Provider of application delivery and security solutions for virtual and cloud data centers, Radware recently added DefenseFlow to its suite of software defined networking (SDN) applications. According to the company, DefenseFlow provides organizations with "superior network wide attack migration service."
This release comes shortly after Radware's introduction of DefensePipe, which roots out volumetric DDoS attacks that would otherwise saturate the customer's Internet pipe.
DefenseFlow, on the other hand, is part of the company's SDN strategy, which was also unveiled as part of DefenseFlow's announcement. Radware plans to primarily focus on three key dimensions: SDN applications, SDN eco-system and related SDN technology support.
DefenseFlow obviously falls into the first category, which aims to optimize ADC and security services by programming the network with applications like DefenseFlow. The latter two categories are mainly involved with support the first by ensuring compatibility with the industry's leading SDN vendors, while extending APIs and supporting network protocols like VX-LAN.
"While SDN has received a lot of attention recently, enterprise and carriers are challenged to actually leverage the benefits of this new network evolution," said Avi Chesla, chief technology officer at Radware, in a statement. "Our approach is to provide a set of fully-functional SDN applications that empower our customers to build application aware networks which dramatically increase their value. DefenseFlow is the first in a line of SDN applications we'll be introducing this year that harness the power and cost savings of SDN."
DefenseFlow is Radware's first commercial SDN application, enabling network operators to program the network and provide automated DoS and DDoS detection and protection as a native network service. The application can transition in-path device-based security solutions into network-wide services by leveraging the SDN control plane to detect traffic information for attack detection.
This information is then used to optimally divert traffic through relevant security resources in the network, mitigating risk. By using this method to detect network attacks in real time, network operators can implement DoS and DDoS protection at low cost.
Edited by Braden Becker