Arbor Edge Defense

Defense at the Network Edge
Deployed in between the firewall and internet router, and using highly scalable stateless packet processing technology, Arbor Edge Defense acts as a network edge threat intelligence enforcement point where it blocks in bulk, inbound cyber threats (e.g. DDoS attacks, IOCs) and outbound malicious communication - essentially acting as the first and last line of perimeter defense for an organization.

Benefits

Be a First Line of Defense

• by blocking inbound DDoS attacks to protect the availability of your network, services, or stateful security devices (e.g. firewall)

Be a Last Line of Defense

• by blocking outbound communication from compromised internal devices to attacker command and control (C2) infrastructure to stop the proliferation of attacker and malware within your organizations and ultimately avoid a data breach

Integrate

• AED’s use of standards such as STIX/TAXII, SYSLOG (CEF, LEEF), a REST API, and its ability to provide more context to blocked IoCs via ATLAS Threat intelligence enables it to become a fully integrated component of your existing security stack and process

Features

Stateless, On-premise, DDoS Protection

• AED offers best-in-class DDoS protection. AED can stop DDoS attacks as large as 40 Gbps and due to its stateless packet processing technology, AED can stop TCP-state exhaustion attacks that target and impact stateful devices such as NGFWs.

Intelligently Automated, Hybrid DDoS Protection

• AED's Cloud Signaling can automatically route large DDoS attacks to one of NETSCOUT’s Arbor Cloud global scrubbing centers for mitigation – offering the industry best practice of hybrid DDoS protection.

Edge Enforcement of Your Threat Intelligence

• Armed with potentially millions of IoCs from NETSCOUT’s ATLAS Intelligence Feed or 3rd parties, AED can enforce your threat intelligence at the network edge to stop inbound DDoS attacks and outbound communication to known bad sites.

Integration with Existing Security Stack and Process

• AED's REST API, support for Syslog (CEF, LEEF) and STIX/TAXII, enable AED to be a fully integrated component of an organization’s existing security stack and process.