智能自动化边界防御的第一道与最后一道防线

Arbor Edge Defense (AED) 是一种部署在网络边界(互联网路由器和防火墙之间)的内联安全设备。

AED 凭借在网络边缘的独特位置、其无状态数据包处理引擎以及从 NetscoutAtlas 威胁情报源不断收到的基于信誉的威胁情报,能够自动检测和阻止入站威胁及来自内部受感染主机的出站通信,堪称企业安全的第一道与最后一道防线。

好处

成为第一道防线

通过拦截入站 DDoS 攻击,保护网络、服务或有状态安全设备(例如:防火墙)的可用性。

成为最后一道防线

通过拦截受感染内部设备、攻击者命令与控制(C2)基础设施的出站通信,阻止攻击者和恶意软件在企业内部扩散,最终避免数据泄露。

集成

AED 采用 STIX/TAXII、SYSLOG (CEF、LEEF) 、REST API 等标准,及通过 ATLAS 威胁情报为被拦截 IoC 提供更多上下文信息的功能,可全方位集成到现有安全堆栈和流程中。

Defense at the Network Edge
点击放大图片

网络边界防御

Arbor Edge Defense 部署在防火墙和互联网路由器之间,采用高度可扩展的无状态数据包处理技术,起到网络边界威胁情报执行点的作用,可大量拦截入站网络威胁(例如:DDoS 攻击、IOC)和出站恶意通信,堪称企业边界防御的第一道与最后一道防线。

How to Block Ransomware from Your Network
Video

How to Block Ransomware from Your Network

Arbor Edge Defense can do more than DDoS mitigation. It can detect and block outbound indicators of compromise (IOCs) that go undetected by other tools in your security stack. For example, AED can detect and block malware known to seed ransomware before the decryption occurs.

Arbor Edge Defense can do more than DDoS mitigation

94% of surveyed IT organizations who selected effectively stopping complex DDoS attacks or effectively stopping state-exhaustion DDoS attacks agree that NETSCOUT Arbor Edge Defense and Arbor Cloud DDoS Protection helps solve cybersecurity challenges by detecting and blocking both inbound and outbound IoCs as well as other cyber threats.

- TechValidate survey of 35 users of NETSCOUT Arbor Edge Defense and/or Arbor Cloud

Read more from our customers

功能

  • 无状态本地 DDoS 防护

    AED 提供一流的 DDoS 防护。AED 可拦截高达 40Gbps 的 DDoS 攻击,并且由于其采用无状态数据包处理技术,可阻止针对和影响 NGFW 等有状态设备的 TCP 状态耗尽攻击。

  • 智能自动化的混合 DDoS 防护

    AED 的 Cloud Signaling 功能可自动将大流量 DDoS 攻击路由到 NETSCOUT 的 Arbor Cloud 全球清洗中心进行缓解,提供混合 DDoS 防护的行业最佳实践。

  • 威胁情报的边界执行

    AED 装备了多达数百万个来自 NETSCOUT ATLAS 的威胁情报源或第三方情报源的 IoC,可在网络边界强制执行威胁情报,以拦截入站 DDoS 攻击以及与已知不良网站的出站通信。

  • 与现有安全堆栈和流程集成

    AED 拥有 REST API 架构,支持 Syslog (CEF、LEEF) 和 STIX/TAXII 标准,能够让 AED 完全集成到企业现有安全堆栈和流程中。

Stateless, On-premise, DDoS Protection
点击放大图片

AED 可阻止所有类型的 DDoS 攻击,应当部署在防火墙之前,以保护防火墙及后端服务免受 DDoS 攻击。

无状态本地 DDoS 防护

AED 提供一流的 DDoS 防护。AED 可拦截高达 40Gbps 的 DDoS 攻击,并且由于其采用无状态数据包处理技术,可阻止针对和影响 NGFW 等有状态设备的 TCP 状态耗尽攻击。

Intelligently Automated, Hybrid DDoS Protection
点击放大图片

当DDoS 攻击规模大于互联网链路容量时,AED 的 Cloud Signaling 功能会自动将流量路由到 Arbor Cloud 云端清洗中心,从而缓解攻击。

