AhnLab

  • Privacy & Security
  • EULA
  • Contact Us
  • Terms of Use
  • Sitemap

Subscribe to Our Newsletter

Stay informed with AhnLab’s latest threat intelligence
and security insights delivered monthly to your inbox.

Country
AhnLab V3 Engine VersionOES :
Update Engine Now →
  • Visit our LinkedIn Profile
  • Visit our Twitter page
  • Visit our YouTube channel
  • © AhnLab, Inc. All rights reserved.
  • ASEC
  • MyCompany(ELS)
  • AhnLab Document Center
skip navigation
  • 메뉴
  • 본문
  • 하단 정보(링크)
  • Products
    • AhnLab PLUS Platform
    • AhnLab Endpoint PLUS
      • Anti-Malware
      • EPP
      • Sandbox (ATD)
      • EDR
      • SMB Security
      • Mobile Security
    • AhnLab Network PLUS
      • NGFW
      • IPS
      • DDoS Mitigation
      • Sandbox (ATD)
      • Threat Management
    • AhnLab Cloud PLUS
      • CWPP
      • Cloud NGFW
      • Cloud IPS
      • Cloud Threat Management
    • AhnLab Connect PLUS
      • XDR
      • Threat Intelligence
      • SOAR
    • AhnLab CPS PLUS
      • CPS Protection Management
      • OT Endpoint Protection
      • OT IDS
      • OT Portable AV
      • OT Firewall
      • OT Data Diode
      • OT Network Sandbox
      • IT Endpoint Protection
      • IT Anti-Malware
      • CPS Threat Intelligence
    • AhnLab AI PLUS
    • All Products and Services
  • Services
    • AhnLab Service PLUS
      • MDR
      • MSS
      • Professional Service
      • Security Consulting
      • Digital Forensics
      • Cloud Managed Service
      • Global Partners
    • All Products and Services
  • Solution
    • Ransomware Protection
    • Hybrid Cloud Security
    • Zero Trust
    • CPS Protection
    • SOC Modernization
    • TDR
    • DDoS Mitigation
  • Support
    • Technical Support
    • Threat Inquiry
    • Online Support
      • Q&A
    • Notice
    • Download
    • AhnLab Document Center
  • Content Center
    • Content Center
      • Cybersecurity 101
    • ASEC
      • Threat Descriptions
      • Threat Actor Naming
      • ASEC Security Advisory
      • ASEC Blog
    • Highlights
      • MITRE ATT&CK Eval Round 7
      • AhnLab 30th Anniversary
      • Frost Radar CPS Security Leader
  • Partners
  • Company
    • About Us
    • Strategic Materials
my page
Sign InSign Up
언어 선택

No recent searches

    • Contact Us
    • My Company
    • Security Map
HOME
Products
  • Products
  • Services
  • Solution
  • Support
  • Content Center
  • Partners
  • Company
AhnLab Network PLUS
  • Other Products
  • AhnLab PLUS Platform
  • AhnLab Endpoint PLUS
  • AhnLab Network PLUS
  • AhnLab Cloud PLUS
  • AhnLab Connect PLUS
  • AhnLab CPS PLUS
  • AhnLab AI PLUS
  • All Products and Services
DDoS Mitigation
  • NGFW
  • IPS
  • DDoS Mitigation
  • Sandbox (ATD)
  • Threat Management

AhnLab DPX

We Stop DDoS Attacks

Read BrochureContact Sales

The top-rated DDoS mitigation solution in Korea,
AhnLab DPX delivers complete DDoS detection and prevention coverage built on years of expertise and knowledge.

Why AhnLab DPX

The Best-in-Industry DDoS Mitigation Capabilities

No.1 for a Reason

The market research firm Frost & Sullivan recognized AhnLab DPX as the leading DDoS mitigation solution in Korea with the highest market share. Our market-leading product provides a complete set of security controls and outstanding user-friendliness that upholds its reputation; it has been trusted by numerous enterprises from the internet, telecommunication, and financial industries.

01

Full-Scale DDoS
Detection & Prevention

Threat actors employ various techniques for successful DDoS campaigns. By leveraging a pioneering 100G NIC for large-scale attack defense and an advanced response system, AhnLab DPX effectively counters DDoS attacks of different types, from low to high-volume attacks.

02

Verified Performance

AhnLab DPX has qualified for the Common Criteria (CC) certification, Good Software (GS) certification, and Information Security Product Performance Evaluation. The product outperforms its peers in multiple aspects, such as performance and user convenience, and sets the highest standard for DDoS mitigation.

