DefensePro IPS & Behavioral protection: Specification Sheet

DefensePro IPS and Behavioral Protection

Technical Product Information

Product Models
DefensePro x412 Series Designed for large data centers protection deployed by large enterprises, eCommerce and service providers Models: DefensePro 12412 (up to 12Gbps) DefensePro 8412 (up to 8Gbps) DefensePro 4412 (up to 4Gbps) Upgrade options are available from model 4412 and up to 12412 DefensePro x016 Series Designed for medium sized data centers protection deployed by large enterprises, eCommerce and service providers Models: DefensePro 3016 (up to 3Gbps) DefensePro 2016 (up to 2Gbps) DefensePro 1016 (up to 1Gbps) Upgrade options are available from model 1016 and up to 3016 DefensePro x06 Series Designed for small to medium sized data centers protection and Internet Gateway Models: DefensePro 2006 (up to 2Gbps) DefensePro 1006 (up to 1Gbps) DefensePro 506 (up to 500Mbps) Upgrade options are available from model 506 and up to 2006

Page 1

DefensePro IPS & Behavioral protection: Specification Sheet

Product Features
Feature Protections Network Wide Protections Behavioral DoS Protect against known and zero-minute DoS/DDoS flood attacks that misuse network bandwidth resources including: TCP Floods, UDP floods, ICMP floods, IGMP floods and fragmented attacks. DNS Protection Protect DNS critical infrastructure against flood attack that misuse DNS server resources. Malware Propagation Prevent zero-minute malware spread by already infected hosts. Prevention and Anti Prevents network pre-attack probes (Reconnaissance) including horizontal and vertical TCP Scanning & UDP scanning, stealth scanning and ping sweeps. RSA FraudAction Real-time Anti-Trojan and Anti-Phishing service, targeted to fight against financial fraud, feeds information theft and malware spread. Based on real-time reputation feeds from RSA Anti Fraud Command Center (AFCC). Server Protections SYN Protection Protect against any type of SYN flood attacks using advanced SYN authentication mechanisms HTTP flood protection Protect against HTTP page flood attacks that misuse web server resources. SSL attacks protection Protect against HTTPS attacks Server-Cracking Block brute force and dictionary attacks targeting to defeat server authentication schemes Protection including Mail servers (SMTP, POP3, IMAP), FTP servers, SIP servers, MS-SQL and MYSQL servers. Web sites application vulnerability scanning and hacking protection. SIP Invite and Bye floods prevention. Connection Limit Defend against connection based attacks such as half open SYN attacks, request attacks and full session attacks. Vulnerability-based protections Signature Protections Protects against known application vulnerabilities and common malware including: Web application protection, Mail servers protection, FTP servers protection, DNS Vulnerabilities, SIP vulnerabilities, SNMP Vulnerabilities, Microsoft vulnerabilities, Worms and Viruses, Backdoors and Trojans, Cross-Site Scripting, SQL Injections, Spyware, LAN Protocol and Services Protection (RPC, NetBIOS, Telnet etc.), Generic Payloads (Remote Execution, Shellcodes). Security updates service (SUS) - weekly updates and emergency updates. User-defined Attack Signatures. Protocol Compliance RFC compliance for various protocols including TCP, ICMP, DNS, HTTPS, SMTP, IMAP, POP3, FTP, SSH. Stateful Operation TCP Stream Reassembly, IP Defragmentation. Bandwidth Management and Access Control Bandwidth Guarantee bandwidth per application (granular, per user or session basis). Management Limit bandwidth per application. Limit P2P protocol traffic per session. Access Control Access Lists per IP address & protocol; Black/White Lists per IP address per feature. Supported protocols More than 100 protocols are supported including TCP, ICMP, DNS, HTTP, HTTPS, SMTP, IMAP, POP3, FTP, Telnet, SSH, SIP, Skinny (SCCP), H.223, RTP, SNMP, MySQL, MS-SQL (TDS) and LAN-centric protocols (RPC, NetBIOS) etc. Additional protocols can be defined by the user. Management Alerting SNMP V1, 2C &3, Log File, Syslog, E-mail. Forensics Attack Packet Logging, In-depth Attack Footprint Analysis, Attack Details and Statistics. Configuration SNMP V1, 2C, 3, HTTP, HTTPS, SSH, Telnet, SOAP API, Console (user selectable). Time Synchronization Network Time protocol (NTP) Export Real-Time Northbound XML interface exporting behavioral parameters such as: Signature information Normal traffic patterns. Attacks real-time signatures of ongoing DoS/DDoS attacks and malware propagation and anti scanning.

