Radware's APSolute Attack Prevention is a combination of Radware's DefensePro appliance, APSolute Vision for threat management including reporting and management, and the Emergency Response Team service. The combination of the three services and products packages the necessary components for attack management. As more data us housed and accessed from off-site locations, the need to protect data over the WAN is critical.
The problem is that the WAN is changing from fixed point-to-point connections to dynamic connections from hosts and networks near and far. The increased use of web services and cloud services for applications and storage compounds the issue. Often, upper management is unaware of the problem or think they are adequately protected. The upshot is that your WAN usage is evolving and your security strategy needs to evolve along with it.
Securing the WAN is not new. Virtual private networks that encrypt network-to-network or host-to-network traffic, such as IPsec and PPTP, have been in use for years. The VPN traffic is protected from prying eyes while other side effects, such as hiding non-routeable IP addresses from the Internet, are an additional benefit. However, the threats and attacks that are hitting today's organizations occur at applications layers not inspected by firewalls.
"The people at the top have no idea of what the current threat landscape is like. In fact, when my branch tried to report an intrusion to headquarters, we were told that such a thing could not have happened because the company has a firewall. The level of ignorance is actually stunning," an IT administrator lamented in a response to our 2010 InformationWeek Analytics' Strategic Security Survey.
DefensePro integrates intrustion prevention, network behavior anomaly detection and denial of service detection and prevention. DefensePro runs on Radware's OnDemand switch platform and can support up to 12Gb/s throughput. Radware claims that DefensePro can detect and mitigate new threats in real time without impacting legitimate traffic and without human intervention. While that sounds great, we'd recommend having a person review the event anyway just to make sure the attack is valid.