智能自动化的混合 DDoS 防护

AED 的 Cloud Signaling 功能可自动将大流量 DDoS 攻击路由到 NETSCOUT 的 Arbor Cloud 全球清洗中心进行缓解,提供混合 DDoS 防护的行业最佳实践。

Perimeter Enforcement of Your Threat Intelligence
点击放大图片

装备了来自 NETSCOUT ATLAS 或第三方的威胁情报,AED 可起到“最后一道防线”的作用,在数据泄露发生之前,拦截内部受感染设备的出站 IoC。

威胁情报的边界执行

AED 装备了多达数百万个来自 NETSCOUT ATLAS 的威胁情报源或第三方情报源的 IoC,可在网络边界强制执行威胁情报,以拦截入站 DDoS 攻击以及与已知不良网站的出站通信。

Integration with Existing Security Stack and Process
点击放大图片

AED 支持通用协议和 API,可轻松融入您的安全堆栈和流程。

与现有安全堆栈和流程集成

AED 拥有 REST API 架构,支持 Syslog (CEF、LEEF) 和 STIX/TAXII 标准,能够让 AED 完全集成到企业现有安全堆栈和流程中。

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense
Case Study

SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense

Global SaaS provider with almost a dozen data centers around the world turned to Arbor Edge Defense for increased visibility into both inbound and outbound DDoS attacks.

最新资源

Case Study
SaaS Provider of Payment Processing Solutions Protects Business from DDoS Attacks with Arbor Edge Defense
Global SaaS provider with almost a dozen data centers around the world turned to Arbor Edge Defense for increased visibility into both inbound and outbound DDoS attacks.
Data Sheet
NETSCOUT Omnis AED
First and Last Line of Smart, Automated Perimeter Defense
Solution Brief
NETSCOUT Omnis AED
First and Last Line of Smart, Automated Perimeter Defense
Data Sheet
Implementation Services for Arbor Edge Defense (AED)
NETSCOUT is committed to providing its customers with quality implementation services delivered by a team of skilled industry professionals.
Case Study
Manufacturer Improves Network Perimeter Defense With NETSCOUT AED
This Arbor Edge Defense Case Study describes how our Hybrid DDoS Protection and Perimeter Defense solution enhanced SecOps/NetOps collaboration for one large-scale manufacturer.
Blog Post
Colombia Under Attack
A year in review: Detailed DDoS attack data for Colombia
Case Study
Global Organization Learns That DDoS Attacks Do Not Stop, and Network Protection Is Critical
An intergovernmental organization that supports many countries around the world was encountering unrelenting DDoS Attack traffic. Learn how NETSCOUT helped.
Case Study
Pharmaceutical Organization Endures Business Losses Due to Lack of DDoS Protection
Using NETSCOUT threat intelligence and collected traffic data to illuminate potential cyber-attacks and provide solutions can help to eliminate service outages.

相关页面

what is ddos - global map ddos attacks
Overview

What Is a Distributed Denial of Service (DDoS) Attack?

Find out everything you should know about DDoS (Distributed Denial of Service) attacks and learn how to protect your network with these tips from NETSCOUT.
Learn more
Arbor Sightline With Sentinel
Product

搭配 Sentinel 的 Arbor Sightline

普遍的网络可见性和自动化威胁缓解。
Learn more
NETSCOUT Threat Intelligence
Solution

NETSCOUT DDoS Threat Analysis & Intelligence

Detailed cyber threat analysis and protection from NETSCOUT is powered by our advanced global threat intelligence from our expert research teams and unmatched technology.
Learn more
Network Visibility
Solution

Network Visibility and DDoS Managed Services

Deploy Arbor visibility solutions how you want it – software, virtually, appliances – and realize pervasive visibility with ease.
Learn more
3D pattern of green dots on dark background
Product

Omnis Cyber Investigator

Omnis® Cyber Investigator 是一款企业级网络威胁和风险调查平台,能帮助网络和安全团队轻松检测、验证、调查和响应威胁。该分析系统还能与主流的安全信息和事件管理(SIEM)平台集成,减少网络威胁带来的影响。
Learn more