Skip to main content Skip to search
Blog

Time for Zero-day DDoS Defense

A10 Networks entered the DDoS defense market in 2014 by shattering the industry standard for performance and integrations with the Thunder TPS 6435, a 155 Gbps performance with 100 GbE networking DDoS defense appliance. It simplified deployment and changed the economics of building high-performance DDoS defenses.

Networking DDoS defense appliance

The impact on the market was dramatic. In fact, in these short five years, we have shipped more than seventy-five terabits of DDoS defense capacity to our broad range of service providers, gaming and enterprise customers.

75 tbps deployed

A10 Networks continues to innovate and has maintained market leadership to the delight of our customers.

However, less visible has been our innovations around DDoS resilience effectiveness. Experienced customers, who transitioned away from established vendors, know the significant advantage of our granular session controls, fast 100 ms mitigation intervals, five-level adaptive policy zones and other elements like the actionable DDoS weapons intelligence. These capabilities helped these companies improve their DDoS resilience over legacy platforms.

This week, we continue down the path of simplifying DDoS defense operations and improving defense effectiveness with the Zero-day Automated Protection (ZAP) introduction – a new set of intelligent automation capabilities added to our Thunder TPS product line.
ZAP is a set of tools that automatically recognize the characteristics of DDoS attacks and apply mitigation filters without advanced configuration or an operator’s manual intervention. Today, ZAP is made up of two complementary components:

  • Zero-Day Attack Pattern Recognition (ZAPR) – dynamic attack pattern recognition by a machine learning algorithm and signature generation blocking
  • Zero-Day Behavior Anomaly Recognition (ZBAR) – heuristic behavior analysis recognition to dynamically identify anomalous behavior and block attacking agents

Zero-day automated protection zap

This technology advances DDoS defense effectiveness in the two categories that our customers are asking for*:

  • Automated detection and mitigation
  • Speed of response

ZAP solves many of today’s DDoS defenders’ challenges by re-balancing the economics of the DDoS attacker and the defenders’ efforts through intelligent automated defenses. These defenses empower the overburdened security staff with tools the win back time.

Benefits of A10 Networks ZAP Defense

  • A fast, automated response
  • No pre-configuration or manual intervention
  • Expert system supplements overburdened and limited security staff
  • Autonomous scrubbing service that scales to thousands of tenants

ZAP works in conjunction with A10 Networks’ actionable DDoS weapons intelligence and the five-level adaptive policy mitigation engines. This pipeline of source-based defense provides the industry’s most complete automated defense-in-depth protection. It effectively blocks attackers while protecting the users from indiscriminate collateral damage commonly found with traditional systems.

Automated defense in depth

ZAP is available now and included in Thunder TPS release 3.2.4 or higher

Learn more:

 

*Source: IDG DDOS ATTACK TRENDS

Categories:


Donald Shin
|
June 4, 2019

Don has over 15 years of experience in the Networking and Security industries. Prior to A10, Don work in a variety of roles in R&D, product management, and… Read More