The First and Last Line of Smart, Automated, Perimeter Defense

Arbor Edge Defense (AED) is an inline security appliance deployed at the network perimeter (i.e. between the internet router and firewall).

AED’s unique position on the network edge, its stateless packet processing engine and the continuous reputation-based threat intelligence it receives from NETSCOUT’s ATLAS Threat Intelligence feed enable it to automatically detect and stop both inbound threats and outbound communication from internal compromised hosts – essentially acting as the first and last line of defense for organizations.

NETSCOUT’s Arbor Edge Defense: The First and Last Line of Defense
Video

NETSCOUT’s Arbor Edge Defense: The First and Last Line of Defense

Watch Video

Benefits

Be a First Line of Defense

by blocking inbound DDoS attacks to protect the availability of your network, services or stateful security devices (e.g. firewall).

Be a Last Line of Defense

by blocking outbound communication from compromised internal devices to attacker command and control (C2) infrastructure to stop the proliferation of attacker and malware within your organizations and ultimately avoid a data breach.

Integrate

AED’s use of standards such as STIX/TAXII, SYSLOG (CEF, LEEF), a REST API and its ability to provide more context to blocked IoCs via ATLAS Threat intelligence enable it to become a fully integrated component of your existing security stack and process.

Defense at the Network Edge

Deployed in between the firewall and internet router, and using highly scalable stateless packet processing technology, Arbor Edge Defense acts as a network perimeter threat intelligence enforcement point where it blocks in bulk, inbound cyber threats (e.g. DDoS attacks, IOCs) and outbound malicious communication - essentially acting as the first and last line of perimeter defense for an organization.

Defense at the Network Edge

Features

  • Stateless, On-premise, DDoS Protection

    AED offers best in class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

  • Intelligently Automated, Hybrid DDoS Protection

    AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

  • Perimeter Enforcement of Your Threat Intelligence

    Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, AED can enforce your threat intelligence at the network perimeter to stop inbound DDoS attacks and outbound communication to known bad sites.

  • Integration with Existing Security Stack and Process

    AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.

Stateless, On-premise, DDoS Protection
Click to Enlarge Image

Because AED can stop all types of DDoS attacks, it should be deployed in front of your firewalls to protect them and the services behind them from DDoS attacks.

Stateless, On-premise, DDoS Protection

AED offers best in class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

Intelligently Automated, Hybrid DDoS Protection
Click to Enlarge Image

When DDoS attacks are larger than the internet circuit, AED’s Cloud Signaling will automatically route traffic to a cloud-based scrubbing center such as Arbor Cloud for attack mitigation.

Intelligently Automated, Hybrid DDoS Protection

AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

Perimeter Enforcement of Your Threat Intelligence
Click to Enlarge Image

Armed with threat intelligence from NETSCOUT’s ATLAS or 3rd parties, AED can act as a “last line of defense” to stop outbound IoCs from compromised internal devices before the data breach occurs.

Perimeter Enforcement of Your Threat Intelligence

Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, AED can enforce your threat intelligence at the network perimeter to stop inbound DDoS attacks and outbound communication to known bad sites.

Integration with Existing Security Stack and Process
Click to Enlarge Image

AED’s support for common protocols and APIs enable it to easily become part of your security stack and process.

Integration with Existing Security Stack and Process

AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense
Case Study

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense

SaaS Provider increased visibility into both inbound and outbound attacks

Learn More

Latest Resources

Case Study
Tax Agency Capitalizes on Cisco ACI SDN Migration, Improves Service Delivery With NETSCOUT

Read how this National Tax Agency uses NETSCOUT as a single-vendor solution for their Service Assurance and DDoS Prevention requirements.
Solution Brief
DDoS Attacks Are Already Creating Chaos While Schools and Universities Are Reopening During the Pandemic

DDoS attacks are Increasing with school reopenings during COVID-19. Read this Solution Brief to learn about NETSCOUT's best practice mitigation methodology for schools and...
Data Sheet
NETSCOUT Arbor Edge Defense

First and Last Line of Smart, Automated Perimeter Defense.
Case Study
Large European Financial Organization Implements a Proactive DDoS Defense With on Premise Devices

One of the largest financial centers operating in Western Europe ensures the flow of information and money between its financial market players with NETSCOUT solutions.

View More Resources

Related Pages

global map ddos attacks
Overview

What Is a Distributed Denial of Service (DDoS) Attack?

Find out everything you should know about DDoS (Distributed Denial of Service) attacks and learn how to protect your network with these tips from NETSCOUT.
Learn More
Arbor Sightline With Sentinel
Product

Arbor Sightline With Sentinel

Pervasive network visibility and automated threat mitigation.
Learn More
DDoS attack protection solution
Product Family

Arbor DDoS Protection

NETSCOUT provides the industry's most comprehensive DDoS prevention and protection solutions, from cloud mitigation to on-premise appliances.
Learn More
NETSCOUT Threat Intelligence
Product Family

NETSCOUT Threat Intelligence

Arbor has a long history in botnet research and DDoS mitigation. However, as DDoS has moved from just a diversion to be a feature of malware and botnets used in cybercrime and APT...
Learn More
Network Visibility
Product Family

Network Visibility and DDoS Managed Services

Deploy Arbor visibility solutions how you want it – software, virtually, appliances – and realize pervasive visibility with ease.
Learn More
3D pattern of green dots on dark background
Product

NETSCOUT Cyber Investigator

NETSCOUT Cyber Investigator is an enterprise-wide network threat and risk investigation platform that helps reduce the impact of cyber threats on your business. Easily detect, validate, investigate and respond to threats with this analytics system that also integrates with popular SIEM platforms.
Learn More

Contact NETSCOUT Today

To learn more about how NETSCOUT can help your company, speak to one of our highly-experienced subject matter experts.