Radware Attack Mitigation System Fights Multiple Threats in Real Time

Radware AMS offers anti-DoS, IPS, Web application firewalls, SIEM, reputation engines, signature detection and network and application behavioral analysis in a single product.

Radware's latest anti-attack system is designed to help organizations detect and defend against attacks in real time.

The Radware Attack Mitigation System offers both attack detection and mitigation technologies on a single platform, Radware said Sept. 21. The system protects application infrastructure to prevent network and application downtime, application vulnerability exploitation, malware spread, information theft, Web service attacks and Web defacement, Ron Meyran, director of product marketing at Radware, told eWEEK.

With the Radware AMS, security professionals can identify bots that imitate real user application transactions and block them in real time. The AMS scrutinizes what is happening on the network and uses challenge/response techniques to block malicious traffic without accidentally dropping legitimate activity

"Recent cyber-attacks proved that businesses need to plan for the worst case," said Avi Chesla, Radware's CTO.

Radware would help organizations fight sophisticated cyber-attacks and advanced persistent threats that probe networks for weaknesses. These modern attacks are hard to fend off because they target multiple layers in the environment, such as the networking infrastructure and applications. Attacks mimic legitimate behavior while attacking multiple points in the network simultaneously, making them harder to block.

"The major advance in new threats has been the level of tailoring and targeting; these are not noisy, mass attacks that are easily handled by simple, signature-dependent security approaches," said John Pescatore, vice president and distinguished analyst at research firm Gartner.

Targeted attacks have three major goals, including denial of service, theft of service and information compromise, according to Pescatore. The "ultimate impact" of these kinds of attacks results in fraud, defacement, identity theft and stolen sensitive data, to name a few of the possible negative outcomes, Meyran said.

Organizations have typically invested in a patchwork of tools and products to defend against attacks, including anti-denial of service, intrusion-prevention systems, Web application firewalls, network behavioral analysis, reputation engines and security information and event management (SIEM), according to Meyran. Radware has combined these attack-detection capabilities with mitigation tools, such as signature detection and network and application behavioral analysis to handle malicious application traffic, he said.

Radware is focusing on a holistic approach that integrates tools and strategies instead of on specific tools that miss the "big picture," Meyran said. Security products deployed individually cannot make context-based security assessments, which is a disadvantage considering attackers are exploiting multiple vulnerabilities in their campaigns. The industry needs to adopt real-time, proactive and attack-mitigation strategies, he said.

"Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats, and not focus on what country the attacks are coming from," Pescatore said.

The AMS is built on Radware's DefensePro network security appliance, AppWall Web application firewall and APSolute Vision application and network security management dashboard. AMS is already available to customers, Radware said. Radware envisions the AMS for online businesses, large enterprises, carriers, data centers and managed service providers, according to Meyran.

Radware will supplement AMS with its Emergency Response Team, a cadre of professional security consultants who are available to customers around the clock.