Anti DDoS

Online services such as e-Banking, online games, portal websites and online transactions are vulnerable to network attacks. Therefore, such services pose high requirements on attack defense. A distributed denial-of-service attack, DDoS attack is an attempt to make a computer resource unavailable to its proposed users. Motives for, and targets of a DDoS attack may vary, it generally consists of the intensive efforts of person to prevent an Internet site service from functioning efficiently or at all, temporarily or indefinitely.


Since 2008, an increase in DDoS attacks is reported. Symantec detects over 6000 DDoS attacks every day. In May 2009, China Telecom DNS Pod server crashed due to DDoS attacks. As the main customer, Storm cannot resolve the domain name of the server and thereby continuously sends massive requests to the DNS server. As a result, China Telecom's DNS collapse occurs. Also In 2009, many government Web sites of South Korea were under DDoS attacks simultaneously, resulting in service breakdown for a long time and posing a bad international impact. And in early 2010, Baidu Web sites were under DDoS attacks. Due to that, Internet users cannot access Baidu Web sites for nearly three hours. This case hits news headlines of international media.


Traditional anti-DDoS devices' protection for core online services is far from adequate, although they are endowed with defense capability to a certain extent because of challenges by developing DDoS attack technologies. Traditional firewalls can protect against common DDoS attacks. Nevertheless, they may become the first victim upon severe DDoS attacks. IPS identifies and defends against intrusion behaviors based on the signature database. However, DDoS attacks are launched through legitimate data packets, which do not comply with intrusion behavior features. Based on statistics on Net flow traffic sampling, traditional anti-DDoS devices can defend against traffic attacks but cannot cope with light traffic and application-layer attacks. Additionally, long detecting delay or slow traffic diversion may occur.


Thus, to effectively defend against DDoS attacks, we come out with professional anti-DDoS solution. This solution will give you flexible deployment on the live network, no performance bottleneck or new fault point, effective defense against traffic and application-layer attacks, convenient and easy management and enriched report export, and also defense against the attacks of new types.



  • SYN flood attack defense

  • SYN ACK flood attack defense

  • ACK flood attack defense

  • RST/ FIN flood attack defense

  • UDP flood attack defense

  • IP fragment flood attack defense

  • Non-TCP/UDP/ICMP packet flood attack defense

  • HTTP flood attack defense

  • Connection flood attack defense

  • UDP DNS request flood attack defense

  • UDP DNS reply flood attack defense

  • SIP flood attack defense

  • VIP-based policy

  • Global/attack event packet capture

  • Dynamic traffic diversion

  • Hardware bypass