Today we are announcing two major updates to our client-facing dashboard. The first is a major visual overhaul of our existing dashboard views, which also includes new data navigation options. The second is the addition of a new Real-Time screen, which displays live views of incoming traffic, security events and server activity.
The Real-Time display shapes these live statistics to provide accessible and actionable information, allowing instant data-driven response to any unwanted scenarios. In addition to 14 different visualization options, Real-Time monitoring also enables access to up-to-date information about:
- Server availability, response times and load distribution
- Visitor geo-location and IP data
- Visitor types and their user-agents
- List of accessed URLs
- Results of security challenges for each session
Some of the available view options
Leveraging Live Data for Tactical Mitigation
When dealing with security threats, tactical decisions are often as important as your overall security strategy. In this context, real-time reporting is key as it enables intelligent tactical decisions, making the difference between efficient response and just ‘shooting in the dark’.
This is most evident in the case of Layer 7 DDoS threats. Many of these attacks are now evolving into complex multi-vector events, in which the offenders will switch methods on-the-fly and try to take down the target as swiftly as possible – sometimes in as little as a few minutes. To successfully cope with these types of attacks, defenders must be able to keep pace, responding to ‘what is’ instead of ‘what was’, hence providing a relevant response to the attacker’s latest initiative.
Incapsula’s new Real-Time view supports the mitigation process by providing accurate visibility into Layer 7 DDoS attacks, furnishing our clients and our security team with the information they need to instantly respond to any suspicious behavior.For example, a sudden increase in bot traffic from unusual geographic destinationsmay prompt the activation of geo-restriction rules or hardened bot protection. In a similar scenario, if the target is a login page, the site’s operator may opt to use Login Protect to harden access security measures. For more sophisticated Layer 7 threats, which involve browser-based offenders, the user-agent information can support intelligent blocking decisions, to supplement Incapsula’s automated security measures.
These are of course only a few sample scenarios. Still, whatever the situation may be, the ability to gain real time intelligence will always be an ace in the hole.
A chronicle on an actual DDoS event which demonstrated Real-Time Monitoring capabilities
Real-Time Management of Server Infrastructure
Just like with DDoS mitigation, efficient management of high-availability and load balancing processes also depends on access to real-time information and tactical decision-making.
By presenting a live view of server status, network performance and load distribution,Incapsula’s Real-Time Monitoring serves as a natural ‘go to’ tool for any insights into network activity. Using the available view options, the operator can identify potential bottlenecks and provide early response to any abnormalities, including latency and server downtime. For instance, the operator can monitor response times to uncover congested servers and re-route traffic accordingly. An additional option allows the operator to instantly assess load distribution and optimize it for better utilization. Yet another view reports on latest CDN-related activity, showing the most up-to-date response times and traffic distribution information from Incapsula’s data centers.
Just like the recently introduced update to our Load Balancing capabilities, the new Real-Time view leverages Incapsula’s proxy position to accurately monitor and shape Layer 7 traffic flow. Conceptually and technologically, these new features, as well as many more upcoming updates, signify our evolution from the areas of ‘security and acceleration’ into the realm of application delivery. Yet, these new capabilities are not standalones. As evident from the examples above, by bringing something new to the table, each such feature also augments our existing website security and content delivery capabilities,thus providing better value to all of our clients.
Stay tuned. We`ll soon have more exciting news from our R&D team.
Get the latest from imperva
The latest news from our experts in the fast-changing world of application, data, and edge security.