Page 2

DefensePro IPS & Behavioral protection: Specification Sheet

Product Specifications

DefensePro Model Network Location Hardware Platform Performance 2 Capacity 3 Throughput Max Concurrent Sessions Maximum DDoS Flood Attack Prevention Rate Latency Real time signatures Inspection Ports 10/100/1000 Copper Ethernet GE (SFP) 10GE (XFP) Management Ports 10/100/1000 Copper Ethernet RS-232 Operation Mode Network Operation Deployment Modes Tunneling protocols support IPv6 Jumbo Frame Inspection Policy Action Block Actions High Availability Fail-open / failclose
1

506 IPS & Behavioral Protection

1006 IPS & Behavioral Protection

2006 IPS & Behavioral Protection

1016 IPS & Behavioral Protection

2016 IPS & Behavioral Protection

3016 IPS & Behavioral Protection

4412 IPS & Behavioral Protection

8412 IPS & Behavioral Protection

12412 IPS & Behavioral Protection

Perimeter OnDemand Switch VL-S1; Dual PS option is: OnDemand Switch VL-S2 500Mbps 500Mbps 2,000,000 1Gbps 1Gbps 2,000,000 2Gbps 2Gbps 2,000,000

Core Network OnDemand Switch 2S1; Dual PS option is: OnDemand Switch 2S2 1Gbps 1Gbps 2,000,000 2Gbps 2Gbps 2,000,000 4Gbps 3.6Gbps 2,000,000

Core Network On Demand Switch 3S2 4Gbps 4Gbps 4,000,000 8Gbps 8Gbps 4,000,000 14Gbps 12Gbps 4,000,000

1,000,000 1,000,000 1,000,000 packets packets packets per per per second second second < 60 micro seconds Detect and protect attacks in less than 18 seconds 4 2 2 1 4 2 2 1 4 2 2 1

5,000,000 5,000,000 5,000,000 packets packets packets per per per second second second < 60 micro seconds Detect and protect attacks in less than 18 seconds 12 4 2 1 12 4 2 1 12 4 2 1

10,000,00 10,000,00 10,000,000 0 packets 0 packets packets per per per second second second < 60 micro seconds Detect and protect attacks in less than 18 seconds 8 4 4 2 1 8 4 4 2 1 8 4 4 2 1

Transparent L2 Forwarding In-line; SPAN Port Monitoring; Copy Port Monitoring; local out-of-path; Out-of-path mitigation (scrubbing center solution) VLAN Tagging, L2TP, MPLS, GRE, GTP Support IPv6 networks and block IPv6 attacks Supported Block & Report, Report Only Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination), Challenge-Response for HTTP and DNS attacks Internal fail-open/fail-close for copper ports; internal fail-close for SFP ports; optional fail-open for SFP 4 ports Internal fail-open/fail-close for copper ports; internal fail-close for SFP ports; 5 optional fail-open for SFP ports Internal fail-open/fail-close for copper ports; internal fail-close for SFP and XFP ports; optional fail-open for SFP 6 and XFP ports

Actual performance figures may change per network configuration, traffic type, etc. Capacity is measured as maximum traffic forwarding when no security profiles are configured. 3 Throughput is measured with behavioral IPS protections and signature IPS protections using eCommerce protection profile. 4 External fiber fail-open switch with SFP ports is available at additional cost.
2

Page 3

DefensePro IPS & Behavioral protection: Specification Sheet

Dual Power Supply Advanced internal overload 7 mechanism Active-Passive cluster Physical Dimensions (W x D x H) mm Weight (lb, kg) Power Supply Power Consumption Heat Dissipation (BTU/h) Operating Temperature Humidity (noncondensing) Safety Certifications EMC Other Certifications Warranty Support

Optional Yes Yes

Optional Yes Yes

Optional Yes Yes

Optional Yes Yes

Optional Yes Yes

Optional Yes Yes

Yes hot swappable Yes Yes

Yes hot swappable Yes Yes

Yes hot swappable Yes Yes

424x457x44 15.9, 7.2 Dual PS option is 19.2, 8.7 Auto range: 100V-120V/200V-240V AC 47-63Hz or 36-72VDC 177W Dual PS option is 147W 604 Dual PS option is 501

424x600x44 (1U) Dual PS option: 424x600x88 (2U) 20.9, 9.5 Dual PS option is 24.0, 10.9 Auto range: 100V-120V/200V-240V AC 50-60Hz or 36-72VDC 302W Dual PS option is 312W 1029 Dual PS option is 1064 0-40C 5% to 95%

424x600x88 39.0, 18.0 Auto range: 100V-120V/200V-240V AC 50-60Hz or 36-72VDC 476W 1623

EN 60950-1:2006, CB - IEC 60950-1, cTUVus EN 55022, EN 55024, FCC Part 15B Class A CE, FCC, VCCI, CB, TUV, UL/cUL, CCC, C-Tick, RoHS

EN, UL, CSA, IEC #60950-1 EN 55022, EN 55024, FCC Part 15B Class A CE, FCC, VCCI, CB, TUV, UL/cUL, CCC, C-Tick, RoHS 1-year hardware and software maintenance Certainty Support Program

Patent protected behavioral analysis technology

Radware DefensePro has been successfully awarded multiple United States patents based on real-time signatures, which protect and secure applications and network traffic. DefensePro technology is protected by the following patents: Patent No. 7,607,170 Stateful Attack Protection Patent No. 7,617,170 Generated Anomaly Pattern for HTTP Flood Protection Patent No. 7,624,084 Method for Generating Anomaly Pattern for HTTP Flood Protection Patent No. 7,681,235 Dynamic network protection Patent No. 7,836,496 Dynamic network protection II Patent No. 11/869,067 Automatic Signature Propagation Network Patent No. 11/835,503 Method, system and computer program product for preventing sip attacks
Specifications subject to change without notice.

5 6

External fiber fail-open switch with SFP ports is available at additional cost. External fiber fail-open switches with SFP or XFP ports are available at additional cost. 7 Overload mechanism is designed to obtain maximum security coverage under extreme traffic loads.

Page 4