Jobs & Careers | Warranty & Testing | Privacy Policy | Asset Recovery Services

Buy Juniper & Cisco Equipment Online

Used Cisco | Used Extreme | Used Foundry | Used Nortel | New Force10 | New F5 Networks | New Juniper | Used HP

Search Telecom and Network EquipmentProduct SpecialsAwardsForumsCompany InformationPress ReleasesComputer & Technology ArticlescertificationsWe Sell to GovernmentContact Us

Bookmark and Share |

Jump to Telecom Equipment

Request a Free Quote

Sell to us or Recycle your Equipment

Watch Company Virtual Tour

Top Networking Brands
Networking Products

LOADMASTER APPLICATION DELIVERY CONTROLLER SECURITY OVERVIEW

SSL OFFLOAD/ACCELERATION, INTRUSION PREVENTION SYSTEM (IPS) AND DENIAL OF SERVICE (DOS)

Small-to-medium sized businesses (SMB) are increasingly relying upon web-based applications and web-enabled services for running their business. Applications such as CRM, e-commerce transactions and other web-enabled applications are accessed both locally and remotely from outside the business facilities. These web- based applications are vulnerable to attacks from viruses, intrusions, and denial of service (DoS) attacks, as traffic comes into the network through various ports and firewalls without being inspected.

SMBs are facing an extraordinary number of network attacks from internal personnel and external hackers. Security problems such as unauthorized access, firewall breaches and other malicious intrusions are occurring on a daily basis. Compounding these problems is the fact that existing security tools such as firewalls, IDS, VPNs, anti-spam and anti-virus gateways do not have the processing capability, performance and the application-level security intelligence to protect against the growing amount of application-level attacks. SMBs are particularly vulnerable to security threats, and risk major losses of intellectual property, user productivity and potential loss of revenue. With that said, there is an increasing need for security solutions that provide real-time protection from a wide variety of application-level attacks.

When an SMB incurs a DoS attack, their IT resources are deprived of the services. Examples of such an inability of a network service are: e-mail might become unavailable, or there may be a temporary loss of all network connectivity and services, or the datacenter may be forced to temporarily shut down operations. DoS attacks can also wipe out a computer system's software programs and files.

The need for application-based security protection:
  • Web-based Applications are Vulnerable to Attacks – such as viruses, intrusions, and DoS, as traffic comes into the network through various ports and firewalls without being inspected.
  • Explosive Growth of Attacks – The amount and seriousness of application vulnerabilities are growing at a dramatic rate, while the cost of these attacks is soaring.
  • Current Security Tools Cannot Block Attacks – Firewalls, IDS and anti-virus gateways do not have the processing capacity, performance and the application-level security intelligence to guard against application-level attacks, leaving organizations vulnerable.
LoadMaster Security Benefits:
  • Protects web servers that have no controlled access – including protection from hackers and denial of service attacks
  • Protects web servers with controlled access, by limiting access specifically to authorized users
  • Provides security protection for Internet, intranet, and extranet environments
  • Blocks the most common attacks before they reach servers
LoadMaster Security Capabilities:
  • Black List (Access Control List system)
  • IP address filtering
  • Firewall filtering
  • DDOS mitigation
  • SYN Flood Protection
  • Ping of Death Protection
  • ICMP Flood protection
  • UDP Flood protection
  • SSH/SSL brute force attack protection

LOADMASTER SSL SECURITY

All LoadMaster Application Delivery Controllers and Server Load Balancers include hardware-based (ASIC) for Secure Socket Layer (SSL) offload and acceleration. SSL Acceleration performed by LoadMaster provides two benefits:
  • LoadMaster offloads the SSL workload from the Servers, and performs Layer 7 processing, cookie-based persistence and content switching. ASIC-enabled SSL Acceleration has a separate specialized processor, which handles all SSL functions.
  • SSL Acceleration includes support for up to 256 SSL Certificates, supports third-party certificates, automated SSL certificate chaining, and web user interface-based SSL certificate signing request (CSR) generation.

