MANAnet FloodWatcherTM:
Passive, Offline, DDoS Attack Detection, Alerts, And Attribution

- PRODUCT SHEET -

Purpose: DDoS Flood Attack Monitoring, Detection, and Alerts

MANAnet FloodWatcher monitors network traffic for incoming and outgoing Distributed Denial of Service (DDoS) attacks. It is capable of detecting all DDoS floods and will notify administrators about the attacks with appropriate information to let them make decisions about how to handle the attack. FloodWatcher is a passive, offline device that will not, in any way, affect normal network operations.

Description: Detecting and Alerting Administrators about DDoS AttacksThe World ONLY Reverse Firewall

The MANAnet FloodWatcher is a hardware appliance that is installed to monitor network traffic specifcally for DDoS flood attacks. It will require access to network traffic through the deployment of an optical or other tap at one or more key data paths of a customer network. The device operates passively and offline from the customer's network operations. It analyzes traffic for signs of DDoS floods -- both incoming and outgoing. It detects attacks and alerts administrators about incidents that require further attention.

Who Needs the FloodWatcher: All Enterprises -- ISPs, Universities, and Corporations

All enterprises which attach significant value to the availability of their networks and computing infrastructures regardless of whether the attacks come from the outside or the inside.

How It Works: Monitoring and Analyzing Key Network Parameters

Exactly where it should be deployed will depend on the customer network topology. MANAnet FloodWatcher is installed with the help of a tap on key network data paths. The device monitors approximately 50 important network parameters. It performs several kinds of analysis to detect anomalies in traffic using thresholds that are set up by administrators at configuration time. One of the key proprietary ideas in FloodWatcher is to discern source information about packets in ways that the attacker cannot control. To the extent possible, attribution data about traffic are provided using knowledge about the customer's network configuration.

Benefits Works Passively, Offline, Using Anomaly Analysis

The MANAnet FloodWatcher provides a very good option for customers who experience the threat of a flood attack but do not want to use active, inline, detection and mitigation for a variety of reasons. It major benefits include:

  1. Normal Traffic Not Impacted: Because of its passive, offline mode of deployment FloodWatcher will not impact normal network operation.
  2. High Performance Device: The device is capable of analyzing gigabit traffic.
  3. Attack Detection, Alert, Attribution: The device detects traffic anomalies related to attack traffic, notifies administrators, and provides accurate attribution data about the source and type of attack traffic for remedial action.