Esphion   Solutions & Products News & Events Customers Partners Company Resources
News & Events
Articles & Reviews | Press Releases | White Papers | Events & Webcasts | Thinking

Press Releases

April 16, 2002

netDeFlect version 1.0 released

Esphion Limited today announced the general availability of netDeFlect 1.0, which formulates and implements accurate detection and defence strategies against DDoS attacks. netDeFlect is deployed as a network device, the Esphion n1000, and is specifically designed as a solution against the threat of distributed-denial-of-service (DDoS) attacks and worms. It detects such attacks at the onset, provides the crucial early warning, filters out attack traffic, and even reconfigures up-stream routers to assist in the filtering of attacks. Additionally, netDeFlect detects worms and prevents them from spreading further, thereby protecting servers as well as the available bandwidth on the network. netDeFlect also detects and stops other signature based attacks, like Land, Teardrop, Ping-of-Death, etc., and prevents fragmentation attacks.

netDeFlect utilizes specialized algorithms, signature scanning, mathematical traffic profile models, and rules. The flexibility of this powerful rules-based approach allows netDeFlect to take advantage of site-specific knowledge in order to significantly increase the accuracy of attack detection and defense in any given network environment. An accurate and early detection and warning at the onset of an attack is the most important ingredient in the successful defence. To aid with the attack detection, netDeFlect monitors and records more than 6000 different network statistics."
netDeFlect is currently installed at some of the New Zealand's largest Telco's, ISPs, and Banks. Esphion will be collaborating with the New Zealand Defense Force in next month's NATO - JWID (Joint Warrior Interoperability Demonstration)", said Johnny Cates, CEO of Esphion.

"The ability to provide network analysis and filtering capabilities simultaneously has been labelled as 'really cool'. The promise of not having to deploy multiple devices to perform multiple functions has been called 'great'. Many customers are also excited about the prospect of being able to automatically reconfigure up-stream routers."

About Esphion Limited:
Headquartered in Auckland, New Zealand, Esphion Limited is ushering in a new era in mission critical network applications with its revolutionary nTAIS (Network Traffic Analysis and Interpretation System) architecture. Based on nTAIS, Esphion provides solutions that allow extensive analysis of network traffic, rate-shaping, logging, bandwidth-billing, and successful defence against denial-of-service (DoS and DDoS) attacks and worms. By allowing all of these applications to run on Esphion's n1000 device simultaneously, customer's deployment and network management costs are significantly reduced. Esphion is backed by the NZ Seed Fund. For more information, please visit www.esphion.com or contact the company at info@esphion.com.

 

The solution
The web hosting company installed netDeFlect, Esphion’s patented network security solution. A single, standalone netDeFlect agent was deployed, connecting to the company’s two data centres to provide the new layer of DDoS protection.
To provide early warning of any build-up in traffic, the agent’s sensor is connected to a series of Layer 3 switches located upstream of the company’s border routers, as close to the boundary with its ISP as possible.

At the first detection of a possible DDoS attack, netDeFlect produces a fine-grained attack signature which is applied in the form of an access control list (ACL) to the Layer 3 switches. This is then used to block all traffic originating from the source of the DDoS attack (regardless of whether the addresses are spoofed) before it reaches any critical network infrastructure.

The immediacy offered by netDeFlect has helped to dramatically reduce the average resolution time for a network attack to just five minutes. Perhaps more importantly, by adding this proactive layer of defense the web hosting company has been able to improve service and ensure a greater ability to maintain service levels for its customers, regardless of network anomalies.

Esphion is there to detect anomalous behavior in your unique network environment - we don't care whether it is an attack that has a name and a signature or not - if it is determined to have the potential to disrupt your network we will provide you a solution to block it before it does. Think of us as a highly intelligent virtual network and security engineer watching network links 24x7x365.
Mark Edwards, CEO, Esphion

 
© 2007 Esphion Ltd. All rights reserved. | Legal Notice | Privacy & Security | Contact Us