Application-layer DDoS detection

New capability enables organisations to obtain multi-faceted protection against distributed denial-of-service attacks.

  • 11 years ago Posted in

Lancope, Inc. announces new application-layer detection for distributed denial-of-service (DDoS) attacks as part of its StealthWatch® System 6.4. Combined with existing functionality for identifying volumetric DDoS attacks, the new capability enhances enterprise protection from this increasingly concerning type of online threat.


“The use of DDoS attacks has increased over the past several years. While the size and duration of volumetric attacks continue to grow, attackers are increasingly using application-layer and encrypted attacks,” said Kerry Armistead, vice president of product management for Lancope. “Today’s organisations must be prepared to thwart attacks on as many fronts as possible. StealthWatch 6.4 includes both application and volumetric DDoS detection to offer customers a multi-pronged approach for identifying and halting DDoS attacks before they disrupt critical operations.”


DDoS is currently playing a key role in hacktivism, and is also frequently used as a cover for more insidious attacks, distracting victims with service outages in order to steal money or confidential data. In fact, 76 percent of surveyed IT organisations that use StealthWatch for security forensics were influenced to acquire the system because of its DDoS detection capabilities.


StealthWatch 6.4 extends Lancope’s DDoS detection into the application layer with the ability to identify and alarm on slow connection floods for HTTP and HTTPS. StealthWatch also enables organisations to detect the source of volumetric DDoS attacks by alarming on unusually large traffic volumes, providing a comprehensive strategy for protecting corporate and government resources from these rising attacks.


To effectively prevent large-scale DDoS attacks, organisations require not only mitigation solutions, but also network visibility tools that can make sense of the fog that rises during a denial-of-service attack. StealthWatch provides organisations with:
• Layered DDoS protection
• A simplified DDoS workflow
• Small-volume, application-layer DDoS detection
• Highly scalable DDoS identification
• On-premise DDoS detection to augment carrier detection and provide local visibility and control
• Dashboards, analytics and reporting for early warning
• Forensic data for post-mortem analysis


By collecting and analysing NetFlow, IPFIX and other types of flow data from existing infrastructure, StealthWatch delivers in-depth network visibility and security intelligence to hundreds of governments, enterprises and service providers around the world. Providing continuous security monitoring across the entire network, StealthWatch can quickly uncover DDoS attacks for expedited incident response, preventing costly service outages. In addition to DDoS attacks, StealthWatch also enables organisations to defend their infrastructure against additional types of threats including sophisticated malware, APTs and insider threats.



 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Palo Alto Networks has introduced Prisma® Cloud 3.0, said to be the industry’s first integrated...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...