However much traffic flows in and out of your network, you can’t afford to miss a single packet when you’re looking for the signs of a DDoS attack. You need to capture and index everything, from the volume of packets to their contents.
But capturing traffic isn’t enough. You need to know if it’s normal and, to get there, you need to understand what normal means. What’s a legitimate increase? What’s usual peak-time fluctuation? And what’s a more sinister trend?
The Corero SmartWall Network Forensics Appliance is a compact ¼ wide 1 RU device that provides traffic capture and indexing and 10Gbps rates. The only limit is the size of your storage.
There’s no such thing as meaningless traffic. Your legitimate packets tell the story of what constitutes standard use. And traffic that doesn’t fit could tell the story of an attack in progress.
So the SmartWall Network Forensics Appliance equips you with line-rate packet capture and indexing, whether you’re using a single device or a series of appliances at key points in your infrastructure.
The data you’ve captured and indexed on third-party iSCSI devices isn’t there for posterity. It forms the foundation of your ongoing analysis.
The SmartWall Network Forensics Appliance intelligently retrieves historical packet captures for analysis, at the same time as recording new traffic.
So you can uncover unusual usage patterns and trends as soon as possible and take fast steps to mitigate an attack in progress.
To defend yourself against new threats, you need to understand the threats you’ve already faced. Analysing historic threats gives you a head start on staying protected against what could come next.
With complete data capture, the SmartWall Network Forensics Appliance gives you new insights into attack vectors, the nature of a breach, and the identities of the attackers.
It’s essential intelligence that you can use to strengthen your DDoS detection and mitigation – and it’s ideal for compliance and law enforcement reporting.
Whether you’re running a single appliance or a fleet of several devices, management and monitoring can quickly become a time-consuming process that drains your resources. So Corero makes things more efficient with a single centralised interface.
The Corero Management Server (CMS) is a virtual appliance that you can connect seamlessly with the SmartWall Network Forensics Appliance as well as other devices in the SmartWall range. Then, use an intuitive browser-based interface to configure, control, and monitor your appliances, as well as viewing important security events.
We have pretty much eliminated the DDoS problem for our company. It gives us peace of mind.
The device gives us information on attempts and what types of attempts are tried against our network. It’s easy to see and modify configurations to address potential security attacks.
I sleep much better now knowing that Corero is a key part of our comprehensive security program.