The First and Last Line of Smart, Automated, Edge Defense

Omnis Arbor Edge Defense (AED) is an inline security appliance deployed at the network perimeter (i.e. between the internet router and network firewall) to provide security and defense.

AED’s unique position on the network edge, its stateless packet processing engine and the continuous reputation-based threat intelligence it receives from NETSCOUT’s Omnis ATLAS Threat Intelligence Feed enable it to automatically detect and stop both inbound threats and outbound communication from internal compromised hosts – essentially acting as the first and last line of defense for organizations.

Network Perimeter Security Benefits

Be a First Line of Defense

by blocking inbound DDoS attacks to protect the availability of your network, services or stateful security devices (e.g. firewall).

Be a Last Line of Defense

by blocking outbound communication from compromised internal devices to attacker command and control (C2) infrastructure to stop the proliferation of attacker and malware within your organizations and ultimately avoid a data breach.

Integrate

AED’s use of standards such as STIX/TAXII, SYSLOG (CEF, LEEF), a REST API and its ability to provide more context to blocked IoCs via Omnis ATLAS Threat Intelligence Feed enable it to become a fully integrated component of your existing security stack and process.

Defense at the Network Edge
Click to enlarge image

Defense at the Network Edge

Deployed in between the firewall and internet router, and using highly scalable stateless packet processing technology, Omnis AED acts as a network edge threat intelligence enforcement point where it blocks in bulk, inbound cyber threats (e.g. DDoS attacks, IOCs) and outbound malicious communication - essentially acting as the first and last line of network perimeter defense for an organization.

How to Block Ransomware from Your Network
Video

How to Block Ransomware from Your Network

Arbor Edge Defense can do more than DDoS mitigation. It can detect and block outbound indicators of compromise (IOCs) that go undetected by other tools in your security stack. For example, AED can detect and block malware known to seed ransomware before the decryption occurs.

Arbor Edge Defense can do more than DDoS mitigation

94% of surveyed IT organizations who selected effectively stopping complex DDoS attacks or effectively stopping state-exhaustion DDoS attacks agree that NETSCOUT Arbor Edge Defense and Arbor Cloud DDoS Protection helps solve cybersecurity challenges by detecting and blocking both inbound and outbound IoCs as well as other cyber threats.

- TechValidate survey of 35 users of NETSCOUT Arbor Edge Defense and/or Arbor Cloud

Read more from our customers

Features

  • Stateless, On-premise, DDoS Protection

    Omnis AED offers best in class DDoS protection. Omnis AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, Omnis AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

  • Intelligently Automated, Hybrid DDoS Protection

    Omnis AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT's Arbor Cloud global scrubbing centers for mitigation - offering the industry best practice of hybrid DDoS protection.

  • Edge Enforcement of Your Threat Intelligence

    Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, Omnis AED can enforce your threat intelligence at the network edge to stop inbound DDoS attacks and outbound communication to known bad sites. Get robust network perimeter security and defense now with Omnis AED.

  • Integration with Existing Security Stack and Process

    Omnis AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable Omnis AED to be a fully integrated component of an organization’s existing security stack and process.

Stateless, On-premise, DDoS Protection
Click to enlarge image

Because Omnis AED can stop all types of DDoS attacks, it should be deployed in front of your firewalls to protect them and the services behind them from DDoS attacks.

Stateless, On-premise, DDoS Protection

Omnis AED offers best in class DDoS protection. Omnis AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, Omnis AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

Intelligently Automated, Hybrid DDoS Protection
Click to enlarge image

When DDoS attacks are larger than the internet circuit, Omnis AED’s Cloud Signaling will automatically route traffic to a cloud-based scrubbing center such as Arbor Cloud for attack mitigation.

Intelligently Automated, Hybrid DDoS Protection

Omnis AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT's Arbor Cloud global scrubbing centers for mitigation - offering the industry best practice of hybrid DDoS protection.

Edge Enforcement of Your Threat Intelligence
Click to enlarge image

Armed with threat intelligence from NETSCOUT’s ATLAS or 3rd parties, Omnis AED can act as a “last line of defense” on the network perimeter to stop outbound IoCs from compromised internal devices before the data breach occurs.

