When a DDoS attack takes place, mitigation response time is key. Cumbersome manual processes that analyze attack vectors and deploy mitigation responses can negatively impact customer SLAs, your reputation and permit attackers to pivot strategies faster than you can keep up. FlowTraq is the DDoS mitigation management glue that connects network intelligence with attack vector mitigation. It provides global network visibility along with near real-time playbook execution. This permits you to analyze and respond to attacks while leveraging the tools you already have in place.
DDoS Mitigation Management is the art of architecting a denial of service defense where all resource exhaustion paths are managed, that allows the operator to be reactive to changing tides, and is measured and correct in all mitigation responses.
An outside-to-in attack demands a different mitigation response than an inside-to-out attack. Attacks that fill the uplinks require a different response than those that do not. Different network topologies require different mitigation architectures. FlowTraq is built to select the right mix of mitigations for each attack.
Compatible with all common flow formats (NetFlow, sFlow, IPFIX), FlowTraq understands the nature of the attack, and how it affects your entire network. Then it picks the optimal combination of scrubbing technology (on-prem, cloud, firewall) to minimize the impact of the DDoS.
One of the biggest challenges with DDoS attacks is that they can take on many forms and be extremely nuanced. The variety of attack vectors require that you maintain a diversity of tools and response techniques. Not surprisingly, there is a lot of strategy and coordination involved, much of which emulates battle tactics. You need generals who consistently maintain visibility of the entire battlefield and frontline defenders who directly thwart the attacks. FlowTraq has been purposely built to provide operational support to both of these job roles. Your generals get the real-time analytic data they need to make good strategic choices. Your frontline defenders get the integration tools needed to support proper execution.
FlowTraq is based on a patented architecture that supports unlimited bandwidth and communication sessions.
You say you are a global organization with dozens of high bandwidth data centers? FlowTraq can provide a single pane of glass for monitoring all of your traffic for suspect activity.
During a DDoS attack, you need to be able to identify what is under attack, where is it coming from, and which attack variations are being used. FlowTraq can quickly provide insight into all resource exhaustion trajectories.
However, FlowTraq goes well beyond providing simple visibility. FlowTraq can also automate the attack vector identification and mitigation processes. For most organizations attack vector identification is a manual chore. Someone in the NOC or SOC sees an alert gets triggered. They then analyze what triggered the alert by digging through additional data metrics or packet captures. Once the attack vector is identified, the operations person must move to mitigate the attack. This is yet another manual task. Can we implement a simple firewall rule? Should this be scrubbed upstream at our ISP? Do we need to fall back on our cloud scrubbing solution? At this point, a runbook must be consulted. The operations person then follows the steps defined in the runbook to properly mitigate the attack. Sound familiar? How does this mostly manual process impact your response time? Can the bad guys pivot their attack vectors faster than you can keep up?
FlowTraq has been designed to automate this cumbersome process. With FlowTraq’s complete visibility of your network, it is well suited to identifying the attack vectors being used. We can then leverage our compatibility with dozens of scrubbing and mitigation vendors to execute your playbook for you. No more inefficient manual steps, just pivot and deflect. For certain attack vectors, you want to inject an appropriate rule in a DDoS appliance? We can handle that. Need to submit a filter change to a cloud scrubber or add a null route to a router? We can handle those as well in an automated fashion. You set your triggers and we execute the work. This dramatically improves consistency as well as your time to full mitigation. It also minimizes the impact on your customer’s SLAs and your network as a whole. FlowTraq frees up your operational personnel to do what they are trained to do, identify never before seen attack vectors and strategize on a proper response.
Trust FlowTraq as the brains, the scrubbers are the muscle:
Advanced integrations with most leading DDoS mitigation solution providers allows FlowTraq to confirm the mitigation is working and offers the operator a comprehensive report on each DDoS attack and mitigation response.
FlowTraq is available as an on-premise or cloud hosted solution. Choose the implementation that best fits your requirements. For more information, see our pricing page.
FlowTraq supports all major hardware vendors such as A10, Fortinet and Radware. We also support multiple cloud scrubbing services like CenturyLink, L3 and Neustar. See our Features page for a complete list of supported hardware, software, and standards.