NETSCOUT’s Arbor Edge Defense (featuring ATLAS Intelligence Feed)
Photo Gallery
NETSCOUT’s Arbor Edge Defense (featuring ATLAS Intelligence Feed)
Additional Info
Company | NETSCOUT |
Website | https://www.netscout.com/ |
Company size (employees) | 1,000 to 4,999 |
Headquarters Region | North America |
Overview
As revealed in NETSCOUT’s latest DDoS Threat Intelligence Report, there has been a tenfold increase in DDoS attacks since 2005. Additionally, attacks are evolving in sophistication and dynamically adapting to counter network defenses, frequently switching methodologies or threat vectors mid-attack until they are successful. To help organizations adapt to this new reality, NETSCOUT updated its Arbor Edge Defense (AED) system with advanced machine learning-based adaptive DDoS protection capabilities.
Arbor Edge Defense (AED) is an inline security appliance deployed at the network perimeter (i.e., between the internet router and network firewall) to provide an additional cyber defense layer. With the latest updates, AED is backed by real-time insights from the ATLAS Intelligence Feed (AIF), an unmatched global sensor network with visibility into 400 Tb/s of international transit traffic received 24/7 from 214 countries and territories, 456 vertical industries, and 13,000+ autonomous system numbers (ASNs). Additionally, NETSCOUT’s skilled security research and DDoS attack mitigation team, known as ASERT, has trained the machine learning models integrated into AED to autonomously identify and thwart up to 90% of DDoS attacks, similar to how a trained expert might personally manage defenses. ATLAS AIF also maintains real-time updates on the IP addresses of bots and amplifiers actively engaged in DDoS attacks worldwide.
Based on NETSCOUT’s relationships with hundreds of internet service providers worldwide, real-time visibility into global DDoS attack activity, and decades of mitigation experience, AED can now more easily recognize and prevent even the most highly sophisticated, dynamic and multi-vector, DDoS attacks before they take down critical systems.
Key Capabilities / Features
When an Indicator of Compromise is blocked, AED leverages NETSCOUT’s global threat intelligence capabilities to provide more context related to the indicator, thus helping security teams determine risk and give them more information to proactively hunt for the source of the infections.
AED can automatically detect and stop inbound application layer, TCP-state exhaustion, and DDoS attacks as large as 40 Gbps. In the event of even larger DDoS attacks, AED’s Cloud Signaling automatically reroutes traffic to Arbor Cloud or an MSSP’s cloud-based mitigation center.
AED’s robust REST API, support for Syslog, Common Event Format (CEF), Log Event Extended Format (LEEF), and STIX/TAXII enable AED to integrate with existing security technologies and processes.
By continually identifying current active attackers using our unique worldwide ATLAS DDoS attack data and identifying current active hosts that are part of DDoS botnets, ATLAS Intelligence Feed enables our products to detect and block inbound DDoS attacks quickly, automatically, and accurately without the risk of false positives that can come from non-human curated automation operating in software alone.
ATLAS Intelligence Feed identifies known active sources of Internet vulnerability scanning and brute force exploit attempts, as well as other bulk commodity threats.
How we are different
AED occupies a unique position on the network edge, serving as the first and last line of defense, where it blocks inbound cyber threats (e.g. DDoS attacks, brute force attacks) and outbound malicious communication from compromised internal devices. It protects and reduces the load on firewalls, load balancers, or VPN concentrators and stops the proliferation of malware within an organization.
In the event of a large volumetric DDoS attack, AED’s cloud signaling feature integrates with cloud DDoS protection providers, including NETSCOUT’s Arbor Cloud, to intelligently and automatically coordinate attack response between cloud-based volumetric protection and AED’s on-premise adaptive DDoS attack protection.
The superior performance of AED and its key features have been recognized by leading analyst firms and with industry awards. In a Forrester Total Economic Impact™ (TEI) study conducted in 2023, Forrester found that implementation of AED can save organizations an average of $4.7 million from improved DDoS protection against business losses in only three years and saves network engineers and security analysts over 2,000 hours of troubleshooting.