Arbor Edge Defense

First and Last Line of Smart, Automated, Perimeter Defense

Arbor Edge Defense (AED)

Deployed in between the firewall and internet router, and using highly scalable stateless packet processing technology, Arbor Edge Defense acts as a network perimeter threat intelligence enforcement point where it blocks in bulk, inbound cyber threats (e.g. DDoS attacks, IOCs) and outbound malicious communication - essentially acting as the first and last line of perimeter defense for an organization.

NETSCOUT AED

Benefits of Arbor Edge Defense (AED)

  • First Line of Defense:
    • Stop Inbound DDoS Attacks:  AED can automatically stop inbound DDoS attacks that threaten the availability of your network, services and stateful security devices. AED's Cloud Signaling can automatically reroute very large attack traffic to one of NETSCOUT’s Arbor Cloud global scrubbing centers for cloud-based mitigation.
    • Inbound Indicators of Compromise (IoCs): Armed with potentially millions of reputation-based IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties (via support for STIX/TAXII), AED can stop inbound IoCs in bulk taking pressure off stateful security devices (e.g. NGFW); allowing them and security teams to perform more efficiently.
  • Last Line of Defense: Missed by existing security stack, AED can act as a last line of defense by detecting and blocking outbound communication from compromised internal devices to known bad sites; to help stop the further proliferation of malware within an organization and ultimately avoid a data breach from occurring.
  • Contextual Threat Intelligence: AED leverages NETSCOUT's ATLAS global threat intelligence to provide more context to blocked IoCs. This additional context helps security teams faster determine the risk to their organization and/or give them more information to proactively hunt using their other cyber security tools.
  • Integration:  AED's ability to act as a first and last line of defense, its robust REST API, support for Syslog, CEF, LEEF and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack.
Highlights
  • Stateless, On-premise, DDoS Protection
    AED offers best in class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

  • Intelligently Automated, Hybrid DDoS Protection
    AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

  • Perimeter Enforcement of Your Threat Intelligence
    Armed with potentially millions of reputation-based IoCs (from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties) AED can enforce your curated threat intelligence at the network perimeter to stop inbound and outbound malicious communication.

  • Additional Contextual Threat Intelligence
    Automatically leverage NETSCOUT’s ATLAS global threat intelligence for additional context related to AED blocked IoCs to help security teams determine risk and hunt using other tools in their security stack.

  • Integration with Existing Security Stack and Process
    AED's REST API, support for Syslog, CEF, LEEF and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.

  • Enterprise Case Study
  • Data Sheet
  • Solution Brief
  • Video
  • Infographic

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense

SaaS Provider increased visibility into both inbound and outbound attacks

Read More

SaaS Gains Essential Visibility for Service Assurance and Security of Customer-Facing Network

With a deployment of InfiniStreamNG appliances, nGenius Packet Flow Switches, and Arbor Edge Defense with Arbor Cloud Connect, this organization has gained critical visibility to provide both Service Assurance and Security for their customers.

Read More

Arbor Edge Defense

Arbor Edge Defense is an inline security appliance deployed at the network perimeter that can automatically detect and block inbound threats and outbound malicious communication using highly scalable, stateless technology and unique, global threat intelligence.

Download PDF

ATLAS Intelligence Feed (AIF) for Arbor Edge Defense

The ATLAS Intelligence Feed (AIF) empowers users with policies and countermeasures to address attacks as part of an advanced threat or DDoS attack. The information provided enables network and security operations teams to ensure the latest threat protections are available and defending their Enterprise environment. The AIF is a service of the ATLAS Security Engineering and Response Team (ASERT), and directly benefits Enterprise networks from the depth and breadth of our research.

Download PDF

Arbor Cloud DDoS Protection for Enterprise

Arbor Cloud combines on-premise AED DDoS defense with global cloud-based traffic scrubbing services for best of breed, hybrid, DDoS attack protection.

Download PDF

Why NETSCOUT Arbor DDoS Attack Protection Is Better

What Makes NETSCOUT’s Arbor DDoS Attack Protection Solution so Unique? Our solution is a fully managed, intelligently automated, combination of on-premise and in-cloud DDoS attack protection; continuously backed by global threat intelligence.

Download PDF

NFV services from Arbor and Netcracker

Service Providers are implementing SDN/NFV to improve network availability performance, reduce infrastructure complexity, and roll out new cloud services. NETSCOUT has partnered with Netcracker to deliver a cloud-based solution incorporating DDoS protection and threat filtering that Service Providers can bring to market to address demand from Enterprises around the need for increased network protection.

Download PDF

NETSCOUT Arbor Edge Defense

First and Last Line of Smart, Automated Perimeter Defense.

Download PDF

NETSCOUT’s Arbor Edge Defense: The First and Last Line of Defense

Adam Bixler, Director, Product Management at NETSCOUT, discusses NETSCOUT AED’s unique functionality the value of integrating threat intelligence and DDoS defense as a first and last line of defense

Watch Video

NETSCOUT AED

The security stack is getting more complex. But complexity won't protect your enterprise.

Download PDF