Anti-DDoS Tool Keeps Networks Running

By Chris Gonsalves  |  Posted 2002-02-19

Distributed denial of service specialist Reactive Network Solutions Inc. later today will release a new version of its flagship FloodGuard product with a new graphics interface and a beefed-up ability to handle high-speed traffic.

The improvements bolster the vendors anti-DDoS tool, which is made up of hardware detectors and a software management system that sits in parallel to enterprise routers to detect, then mitigate, DDoS attacks. The system can be set to alert a network operator of an incoming attack or can be programmed to control the router automatically, filtering out the bad traffic while leaving the target site up and running. Because FloodGuard is not an inline device, the tool is less invasive than most anti-DDoS products and doesnt represent a point of failure for network traffic.

Reactive officials will be demonstrating the enhanced FloodGuard 1.5 at this weeks RSA Conference in San Jose, Calif.

"Were talking about something that should be a real concern to everyone, though not many are talking about it yet," said Reactive Network President Edward Komissarchik. "I dont understand how people can sleep well at night without bad dreams. The threat of DDoS is an entire order of magnitude higher than our capacity."

The new FloodGuard user interface simplifies both provisioning and reporting over the previous version, according to Reactive officials. FloodGuard now also handles 2.5GB Ethernet speeds with support for up to OC48 links, officials said. The latter improvement should make the product more attractive to large enterprise users, according to Komissarchik.

"Most current FloodGuard users are not taking advantage of the automated router control," Komissarchik said. There is still some evangelizing to do on that point. "Theyre still a little scared about giving up that control," he said. "Once they see that we can stop an attack without shutting down the network, things will improve in that area."

FloodGuard currently works with Cisco Systems Inc. routers and can be customized for other gear in a case-by-case basis, officials said. Out-of-box support for other routers, including gear from Juniper Networks, should be available in the coming months.

FloodGuard 1.5 is available now. Pricing depends on network complexity. As a managed service, FloodGuard starts at $2,500 per month.

Rocket Fuel