Protecting Your Network from Damaging DDoS Attacks

Some of the largest and most disruptive attacks on networks have taken the form of Denial of Service (DoS/DDoS) attacks, which become more frequent and varied each year. Enterprise networks are targeted every day and actors in the DoS/DDoS arena are finding creative and sophisticated ways to flood your data center with large volumes of traffic that threaten network performance, availability and integrity. It has therefore become imperative to protect your organization from such attacks.

How Allot Detects and Deflects Threats

Allot DDoS Protection solutions employ carrier-proven anomaly detection technologies to accurately detect DDoS traffic. Every inbound and outbound packet is inspected to ensure no threat goes undetected. Dynamic creation of filtering rules and surgical filtering of DDoS attack packets avoids over-blocking and allows legitimate traffic to flow unimpeded, keeping your business online and protected at all times. Allot also identifies anomalous host behavior according to abnormal outbound connection activity and malicious connection patterns. This enables you to identify and quarantine infected hosts and treat the root causes of outbound spam, worm propagation and port scanning. It eliminates the superfluous load they put on your network and minimizes liability that may be associated with attacks that emanate from your network.

Network Robustness

Allot is the only vendor that combines DPI-based traffic management with behavioral based DDoS mitigation. Traffic management increases network robustness by shaping traffic so that no networked resource gets overwhelmed by accidental or intentional traffic anomalies. For example; by limiting the connection establishment rates to the spec of a perimeter firewall you can ensure that it provides continuous protection and logging under anomalous conditions. Traffic management can be applied in severe conditions to prioritize business-critical traffic and critical protocols required for the network to operate.

Rapid response

Being in-line, Allot DDoS protection provides rapid response to attacks with sub-minute detection and sub-minute mitigation, without diverting massive volumes of data to scrubbing centers. This would complement an ISP-based DDoS mitigation service that typically takes between 20-30 min to detect and mitigate, ensuring that critical traffic is uninterrupted during that window because every second counts when you’re under attack


  • Allot Enterprise multiservice platforms provide up to 30Gbps of real-time DDoS mitigation capacity per appliance. One controller can manage up to 16 devices, providing almost half a Tera bps of DDoS mitigation.
  • Combined traffic management with behavioral DDoS mitigation ensures network availability under severe conditions
  • Support of asymmetric routing topologies to protect complex datacenter deployments.
  • Rapid inline mitigation without diverting massive data volumes to cloud scrubbing centers
  • Gain real-time visibility into attackers and their targets in your network and detailed postmortem analytics.
  • Treat the root cause of infected endpoints so bots can be stopped without affecting others

Learn More


Technology Perspective

The Smart Way to Protect Users and Control Application Performance: NBAD and HBAD: our advanced anomaly detection technologies Read More »

Solution Brief

Allot Secure Service Gateway enables enterprises to enhance productivity and protect their networks and users against DDoS attacks and other threats at a significantly lower TCO. Read how the solution works. Read More »

Success Story

Detecting and blocking DDoS attacks in real-time before they threaten or interrupt network service. Read More »