Developers: | ServicePipe |
Last Release Date: | 2024/12/17 |
Technology: | IS - Firewalls |
Content |
Main article: Firewall
2024
DosGate 4.0 with fingerprint analysis JA4
Servicepipe has released an updated version of the system to protect the IT infrastructure from DDoS attacks and network threats - DosGate 4.0. It includes improved flexible rule packs and advanced session protection capabilities, including JA4 fingerprint analysis. The company announced this on December 17, 2024.
DosGate 4.0 has become even more flexible in setting up rule packages, and the average time for setting up individual protection profiles for the needs of each particular organization has been reduced to 15 minutes.
In addition, a large architectural refactor of BPF programs was implemented, which optimized the process of generating network instructions. Thanks to it, the actual performance gain was + 25% for large security profiles.
As a result, the solution can more accurately respond to specific threats, including carpet attacks, and minimize the impact of protective measures on legitimate users.
Also in DosGate 4.0, session protection has been improved. It allows you to effectively resist attacks focused on overloading sessions (and not just packet attacks). The session protection module is able to break suspicious sessions and unload, firewalls providing protection against attacks at the connection level. One of the most significant updates in the session protection module is the introduction of JA4 fingerprint analysis. This is a tool for analyzing TLS traffic, which allows you to detect client features not only by initial connection parameters, but also by behavior encrypted within the channel. This allows for more accurate scanners, to identify boats abnormal traffic, and also provides additional opportunities to combat advanced DDoS attacks. Studies conducted in the Servicepipe laboratory showed: JA4, in combination with JA3, provides more complete control over TLS traffic: JA3 is responsible for analyzing parameters in the initial phase of the connection (ClientHello), and JA4 complements it by recording client behavior after the completion of Handshake.
To protect customers from smart bots, DosGate is integrated with advanced botnet feeds. DosGate 4.0, when working with antibot solutions, allows you not only to block threats from top prints, but also to quickly update signature databases, which makes protection even more accurate and relevant.
Every year DDoS attacks are becoming more powerful and more complex, confronting them requires vendors to constantly improve their products to protect against such threats. This is an eternal struggle between a shield and a sword, and the release of this version of our flagship product is another step to increase the protection of domestic business from cyber threats, "said Mikhail Khlebunov, Product Director of Servicepipe. |
Ability to receive detailed retrospective analysis of all locks and authorizations in the last 365 days
Servicepipe has enabled users of DosGate-based solutions to receive detailed retrospective analytics about all locks and authorizations over the past 365 days. The company announced this on March 11, 2024.
DosGate is an Internet traffic management technology to protect IT infrastructure from DDoS attacks and network threats. DosGate-based solutions (DosGate On-prem, Network DDoS Protection, and others) are capable of handling multiple traffic volumes compared to their counterparts thanks to a modular architecture and an advanced countermeasure designer.
Typically, synchronization with other systems, such as SIEM, is required to obtain retrospective data. Now DosGate-based solutions that protect against DDoS attacks have the ability not only to track the retention time of data in dynamic tables (for example, false positive blocking of the IP address of a legitimate user, authorization of a new user, etc.), but also to see the exact time of adding information, analyze past attacks and even more accurately prepare information about incidents at the request of regulators. For example, this option will be extremely useful for financial organizations reporting to the Central Bank on all cyber incidents. The depth of the counter is 1 year, the maximum amount of data stored is 100 million records.
To date, DosGate is the only solution on the world market with such depth of detail. Additional information will allow information security specialists to quickly debug problem cases and adjust system settings even more efficiently than before, "explained Daniil Bobryshev, owner of Servicepipe DosGate. |
The update appeared in DosGate On-prem, and changes will also be made to Network DDoS Protection.
2022: Inclusion in the register of Russian software
The DosGate technology of the Russian company Servicepipe is included in the register of Russian software (entry No. 15575) on the basis of an order from the Ministry of Digital Development of the Russian Federation. The developer announced this on December 21, 2022. According to the software classifier, the technology has the class "Target Attack Detection Tools." The inclusion of the technology in the register will contribute to the import substitution process in the Russian information security sector.
DosGate is designed to protect the IT infrastructure from malicious traffic from large botnet networks, prevent the risks of degradation of services and equipment due to DDoS attacks. The technology allows you to separate parasitic and legitimate traffic, quickly activate traffic filtering rules and ensure the availability of IT resources, including communication channels, network and server equipment.
DosGate protects services using protocols: TCP, UDP, SMTP, FTP, SSH, VoIP. and others. The software has many use cases - from DDoS protection and integration with third-party solutions to global Firewall for a large corporate network. The solution can be integrated into the infrastructure of the organization, into the cloud service. Hybrid installations are also available.