03

Key Features

A Complete Feature Set for Optimal DDoS Mitigation

Deep Packet Inspection

AhnLab DPX conducts a full-scale network packet inspection to combat DDoS attacks in real-time. Its detection speed and precision are unparalleled by other solutions that primarily leverage network packet sampling methods.

Threshold-Based Rules
for Each Protocol

AhnLab DPX sets an individual threshold for various protocol elements for laser-accurate detection of DDoS attacks. Over 60 threshold-based rules drive an accelerated response to one of the most sophisticated and formidable attacks.

TCP/HTTP Authentication

By considering the characteristics of TCP and HTTP protocols, AhnLab DPX can distinguish whether the inbound traffic was generated by legitimate users or bots attempting to overload servers with excessive traffic.

Zone Settings

AhnLab DPX can create a virtual space called a “zone” by logically separating servers for protection. Users can configure up to 300 zones and ensure optimal protection for multiple servers via individual policy configuration and monitoring.

Self-Learn

AhnLab DPX performs the traffic learning to set a threshold baseline for laser-accurate DDoS detection. The self-learning process contributes to understanding the traffic pattern within each zone and determining the exact threshold value.

Inline/Out-of-path Deployment

AhnLab DPX supports both “inline” and “out-of-path” deployment methods aligned with different security requirements of customers. The flexible options enable the optimal deployment and operation of DDoS solutions.

Threshold-Based Rules
for Each Protocol

AhnLab DPX sets an individual threshold for various protocol elements for laser-accurate detection of DDoS attacks. Over 60 threshold-based rules drive an accelerated response to one of the most sophisticated and formidable attacks.

TCP/HTTP Authentication

By considering the characteristics of TCP and HTTP protocols, AhnLab DPX can distinguish whether the inbound traffic was generated by legitimate users or bots attempting to overload servers with excessive traffic.

Zone Settings

AhnLab DPX can create a virtual space called a “zone” by logically separating servers for protection. Users can configure up to 300 zones and ensure optimal protection for multiple servers via individual policy configuration and monitoring.

Self-Learn

AhnLab DPX performs the traffic learning to set a threshold baseline for laser-accurate DDoS detection. The self-learning process contributes to understanding the traffic pattern within each zone and determining the exact threshold value.

Inline/Out-of-path Deployment

AhnLab DPX supports both “inline” and “out-of-path” deployment methods aligned with different security requirements of customers. The flexible options enable the optimal deployment and operation of DDoS solutions.

Dashboard

Real-Time Monitoring of Traffic and Response Status

2403132973299508.png

AhnLab DPX dashboard enables users to monitor “System Resource Information”, “Traffic Status”, and “Response Status by Filter”. Users can quickly access information by selecting a specific zone.

From the dashboard, you can check:

  • System resource information
  • Bridge traffic inbound/outbound information
  • Protocol-based traffic information
  • Response status by filter

Solution

The Best Solution to Complicate DDoS Operators

  • DDoS Mitigation
    More

    DDoS Mitigation

    DDoS is an old-fashioned but still dangerous cyber-attack. To seamlessly protect business assets against different types of DDoS attacks, organizations should consider a dedicated DDoS mitigation solution such as AhnLab DPX, which is equipped with specialized toolsets.

Resources

  • Brochure

    AhnLab DPX

    download
  • Video

    AhnLab DPX

    link

FAQs

Frequently Asked Questions

The most frequently used features for countering DDoS attacks include:
1. Threshold-Based Detection: This technique involves calculating packet size or quantity originating from specific IP addresses and taking action against IPs that exceed predefined thresholds.
2. Authentication: This method identifies and blocks bots that initiate DDoS attacks, disregarding protocol characteristics.
DDoS attacks usually refer to high-volume attacks, but fundamentally, any attack that disrupts a target's services and puts them in a state of “Denial of Service” is considered a DDoS attack. Low-volume attacks originating from multiple IPs often bypass threshold rules, making authentication an effective defense method. Authenticated IPs can access the server, while failed authentication IPs remain blocked. This defense method proves valuable in mitigating attack traffic during actual DDoS attacks.
Inline deployment is a simple way to set up the product for immediate attack detection and prevention. However, unexpected traffic blocking or delays may occur since all traffic passes through the product. On the other hand, out-of-path uses traffic mirroring to detect DDoS attacks and diverts only suspicious traffic, thereby minimizing the impact on regular traffic.
Up to two 100G/40G NICs can be applied. Each NIC supports two ports, allowing for a total of 4 ports to be used.
DDoS mitigation solutions offer a broad set of features to defend against various DDoS attacks, making it crucial to assess the performance of each feature. Users must verify whether the product can deliver high bit-per-second (BPS)/packet-per-second (PPS) performance with its features enabled. Also, you need to check whether any performance issues exist in environments with many client IPs and assets to be protected.