Imperva Blog|Login|中文Deutsch日本語
DDoS Protection Service

Stop DDoS Attacks Before They Reach Your Network

Distributed Denial of Service (DDoS) attacks are more devastating than ever; DDoS attacks in 2013 averaged 2.7 Gbps,1 with many attacks exceeding 50 Gbps of throughput.

SecureSphere Web Application Firewall stops application-layer DDoS attacks, but massive network-based DDoS attacks can still saturate organizations' Internet connections and prevent traffic from ever reaching the organization. The best way to combat network DDoS threats is to block malicious traffic in the cloud--before the attack can take down the network.

DDoS Protection for SecureSphere Extends DDoS Protection to the Cloud

DDoS Protection Service for SecureSphere is a secure, ultra-high capacity service that safeguards organizations from crippling DDoS attacks. DDoS Protection Service for SecureSphere can be deployed quickly and can scale on demand to mitigate multi-gigabit DDoS attacks.

Imperva's experienced security professionals provide on-call, expert assistance and policy tuning in the event of a DDoS attack, providing businesses assurance that their applications will always be available.

Key Capabilities
Stop large-scale network DDoS attacks before they reach your network
Block advanced application DDoS attacks and encrypted HTTPS attacks with exclusive bot mitigation technology
Avoid application outages and brand damage
Protect in minutes with effortless deployment
Leverage real-time 24x7 assistance from Imperva's DDoS security experts
Lower costs by eliminating need to over-provision bandwidth

To learn more, click on the Capabilities tab.


1 "Average DDoS Attack Size Growing Dramatically In 2013, 2.7Gbps In June," Dark Reading, August 2013

Fast, Accurate DDoS Security from Imperva

DDoS Protection Service for SecureSphere offers a complete line of defense against DDoS threats, including network-based attacks, like SYN or UDP floods, and application attacks that target server resources. The service also blocks advanced attacks that exploit application and Web server vulnerabilities, like Slowloris, and it caches Web content to ensure optimum performance, even when under attack. Unique bot-detection technology differentiates real users from automated clients to stop attack sources.

Ironclad Protection Scaling to Stop 350 Gbps Attacks

Powered by Imperva Incapsula, DDoS Protection Service for SecureSphere offers a complete defense against all types of DDoS threats, including network-based attacks like SYN flood, UDP flood, teardrop, and smurf attacks.

DDoS Protection Service for SecureSphere scales on demand to stop the most powerful denial of service attacks in the world. With over a dozen datacenters around the globe, the service can block DDoS traffic before they overwhelm customers’ ISP connections. Anycast routing prevents attackers from taking down a specific cloud datacenter.

With DDoS Protection Service for SecureSphere, customers can rest assured that their applications are always accessible without needing to over-provision Internet bandwidth.

Supercharged Bot Detection Eliminates App DDoS Attacks

DDoS Protection Service for SecureSphere sets itself apart from other DDoS security services by accurately identifying and stopping application DDoS attacks.

DDoS Protection Service for SecureSphere stops known DDoS attack tools like DirtJumper, Hulk, and #RefRef and prevents slow rate attacks like Slowloris from ever reaching protected web servers. Because the service proxies connections and decrypts SSL traffic, it can stop SSL-based attacks that circumvent many ISPs’ DDoS mitigation services.

The single most important technology powering this DDoS protection service is an advanced bot mitigation engine. Virtually all DDoS traffic originates from automated clients. This service can detect automated clients based on behavior and user agent information. It can recognize when a bot claims to be well-known browser, but deviates from expected browser behavior. It can spot mismatched user agent data, HTTP requests that are too fast, and other attributes that expose bots. And it can issue a series of challenges, starting with JavaScript checks and ultimately concluding with CAPTCHAs to correctly stop automated DDoS clients without blocking legitimate users.

Fast, Easy Deployment

DDoS Protection Service for SecureSphere can be rolled out without any hardware, software or Web application changes. When customers are under attack, they simply change their website’s DNS settings. This effortless deployment allows customers to be protected in a matter of minutes while maintaining their existing hosting provider and application infrastructure.

Centralized Attack Analysis

The Imperva Security Operations Center (SOC) protects Web applications using collective knowledge about DDoS threats, including new and emerging attack methods. The Imperva SOC aggregates information across the entire service network to identify new attacks as they happen and to detect known malicious users. Based on this aggregated information, mitigation rules can be applied in real-time across all protected Websites.

Affordable DDoS Protection

While every organization wants to ensure maximum application uptime, remediating DDoS risks on-premise—by over-provisioning bandwidth and deploying additional routers, switches, and security devices—can be cost-prohibitive for many. DDoS Protection Service for SecureSphere offers an economical insurance plan against DDoS attacks. Businesses can avoid purchasing multi-gigabit Internet connections and eliminate additional capital and operational outlays. DDoS Protection Service for SecureSphere is the smart choice to avoid the disruptive downtime, lost revenue, and brand damage associated with DDoS attacks.

World-class DDoS and Security Expertise

DDoS Protection Service for SecureSphere provides organizations with continuous monitoring by knowledgeable and adept Security Operations Center (SOC) engineers. By subscribing to this service, organizations can leverage a dedicated team of DDoS security experts. DDoS Protection Service for SecureSphere provides the following services when a DDoS attack occurs:

  • Proactive security event management and response
  • Continuous, real-time monitoring
  • Adept policy tuning
  • Summary attack reports
  • Around-the-clock support

Hybrid Cloud and On-Premise DDoS Security

The DDoS Protection Service for SecureSphere complements the capabilities of the market-leading SecureSphere Web Application Firewall. While SecureSphere prevents application DDoS attacks, attacks designed to overwhelm an organization’s Internet connection are best mitigated before they reach the network. DDoS Protection Service for SecureSphere, a cloud-based offering, can scale on demand to filter up to 350 Gbps of DDoS traffic—much greater than enterprises’ network connections and it includes real-time, hands-on management and monitoring from the Imperva SOC.

With Imperva, customers receive on-site and cloud-based DDoS security from a single vendor.

DDoS Protection Service Specifications


Specification Description
Security
  • Network and application DDoS attack protection
  • Bad bot blocking
  • Access control by country
  • Access control by visitor type
  • Advanced security actions
  • Security rule fine tuning
  • Support for HTTPS Sites
  • Threat Control dashboard
Performance
  • Globally distributed network
  • Static and dynamic content caching
  • Connection optimization
  • Dynamic content compression
  • Content minification1
Managed Security Service
  • Around-the-clock health monitoring
  • Threat alert email notifications
  • Performance notifications
  • Server outage notifications
  • Application response time analysis
  • Proactive security event management and response
  • Proactive policy tuning
  • Weekly reporting
  • Around-the-clock support
DDoS Attack Protection
  • Slowloris
  • Pyloris
  • R.U.D.Y.
  • THC-SSL DDoS
  • TCP SYN+ACK
  • TCP FIN
  • TCP RESET
  • TCP ACK
  • TCP ACK+PSH
  • TCP Fragment
  • UDP
  • ICMP
  • IGMP
  • HTTP Flood
  • Brute Force
  • Connection Flood
  • Spoofing
  • DNS flood
  • Mixed SYN+UDP or ICMP+UDP flood
  • Ping of Death
  • Smurf
  • Reflected ICMP and UDP
  • Teardrop
  • Zero-day DDoS attacks
  • DDoS attacks targeting Apache, Windows or OpenBSD vulnerabilities
  • DDoS attack tools like LOIC, HOIC, #RefRef, Hulk, Dirt Jumper
  • As well as other attacks...

1 Eliminating unnecessary application code such as white spaces and comments.