Check Point DDoS Protector

On June 26, 2012 the Check Point Software Technologies company provided the line of devices developed for fight against the attacks like "the distributed failure in service" (DDoS). New DDoS Protector devices provide multilevel protection and capacity to 12 Gbytes / with that will allow the companies to prevent the broadest spectrum of DDoS attacks.

DDoS attacks represent attempts to put out of action network services of the organizations by generation of the raised traffic in a system from different sources. Cybercriminals arrange an avalanche attack to specific networks, loading them with traffic or sending numerous inquiries which completely will paralyze network functioning. According to results of the last research of Ponemon Institute company, cybersecurity specialists estimate DDoS attacks as the most serious danger, and in the USA they are considered as problem number one.

The line of DDoS Protector devices provided by Check Point company provides to the organizations protection, blocking main types of the attacks, including "network floods", "server floods", the DoS-attacks at the level of applications and also the attacks like "low-and-slow". New products will help clients with formation of multi-layer system of the protection based on the advanced sensors and prevention of the attacks including the following components:

Protection against network attacks and excessive traffic:

• Behavioral DoS is protection against TCP, UDP, ICMP, IGMP and fragmentary DDoS attacks due to their detection.
• DoS Shield is the protection against the known DDoS attacks based on use of the standard and user filters limiting speed within certain templates.
• SYNProtection is blocking of the DoS-attacks masking under SYN, way of restriction of speed of synchronization for the protected servers.
• Black List is blocking of the standard attacks due to classifications of a source address of L3 and L4.
• Connection Rate Limit is blocking of unsupported protocols (not DNS or HTTP) and the avalanche attacks at the level of applications by installation of a threshold of speed.

Protection against DDoS attacks on the basis of applications:

• SYN Protection and Web Challenge — the protection against the DoS-attacks on HTTP connection based on restriction of speed of synchronization for the protected servers.
• Behavioral DNS Protections is blocking of the DoS-attacks based on DNS queries by detection due to restriction of speed in service area of DNS and use of requests answers of DNS.
• Behavioral HTTP Protections ("HTTP Mitigator") is blocking of the DoS-attacks on HTTP connections and the attacks affecting their capacity by the adaptive analysis of behavior of HTTP traffic.

Protection against the DoS/DDoS-attacks in specific areas:

• Reflection of DoS-and DDoS attacks requiring certain criteria of filtering. Flexible configurations of filtering allow to run for search of specific templates in each packet and also to analyze and block the attacks using quickly defined means of protecting.

Devices of protection of DDoS attacks are installed outside the corporate gateway and neutralize DDoS attacks before those reach security gateways. Devices are integrated with Check Point management system that provides a uniform point of control of security and monitoring of security violations. Thanks to program blades of SmartEvent, SmartLog and SmartViewTracker clients of Check Point have an opportunity to control a current status of security and also have access to history of security of the company.

DDoS Protector devices were developed by Check Point together with Radware company, the supplier of applications and solutions for protection of virtual and cloud data processing centers. The line of DDoS Protector contains seven models providing low latency, high high-speed performance and density to 16 ports. Thanks to superquick response the DDoS Protector device is capable to block a broad spectrum of the attacks in read seconds, at the same time it easily adapts under the specific network environment. Clients of Check Point company have an opportunity to use the round-the-clock technical support and services of special group of rapid response.