SysMaster and Denial of Service Prevention

Key Features

  • Denial of Service online attacks based on TCP, UDP, IP and ICMP protocols such as SYN flood, IP spoofing, Ping-of-Death, and others are thwarted.
  • SysMaster DoS prevention reduces server downtime.
  • Powerful firewall capable of filtering a wide range of traffic based on an extensive set of traffic characteristics.
  • Specially designed core software for advanced security.
  • Administration through Access Control Lists for enhanced security.
  • Ability to drop idle connections.
  • Ability to map well known ports to any port in NAT configuration.

Why Denial of Service Prevention?

Ensuring a high level of security and protection against malicious attacks is extremely critical for every business on the Internet. Conventional equipment is not capable of handling this task as new powerful technology is required to thwart malicious traffic. Denial of Service floods are the most common type of online attacks. These attacks attempt to consume all the bandwidth or computational server resources at the expense of the useful traffic.

The SysMaster platform's Network Operating system and the QoS module, together with the Firewall module can provide comprehensive protection against malicious online attacks. During a typical DoS attack, SysMaster effectively filters out all "redundant" data packets, thus protecting both the corporate/web site WAN bandwidth and the computational resources of the servers. In addition, SysMaster provides online attack protection against SYN Flood, UDP Flood, Teardrop Attack, Ping-of-Death, Mail-bomb attack, broadcast amplification and more.

Type of Attacks SysMaster Prevents

Platform Basic Security

  • Basic IP spoofing prevention - prevents the IP spoofing of the SysMaster device
  • Ping-of-Death Attack
  • Broadcast Amplification
  • Chargen Attack
  • Echo Attack
  • Finger Attack
  • Basic SYN Flood (local)
  • Basic UDP Flood (local)
  • Teardrop Attack (local)
  • Land Attack (local)

QoS Function Module

  • Mail-bomb Attack
  • Teardrop Attack
  • Smurf Attack
  • Fraggle Attack
  • Trinoo Attack
  • Tribe Flood Network
  • TFN
  • TFN2K
  • Stacheldraht
  • Shaft
  • Mstream
  • Teardrop Attack
  • Land Attack
  • Advanced SYN Flood
  • Advanced UDP Flood
  • Distributed DoS (DDoS)
  • ICMP Ping Flood
  • Network Isolation and Traffic Restriction
  • Geo-Managed Traffic Control
  • Unauthorized Traffic Isolation and Restriction
  • Class/Filter Based Packet Processing

Firewall Function Module

  • IP Spoofing Prevention - prevents IP spoofing for managed devices
  • Smurf Attack
  • Fraggle Attack
  • Teardrop Attack
  • Land Attack

SysMaster is capable of filtering traffic based on source/destination IP addresses, IP network masks, IP/TCP/UDP ports, packet types and more. It can be configured to accept limited traffic from specific addresses or completely prohibit all access. In addition, specific TCP/UDP traffic, or any application based on these protocols can be restricted. Advanced mechanism for flood detection, such as SYN flood, PING flood and others, allows for quick isolation of malicious attacks.

Additional Security Capabilities

SysMaster as a gateway in SNAT mode

SysMaster can protect networks from external attacks by acting as a network gateway in SNAT mode. All enterprise computers are protected, because they share internal IP address space, while SysMaster provides all external connectivity. This feature helps to improve overall security.

Fail-over setup

SysMaster delivers additional security by allowing for redundant setups where a redundant device takes control in the event the primary device breaks down.

 

top of page
 
 
©2004 SysMaster Corporation. All rights reserved.