low-rate attacks (from 1000 pps/10 Gbps) o Multiple targets attacks o Fragmented packet floods (Frag. UDP Flood, Frag. TCP ACK flood, Frag. ICMP Flood) o IP spoofing attacks o Amplification attacks (DNS NTP, SNMP, LDAP) o Amplification attacks o L2/L3 floods (IGMP, SSDP, CHARGEN, QOTD, BT, Kad) |
Reporting and Forensics | Attack packet logging, in-depth attack pattern analysis, attack details and statistics, Country and ASN |
Web Based UI | Supported browsers: Chrome, I.E., Firefox, Safari |
Notifications | Email, syslog, SNMP, Script |
Integration with SIEM | Yes |
Network Analytics | Yes |
IP Version | IPv4, IPv6 |
Asymmetric Traffic Inspection | Yes |
Protection Groups | 300 |
Mitigation | |
Mitigation Time | 25 seconds |
Mitigation Action | Block, according to dynamically generated pattern |
BGP Blackholing (RTBH) | Yes |
BGP Flowspec | Yes |
Session-Aware Mitigation | Yes |
