Check Point DDoS ProtectorAppliances block Denial of Service attacks within seconds with multi-layered protection and up to 12 Gbps of performance.

Modern DDoS attacks use new techniques to exploit areas where traditional security solutions are not equipped to protect. These attacks can cause serious network downtime to businesses who rely on networks and Web services to operate. DDoS Protectors extend company’s security perimeters to block destructive DDoS attacks before they cause damage.

Benefits

Blocks a wide range of attacks with customized multi-layered protection
  • Behavioral protection base-lining multiple elements and blocking abnormal traffic
  • Automatically generated and pre-defined signatures
  • Using advanced challenge/response techniques
Fast response time - protects against attacks within seconds
  • Automatically defends against network flood and application layer attacks
  • Customized protection optimized to meet specific network environment and security needs
  • Quickly filters traffic before it reaches the firewall to protect networks, servers and block exploits
Flexible deployment options to protect any business
  • A family of 7 new appliances offering: low-latency (less than 60 microseconds), high-performance (up to 12 Gbps), port density of up to 16 ports (12x1GbE and 4x10GbE)
  • Appliances easily fit into existing network topology (layer-2 bridge)
  • Ready to protect any size network in minutes
Integrated with Check Point Security Management
  • Leverage SmartEvent, SmartLog and SmartView Tracker for real-time and historic view of overall network security and DDoS attack status
  • Standalone policy management with both Web UI and command line interface
  • Team of security experts provide immediate response during DoS attacks

Features

Armed with sophisticated technologies and advanced DoS detection and prevention techniques, the Check Point DDoS Protector is capable of stopping today’s advanced DDoS attacks including:

  • Non-vulnerability-based attacks that misuse server resources, such as
    • Application DoS – HTTP , SIP, and other flood attacks
  • DoS/DDoS flood attacks that misuse network bandwidth resources
  • Rapid response and real-time update of custom filters to protect against emerging attacks
  • Real-time signatures are generated for each attack pattern, using up to 20 different parameters
  • Block attacks without blocking legitimate user traffic
  • Intelligent flash traffic detection sees the difference between legitimate spikes in traffic and attacks

The DDoS Protector has the ability to differentiate between a sudden flash traffic and a real DDoS attack, and uses a real-time behavioral signature created on-the-fly to mitigate DDoS attacks. The DDoS Protector allows legitimate spikes in traffic that simpler rate-based technologies would block.

The wide range of DDoS Protector appliances provides up to 12Gbps capacity for full network traffic inspection and protection, with dedicated hardware acceleration against DDoS attacks that can block high packets-per-second attacks that overuse the CPU resources of networking and security equipment. Excellent user response time is maintained even when under attack – there’s no need to risk compromising on legitimate user access when DDoS attacks occur.

With seven models to choose from, Check Point DDoS Protectors are ready to protect network of all sizes in minutes and can be installed inline locally, through an ISP, or both.

Effectively identify and stop brute-force flood attacks at the network level.

Overwhelming the network resources with a large-scale botnet to shut down its normal services is an old, yet still effective method for launching network flood attacks. The Check Point DDoS Protector can quickly identify and mitigate these types of network flood attacks.

Check Point’s unified security management solution includes:

SmartEvent

Unified security and analysis solution that delivers real-time threat management information to instantly stop threates and block attacks with on-the-fly protections. Move from business view to forensics in just three clicks.

SmartLog

Advanced log analyzer that delivers proactive security intelligence with split-second search results from any log field for instant visibility into billions of log records over multiple time periods and domains.

SmartView Tracker

Comprehensive auditing solution to troubleshoot system and security issues, gather information for legal or audit purposes, and generate reports to analyze network traffic patterns. In the case of an attack or other suspicious network activity, use SmartView Tracker to temporarily or permanently terminate connections from specific IP addresses.

Specifications

Model

506

1006

2006

3006

4412

8412

12412

1  Actual performance figures may change per network configuration, traffic type, etc.
2 Capacity is measured as maximum traffic forwarding when no security profiles are configured.
3 Throughput is measured with behavioral IPS protections and signature IPS protections using eCommerce protection profile.
4 External fiber fail-open switch with SFP ports is available at additional cost.
5 External fiber fail-open switches with SFP or XFP ports are available at additional cost.
Network Grade

Enterprise

Datacenter

Performance1
Capacity 2

500Mbps

1Gbps

2Gbps

3Gbps

4Gbps

8Gbps

14Gbps

Throughput 3

500Mbps

1Gbps

2Gbps

3Gbps

4Gbps 

 

8Gbps

12Gbps

Max Concurrent Sessions

2,000,000

4,000,000

Max DDoS Flood Attack Prevention Rate (pps)

1,000,000

10,000,000

Latency

< 60 microseconds

Real Time Signatures

Detect and protect in less than 18 seconds

Inspection Ports
10/100/1000 Copper Ethernet

4

4

4

4

8

8

8

Gigabit Ethernet (SFP)

2

2

2

2

4

4

4

10 Gigabit Ethernet (XFP)

-

-

-

-

4

4

4

Management Ports
10/100/1000 Copper Ethernet

2

2

2

2

2

2

2

RS-232

1

1

1

1

1

1

1

Operation Mode
Network Operation

Transparent L2 Forwarding

Deployment Modes

In-line; SPAN Port Monitoring; Copy Port Monitoring; local out-of-path; Out-of-path mitigation (scrubbing center solution)

Tunneling Protocol Support

VLAN Tagging, L2TP, MPLS, GRE, GTP

IPv6

Support IPv6 networks and block IPv6 attacks

Policy Action

Block & Report, Report Only

Block Actions

Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination), Challenge-Response for HTTP and DNS attacks

High Availability
Fail-open/fail-close

Internal fail-open/fail-close for copper ports; internal fail-close for SFP ports; optional fail-open for SFP ports 4

Internal fail-open/fail-close for copper ports; internal fail-close for SFP and XFP ports; optional fail-open for SFP and XFP ports 5

Clustering

Active-Passive Cluster

Power
Dual Power Supply

Optional

Yes - Hot Swappable

Advanced internal overload mechanism

Yes

Power Consumption

177W,
(Dual PS option 147W)

476W

Heat Dissipation

604 BTU/h,
(Dual PS option 501 BTU/h)

1623 BTU/h

Auto-Ranging

100V-120V/200V-240V AC 47-63Hz or 38-72VDC

Physical
Dimensions (WxDxH)

424mm x 457mm x 44mm

424mm x 600mm x 88mm

Weight

15.9 lb / 7.2 kg,
(Dual PS option 19.2 lb / 8.7 kg)

39.0 lb / 18.0 kg

Operating Temperature

0 - 40 C

Humidity (non-condensing)

5% to 95%

Certifications
Safety Certifications

EN 60950-1:2006, CB - IEC 60950-1, cTUVus

EN, UL, CSA, IEC #60950-1

EMC

EN 55022, EN 55024, FCC Part 15B Class A

Other Certifications

CE, FCC, VCCI, CB, TUV, UL/cUL, CCC, C-Tick, RoHS