The First and Last Line of Smart, Automated, Edge Defense

Arbor Edge Defense (AED) is an inline security appliance deployed at the network perimeter (i.e. between the internet router and network firewall).

AED’s unique position on the network edge, its stateless packet processing engine and the continuous reputation-based threat intelligence it receives from NETSCOUT’s ATLAS Threat Intelligence feed enable it to automatically detect and stop both inbound threats and outbound communication from internal compromised hosts – essentially acting as the first and last line of defense for organizations.

Benefits

Be a First Line of Defense

by blocking inbound DDoS attacks to protect the availability of your network, services or stateful security devices (e.g. firewall).

Be a Last Line of Defense

by blocking outbound communication from compromised internal devices to attacker command and control (C2) infrastructure to stop the proliferation of attacker and malware within your organizations and ultimately avoid a data breach.

Integrate

AED’s use of standards such as STIX/TAXII, SYSLOG (CEF, LEEF), a REST API and its ability to provide more context to blocked IoCs via ATLAS Threat intelligence enable it to become a fully integrated component of your existing security stack and process.

Defense at the Network Edge
Click to enlarge image

Defense at the Network Edge

Deployed in between the firewall and internet router, and using highly scalable stateless packet processing technology, Arbor Edge Defense acts as a network edge threat intelligence enforcement point where it blocks in bulk, inbound cyber threats (e.g. DDoS attacks, IOCs) and outbound malicious communication - essentially acting as the first and last line of perimeter defense for an organization.

How to Block Ransomware from Your Network
Video

How to Block Ransomware from Your Network

Arbor Edge Defense can do more than DDoS mitigation. It can detect and block outbound indicators of compromise (IOCs) that go undetected by other tools in your security stack. For example, AED can detect and block malware known to seed ransomware before the decryption occurs.

Features

  • Stateless, On-premise, DDoS Protection

    AED offers best in class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

  • Intelligently Automated, Hybrid DDoS Protection

    AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

  • Edge Enforcement of Your Threat Intelligence

    Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, AED can enforce your threat intelligence at the network edge to stop inbound DDoS attacks and outbound communication to known bad sites.

  • Integration with Existing Security Stack and Process

    AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.

Stateless, On-premise, DDoS Protection
Click to enlarge image

Because AED can stop all types of DDoS attacks, it should be deployed in front of your firewalls to protect them and the services behind them from DDoS attacks.

Stateless, On-premise, DDoS Protection

AED offers best in class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

Intelligently Automated, Hybrid DDoS Protection
Click to enlarge image

When DDoS attacks are larger than the internet circuit, AED’s Cloud Signaling will automatically route traffic to a cloud-based scrubbing center such as Arbor Cloud for attack mitigation.

Intelligently Automated, Hybrid DDoS Protection

AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

Edge Enforcement of Your Threat Intelligence
Click to enlarge image

Armed with threat intelligence from NETSCOUT’s ATLAS or 3rd parties, AED can act as a “last line of defense” to stop outbound IoCs from compromised internal devices before the data breach occurs.

Edge Enforcement of Your Threat Intelligence

Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, AED can enforce your threat intelligence at the network edge to stop inbound DDoS attacks and outbound communication to known bad sites.

Integration with Existing Security Stack and Process
Click to enlarge image

AED’s support for common protocols and APIs enable it to easily become part of your security stack and process.

Integration with Existing Security Stack and Process

AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense
Case Study

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense

Global SaaS provider with almost a dozen data centers around the world turned to Arbor Edge Defense for increased visibility into both inbound and outbound DDoS attacks.

Featured Resources

White Paper
An On-Premises Defense is the Cornerstone for Multilayer DDoS Protection
Due to the creation of new attack vectors and Adaptive DDoS Attacks, the need for on-premises protection with its inherent attack management agility and efficiency is a priority.
Data Sheet
Deployment Review for Arbor Edge Defense (AED)
The performance and successful completion of an AED Deployment requires the activities outlined in this document.
Use Case
Stopping Application-Layer DDoS Attacks
SECURITY An application-layer DDoS attack is a form of DDoS attack where attackers target application-layer processes.
Use Case
Blocking C2 Communication from Compromised Internal Devices
Command-and-control infrastructure, also called C2, is employed by cyber criminals to maintain communications with compromised devices within a target network.
Case Study
Pharmaceutical Organization Endures Business Losses Due to Lack of DDoS Protection
Using NETSCOUT threat intelligence and collected traffic data to illuminate potential cyber-attacks and provide solutions, can help to eliminate service outages.
Case Study
Global Organization Learns That DDoS Attacks Do Not Stop, and Network Protection Is Critical
An intergovernmental organization that supports many countries around the world was encountering unrelenting DDoS Attack traffic. Learn how NETSCOUT helped.
Case Study
NETSCOUT Assists Eastern European Institution in Protecting Client Financial Accounts from DDoS Disruptions and Theft
NETSCOUT® Sightline and TMS provide confidence to the customers Security Operations Center staff that their mission critical services will be protected from future DDoS Attacks.
Data Sheet
NETSCOUT Arbor Edge Defense (AED)
Arbor Edge Defense (AED) is an inline security appliance deployed at the network perimeter (i.e. between the internet router and firewall).

Related Pages

what is ddos - global map ddos attacks
Overview

What Is a Distributed Denial of Service (DDoS) Attack?

Find out everything you should know about DDoS (Distributed Denial of Service) attacks and learn how to protect your network with these tips from NETSCOUT.
Learn more
Arbor Sightline With Sentinel
Product

Arbor Sightline With Sentinel

Pervasive security, networking visibility and automated threat mitigation.
Learn more
Comprehensive DDoS Protection
Solution

Comprehensive DDoS Protection

The most inclusive and best practice form of protection from the modern-day DDoS attack.
Learn more
NETSCOUT Threat Intelligence
Solution

NETSCOUT Threat Intelligence

As DDoS has moved from just a diversion to be a feature of malware and botnets used in cybercrime and APT attacks, NETSCOUT has expanded its intelligence threat research team and...
Learn more
Network Visibility
Solution

Network Visibility and DDoS Managed Services

Deploy Arbor visibility solutions how you want it – software, virtually, appliances – and realize pervasive visibility with ease.
Learn more
3D pattern of green dots on dark background
Product

Omnis Cyber Intelligence

Omnis Cyber Intelligence is an enterprise-wide network threat detection and risk investigation platform that helps reduce the impact of cyber threats on your business.
Learn more

Contact NETSCOUT Today

To learn more about how NETSCOUT can help your company, speak to one of our highly-experienced subject matter experts.