INTRUSION PREVENTION SYSTEM (IPS)

LoadMaster's Intrusion Prevention System (IPS) is installed in-line, inspecting all traffic before forwarding it onto the network. If the LoadMaster IPS detects malicious activity it terminates the session. By default, intrusion prevention is enabled, and protects all application delivery services. However, administrators can disable the LoadMaster intrusion prevention capabilities. The Intrusion Prevention System protects applications from the following common threats:
  • Virus propagation
  • Buffer overflows
  • Protocol-specific attacks

NETWORK PROTOCOL PROTECTION

The LoadMaster 3500 contains protocol- specific guards that protect your Servers from attacks targeting SMTP, DNS, and LDAP protocols.

APPLICATION-SPECIFIC ATTACKS

The LoadMaster 3500 protects applications that are particularly vulnerable to external attacks. These applications include IIS, Websphere, Cold Fusion, Exchange, and many others.

OPERATING SYSTEM-SPECIFIC ATTACKS

LoadMaster 3500 contains Microsoft and UNIX-specific detection capabilities that identify malicious activity against these operating systems. The Intrusion Prevention System is updated with the latest threats every hour by Energize Updates.

AVOID THE "PORT 443 BLIND SPOT"

With the LoadMaster, you can get complete Application Layer 7 IPS exactly where you need it. As an SSL termination point, the LoadMaster is the outermost point on the network that enables it to see all Layer 7 exploits coming in, and completely avoid the dreaded "port 443 blind spot".

GET THE PERFORMANCE YOU NEED

The LoadMaster 3500 delivers 2,000 TPS of SSL processing power, so you don't have to sacrifice end-user responsiveness. Denial of Services LoadMaster ensures continuous real-time DoS/DDoS and SYN attack protection for web application security. Security events are isolated to ensure continuous uptime even while under attack, while unaffected traffic is allowed through without degrading performance.
  • SYN Flood Protection
  • Ping of Death Protection
  • ICMP Flood protection
  • UDP Flood protection

CREDIT CARD SECURITY

LoadMaster Application Delivery Controllers are compliant with PCI-DSS (the credit card data security standard). Companies use LoadMasters every day to process credit card transactions via SSL.

SUMMARY

Small-to-medium sized businesses face unprecedented amounts of network security attacks from internal personnel and external hackers. Security tools such as firewalls, IDS, VPNs, anti-spam and anti-virus gateways are not capable of providing the processing capacity, performance and the application-level security intelligence necessary to protect against the increasing amount of application-level attacks. SMBs are continuously exposed to security hazards that pose a threat to their intellectual property, potential revenue loss and lost productivity.

KEMP Technologies' LoadMaster Application Delivery Controllers and Server Load Balancers help to ensure that online business remains stable even while under attack. The LoadMaster simplifies and centralizes network infrastructure management, and optimizes performance and scalability of IT infrastructure to economically scale server resources and security operations to deliver optimal security management and enforcement.

KEMP products deliver availability, performance, scalability and security to the SMB web infrastructure.

ABOUT KEMP TECHNOLOGIES

KEMP Technologies is a leader in cost-effective application delivery controllers and server load balancer appliances tailored to meet the needs of small-to-medium sized businesses (SMB) that rely on the Internet for e-commerce and business-critical applications. KEMP helps SMBs rapidly grow their business with 24/7 high-availability, better web infrastructure performance, scalability and secure operations - while streamlining IT costs.

Thousands of KEMP LoadMaster products are in use today to improve customer satisfaction by accelerating user access to business-critical web applications. Managed service providers also rely upon KEMP products to enable fast time-to-market and cost-effective operations for new and existing managed services.

KEMP's highly affordable LoadMaster products include Layers 4-7 load balancing, content switching and server persistence, SSL offload/acceleration, WTS load balancing and persistence with Session Directory integration, and application front-end capabilities (caching, compression, intrusion prevention system), plus one full year of product support – delivering industry leading price/performance value.

Hardware Load Balancers







Kemp LoadMaster White Papers

LoadMaster Case Studies

You are Viewing kemp technologies white paper 03

Site Navigation

Home
Cisco
Extreme
Foundry
Force10
HP
Nortel

Used Compaq
F5 Networks
Juniper
Search
Contact
Forums

Definitions

Copyright © 2012 Network Liquidators ®. All rights reserved.

Contact Information

Office: 813.852.6400
Email: sales@nweq.com
Oldsmar, FL 34677