What’s New in NSFOCUS’s Anti-DDoS Solution in 2020

What’s New in NSFOCUS’s Anti-DDoS Solution in 2020

April 7, 2020 | Mina Hao

If you are clueless about DDoS prevention in 2020 and do not understand why customers choose to adopt NSFOCUS’s anti-DDoS solution, you have to read the following contents carefully to find the answer. In 2020, ADS/NTA/ADS M V4.5R90F02 is about to be released with new functions which will enable you to win bids, upgrade your protection, and simplify your O&M. So, read on to find out what they can do for you.

Protection Upgrade — Protection Specific to Mobile Apps

Scenario

  • Customers provide the mobile app business, which will develop in a sustained manner.
  • Customers are seeking suitable anti-DDoS solutions due to intense competition in the industry.

Target Customers

Bank, securities, gaming, Internet, and other sectors with business that requires high reliability.

Function Highlights

  • Traffic sources are distinguished for differentiated algorithm-based protection. For most customers, PC traffic and mobile traffic shares one host IP address. Besides, most of security products group destination IP addresses together to form protection groups. Therefore, PC traffic and app traffic on one host are secured with the same algorithms, making differentiated protection impossible. ADS V4.5R90F02 can distinguish request sources and protect them with different algorithms, thus accurately filtering traffic to handle mixed attacks in an all-round manner.
  • Protection algorithms are specially designed to deal with new forms of DDoS attacks against mobile apps. Currently, customers frequently suffer DDoS attacks launched via malicious bulk download of mobile apps. As mobile apps and services on PCs are designed with different frameworks, different protection functions should be available to adapt to their frameworks. Our precision app protection algorithms can rapidly handle new kinds of attack while well adapting to a wide variety of mobile apps. In this way, our anti-DDoS solution can protect customers’ business in an all-around way.

Accompanied by the robust development of mobile apps are new forms of DDoS attack. Providing different automated DDoS protections for traffic sources can speed up responses to new types of attack, truly ensuring business reliability. ADS’s precision protection reflects NSFOCUS’s forward-thinking prediction of the market development trend.

Easier O&M — Protection Visualization

Scenario

  • Hearing that the network speed is slow, customers wonder whether DDoS attack occur.
  • As the CPU usage or memory usage of the server keeps increasing, the O&M personnel would like to see how much traffic ADS has dropped.
  • As the current protection results are not satisfactory, engineers want to check whether all policies are enabled for protection or whether some need to be adjusted manually.
  • After policies are enabled for protection, the O&M personnel want to check whether there are misconfigured policies that cause false positives and, if yes, will disable those policies.

Target Customers

Customers with requirements for DDoS monitoring, logs, and reports.

Function Highlight

  • The cleaning process is visible, lifting customers out of the dark. On the web UI of ADS M, users can query a destination IP address or a protection group to see which policies are being used to filter traffic, thus having a grasp of the protection progress and quickly learning attack types.
  • Policy statistics are available, providing a reference for policy adjustment. Data statistics will be generated for each policy that will work on traffic, showing how much traffic has been dropped based on a policy. Checking those statistics, O&M personnel can determine whether new policies have taken effect, whether a policy fails to be triggered because of too high thresholds, or whether false positives result from a too low threshold or a misconfigured algorithm.
  • A clear tangible value is delivered to customers, which is a highlight compared with products from competitors. Customers thirsting for protection visualization tend to address monitoring requirements by resorting to third-party interfaces and self-developed platforms. However, those self-developed platforms often fail to provide satisfactory monitoring results due to their insufficient understanding of data. Most security vendors in China limit their visualization efforts to presentation of traffic statistics and reports. By contrast, NSFOCUS’s anti-DDoS solution goes one step further to visualize the defense process and O&M response, making it a better choice for customers who are seeking practical products that deliver an intuitive user experience.

This function has been implemented on ADS M. Enhanced visualization contributes to better O&M experience and higher product values.

User Experience — Demonstration of Captured Packets

Scenario

  • DDoS protection
  • Troubleshooting

Target Customers

O&M personnel, engineering personnel, and testing personnel of ADS

Function Highlight

  • Operations are streamlined to facilitate O&M. For ADS of earlier versions, users first need to download a packet capture file to a local disk drive and then open it with third-party software. The whole process is so cumbersome. To reduce the O&M complexity, ADS V4.5R90F02 allows users to open a packet capture file on the web UI to extract critical information for troubleshooting and problem location.
  • Protection policies can be generated rapidly, which reveals ADS’s great potential for protection.
  • Based on key contents in packets, users can generate protection policies such as blocking sources IP addresses and extracting fingerprints. This improves the protection efficiency and reduces misoperation risks. Besides, this function will continue to be optimized by improving the defense statistics capacity and policy association.

In addition to the preceding functions, ADS/NTA/ADS M V4.5R90F02 also provide a slew of important updates concerning account privilege customization, URL-related traffic monitoring and protection, and flow data status monitoring, as well as GeoIP library updates, to address compliance requirements and adapt to new scenarios. We will give detailed accounts of all these new functions during version release training. Stay tuned.