Check Point Rolls Out New Appliances To Fight DDoS Attacks


Check Point Software Technologies, Ltd. has introduced a new line of security appliances designed to fight distributed denial of service (DDoS) attacks that disrupt IT functions by overloading traffic on the network.

“DDoS attacks have become a lot more commonplace with the pervasiveness of botnets,” said Check Point President Amnon Bar-Lev. “They are also becoming much more application-specific. Most solutions on the market today focus on stopping denial-of-service at the ISP. This strategy is expensive, plus it’s not fully adapted to the customer’s specific site or circumstances.”

Recent studies suggest that DDoS attacks rank among the top concerns of IT managers today.

[Related: Financial Services In The Crosshairs Of DDoS Attackers]

Developed in conjunction with Radware, Check Point’s new line of "DDoS Protector" appliances use multi-layered protection and up to 12 Gbps of throughput to block all major attack types such as network floods, server floods, application-layer DDoS attacks, as well as low-and-slow attacks.

“Mid-sized to enterprise customers would likely be interested in this sort of an offering,” said Matthew Hutchings, president of Dolomite Technology, LLC, a Henderson, Nev.-based channel partner who was unfamiliar with the specific offering from Check Point but noted the industry emphasis on DDoS. “If it’s an all-in-one solution, that could save customers quite a bit of money.”

Key functionalities include the ability to defend against TCP, UDP, ICMP, IGMP and fragment DDoS attacks with adaptive behavioral-based detection; predefined and customized filters to block rate-limits per pattern; SYN rate thresholds that protect against SYN-spoofed DDoS; and blockage of non-supported protocols and application-level flood attacks. The systems also uses DNS footprint blocking rate limits and DNS challenge and response to further forestall attacks. In addition, the appliances also block HTTP connection-based DDoS attacks and upstream HTTP bandwidth attacks with server-based HTTP adaptive behavioral detection.

"[Check Point's] device monitors changes in the traffic and can take action, based on how the system is configured," Bar-Lev told CRN.

The device is positioned in front of the perimeter gateway where it can detect and stop potential DDoS attacks before they reach the main security gateway. The product line features seven different models with densities of up to 16 ports. Customer support and access to an emergency response team is also available. Check Point also offers a management suite that provides full visibility to all security events from a single pane of glass.

“This is a product and a service that channels can offer to better serve their customer base, and build support and other professional services around it,” summarized Bar-Lev. “When the channel builds more capability into the customer’s infrastructure, it adds a lot of value and helps to solidify those business relationships.”