Edge Enforcement of Your Threat Intelligence

Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, Omnis AED can enforce your threat intelligence at the network edge to stop inbound DDoS attacks and outbound communication to known bad sites. Get robust network perimeter security and defense now with Omnis AED.

Integration with Existing Security Stack and Process
Click to enlarge image

Omnis AED’s support for common protocols and APIs enable it to easily become part of your security stack and process.

Integration with Existing Security Stack and Process

Omnis AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable Omnis AED to be a fully integrated component of an organization’s existing security stack and process.

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense
Case Study

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense

Global SaaS provider with almost a dozen data centers around the world turned to Arbor Edge Defense for increased visibility into both inbound and outbound DDoS attacks.

Featured Resources

Case Study
South Staffordshire College Stops Virtual Classroom Downtime with Real Time DDoS Protection
Due to the on-premises real-time mitigation capabilities of Omnis AED, this College saw its virtual class application availability recover 100%.
White Paper
The Total Economic Impact of NETSCOUT Omnis AED
Cost Saving and Business Benefits Enabled by NETSCOUT Omnis AED
White Paper
An On-Premises Defense is the Cornerstone for Multilayer DDoS Protection
Due to the creation of new attack vectors and Adaptive DDoS Attacks, the need for on-premises protection with its inherent attack management agility and efficiency is a priority.
Data Sheet
Deployment Review for Arbor Edge Defense (AED)
The performance and successful completion of an AED Deployment requires the activities outlined in this document.
Use Case
Stopping Application-Layer DDoS Attacks
An application-layer DDoS attack is a form of DDoS attack where attackers target application-layer processes.
Use Case
Blocking C2 Communication from Compromised Internal Devices
Command-and-control infrastructure, also called C2, is employed by cyber criminals to maintain communications with compromised devices within a target network.
Case Study
Pharmaceutical Organization Endures Business Losses Due to Lack of DDoS Protection
Using NETSCOUT threat intelligence and collected traffic data to illuminate potential cyber-attacks and provide solutions can help to eliminate service outages.
Case Study
Global Organization Learns That DDoS Attacks Do Not Stop, and Network Protection Is Critical
An intergovernmental organization that supports many countries around the world was encountering unrelenting DDoS Attack traffic. Learn how NETSCOUT helped.
More Resources

Related Pages

What is a DDoS Attack?
Overview

What Is a Distributed Denial of Service (DDoS) Attack?

Find out everything you should know about DDoS (Distributed Denial of Service) attacks and learn how to protect your network with these tips from NETSCOUT.
Learn more
Arbor Sightline With Sentinel
Product

Arbor Sightline With Sentinel for Mitigating DDoS Attacks

Leverage Arbor Sightline's powerful visibility for mitigating DDoS attacks with Sentinel. Upgrade your network defense today with Arbor!
Learn more
Comprehensive DDoS Protection Solution
Solution

Comprehensive DDoS Protection

Hybrid DDoS protection solutions start with NETSCOUT. Our comprehensive DDoS attack mitigation technology protects your network at all levels.
Learn more
NETSCOUT Threat Intelligence
Solution

NETSCOUT Real-Time Advanced Threat Intelligence

Detailed cyber threat analysis and protection from NETSCOUT is powered by our advanced global threat intelligence from our expert research teams and unmatched technology.
Learn more
Network Visibility
Solution

Network Visibility and DDoS Managed Services

Deploy Arbor visibility solutions how you want it – software, virtually, appliances – and realize pervasive visibility with ease.
Learn more
Omnis Cyber Intelligence NDR Platform
Product

Omnis Cyber Intelligence NDR Platform

Omnis Cyber Intelligence is an enterprise-wide network threat detection and risk investigation platform that helps reduce the impact of cyber threats on your business.
Learn more

Contact NETSCOUT Today

To learn more about how NETSCOUT can help your company, speak to one of our highly-experienced subject matter experts.