How Allot Detects and Deflects Threats
Allot DDoS Protection solutions employ carrier-proven anomaly detection technologies to accurately detect DDoS traffic. Every inbound and outbound packet is inspected to ensure no threat goes undetected. Dynamic creation of filtering rules and surgical filtering of DDoS attack packets avoids over-blocking and allows legitimate traffic to flow unimpeded, keeping your business online and protected at all times. Allot also identifies anomalous host behavior according to abnormal outbound connection activity and malicious connection patterns. This enables you to identify and quarantine infected hosts and treat the root causes of outbound spam, worm propagation and port scanning. It eliminates the superfluous load they put on your network and minimizes liability that may be associated with attacks that emanate from your network.
Allot is the only vendor that combines DPI-based traffic management with behavioral based DDoS mitigation. Traffic management increases network robustness by shaping traffic so that no networked resource gets overwhelmed by accidental or intentional traffic anomalies. For example; by limiting the connection establishment rates to the spec of a perimeter firewall you can ensure that it provides continuous protection and logging under anomalous conditions. Traffic management can be applied in severe conditions to prioritize business-critical traffic and critical protocols required for the network to operate.
Being in-line, Allot DDoS protection provides rapid response to attacks with sub-minute detection and sub-minute mitigation, without diverting massive volumes of data to scrubbing centers. This would complement an ISP-based DDoS mitigation service that typically takes between 20-30 min to detect and mitigate, ensuring that critical traffic is uninterrupted during that window because every second counts when you’re under attack