What is Andrisoft Wanguard?
Andrisoft Wanguard is a sophisticated network security software solution designed to protect large-scale IP networks from Distributed Denial of Service (DDoS) attacks. The platform utilizes an innovative traffic anomaly detection engine that continuously analyzes over 130 traffic metrics against user-defined thresholds while profiling normal user behavior to identify unusual traffic patterns. Upon detecting threats, the system can automatically trigger predefined response actions including sending notifications, announcing prefixes via BGP, generating SNMP traps, modifying ACLs, or executing custom scripts through an intuitive API.
The software offers comprehensive DDoS mitigation capabilities by filtering malicious traffic on-premises through intelligent dynamic filtering rules applied to stateless software or hardware firewalls and BGP Flowspec-compatible routers. Wanguard provides full network traffic visibility through distributed sensors that capture IP packets, query SNMP devices, and analyze flow records, with all data presented through customizable web-based dashboards featuring real-time traffic graphs and advanced analytics.
Features
- DDoS Detection: Identifies volumetric DDoS attacks using traffic anomaly detection engine analyzing 130+ metrics
- Automated Mitigation: Filters malicious traffic through dynamic rules applied to software/hardware firewalls and routers
- Traffic Visibility: Provides comprehensive network monitoring through distributed sensors capturing packets and flow records
- Flow Analysis: Includes Flow Sensor component supporting NetFlow, IPFIX, and sFlow technologies for traffic correlation
- Packet Inspection: Features Packet Sensor component sniffing 10/40/100 Gbps interfaces at wire speed with Wireshark-like interface
Use Cases
- Protecting telecom networks from DDoS attacks
- Securing cloud hosting data centers against volumetric threats
- Monitoring and mitigating attacks for Internet Service Providers
- Providing DDoS protection for content delivery networks
- Enhancing security for enterprise network infrastructure
FAQs
-
What types of DDoS attacks can Wanguard detect?
Wanguard detects volumetric DDoS attacks using traffic anomaly detection that analyzes over 130 metrics against user-defined thresholds while profiling normal user behavior. -
How does the automated mitigation work?
The system automatically triggers predefined response actions including sending notifications, announcing prefixes via BGP, generating SNMP traps, modifying ACLs, or executing custom scripts when threats are detected. -
What flow technologies does the Flow Sensor support?
The Flow Sensor supports NetFlow versions 5, 7, and 9, IETF IPFIX, and sFlow versions 4 and 5 for comprehensive traffic analysis. -
Can Wanguard operate in high-speed network environments?
Yes, the Packet Sensor component can sniff 10/40/100 Gbps port-mirrored or in-line interfaces at wire speed for real-time traffic inspection. -
What deployment options are available for the mitigation system?
The system can operate inline within the main data path or redirect traffic via BGP on/off-ramping to dedicated packet-scrubbing servers.
Related Queries
Helpful for people in the following professions
Andrisoft Wanguard Uptime Monitor
Average Uptime
100%
Average Response Time
236.4 ms
