FlowGuard service is a technologically advanced solution that provides comprehensive protection against DDoS attacks. The deployment of FlowGuard is suitable where the disruption of the availability of critical online services by DDoS attacks could result in major financial losses or threatens the operation of a strategically significant entity. Typical examples are, for example, online shops, payment gates or software applications provided as a service, or network infrastructure of offices, energy suppliers or similar institutions.
Individual attacks are not completely identical, and differ in design and intensity. Each type of attack, therefore, requires a special approach and specific actions. FlowGuard uses a self-learning mechanism with elements of artificial intelligence to quickly identify a dangerous data stream and also enable a rapid response to completely new types of attacks.
Specifically, protection against DDoS attacks can be divided into two parts. The detection of an ongoing attack and to mitigate, i.e. streamline the data stream. FlowGuard can work in two modes, either in the cloud or hybrid.
In the case of a cloud solution, all data traffic is continually redirected to the FlowGuard Cloud, which automatically detects attacks, deflects and cleans up traffic.
In the case of a hybrid version of FlowGuard service deployment, a protected device (CPE) is used to detect attacks on a protected entity. FlowGuard can be integrated with any CPE device that allows you to export information about data flows. Suppliers of verified devices include major manufacturers such as Flowmon, Radware, Arbor, CheckPoint, and Cisco. In regular mode, FlowGuard continuously evaluates data streams so that when captured in warning signals it is ready to deflect an attack.
If the CPE identifies an attack, the defensive mechanism is activated when the data stream is redirected to the massive infrastructure of a so-called scrubbing center. Here, infected data is cleaned of malicious content and only legitimate data flows leave the network infrastructure protected by online services. Due to this, the protected service remains available even in the case of a large attack.