“The three main pillars of Information Security are: availability, confidentiality and integrity. The DDoS attack aims exactly on the availability pillar. However, denying the access to the service. While at the same time being able to cause severe damages for a Company or even paralyze essential activities of government agencies.”
Excerpt taken from the article: PROACTIVE APPROACH TO NETWORK MONITORING AGAINST DDOS ATTACKS
The TRAFwatcher by Telcomanager performs exactly stopping the success in service denial attacks. The TRAFwatcher is a module that functions together with the TRAFip helping in the detection of threats in your network. The version 9.2.0 has come with innovations, making the TRAFwatcher even more clever and automatic.
AUTOMATICITY OF THE MITIGATION OF ATTACKS
The TRAFwatcher will be capable of taking care of your network automatically with the automatic realization of the mitigation of attacks. In the configuration of the filter of threats, it will be possible to choose between manual or automatic execution.
With the mitigation enabled, the TRAFwatcher will be capable of detecting and divert the suspected traffic without the need of direct interaction from the user. The system will carry out the analysis in accordance to threat profiles which can be associated to the subnetworks desired.
The profiles of threats can be configured for detecting traffic above a defined limit. As well as, detecting attacks, such as: SYN flood, ICMP flood, DNS amplification, SNMP amplification, NTP amplification and attacks on the 0 door.
THE TRAFWATCHER WILL LEARN JUST LIKE YOURSELF
With the objective of reducing the false positives rates, the system will allow for the user to set easily the traffic, wrongly considered as suspect, such as false positives directly from the summary table of the latest threats.
Under your guidance the TRAFwatcher will learn incrementally about your network. In case some traffic is considered improperly a threat, a single click is enough to mark it as false positive.
The tagging as false positive will teach the system not to detect the traffic indicated as a threat anymore. Therefore, guaranteeing the evolution of the precision of the TRAFwatcher. Consequently, making it more trustworthy increasingly regarding the detection of attacks attempts of denial of service.
ENSURING THE FUNCTIONING OF THE THREATS FILTERING
The TRAFwatcher allows you to make it more independent for filtering threats. Thus closing the BGP session with the routers directly with the system. Guaranteeing the announcement of IP addresses in the black hole list.
Imagine a network under a DDoS attack? Probably it won’t be an easy task to send data through the infrastructure. Consequently, the TRAFwatcher needs to guarantee the success of the application of the filter of threats without depending directly from your communication with another device at the moment of the execution of the script.
Thus, the TRAFwatcher will be capable of stop the attack even in the most adverse scenarios. Guaranteeing its availability and providing more tranquility for the network administrators.
In this way, there are no doubts about the importance of investing on network management. In this same manner, bringing not only benefits to the network visibility but also being a complementary way to seek for the prevention of problems that might cause the dropping of network services.
Thinking of that, Telcomanager present in the market since 2002, and a leading Latin America brand in the sector of software for managing networks. Also counting with a unique and innovative technology, deploying smart solutions in the monitoring of data that will provide a stratified vision of the traffic, is now allowing your Company to follow the most important aspects of your network, in real time.