Ability to detect and filter out only malicious traffic flowing into or from your network.
Flexible detection engine with support for DoS/DDoS attack types: amplification (NTP, SNMP, SSDP, DNS, GRE, chargen and other), floods (UDP, TCP, ICMP), attacks on tcp protocol (syn, syn-ack, fin floods), attacks on IP protocol (fragmented packets) and other. Including support for multi-vector attacks.
Very fast detection time: 1 second for sFlow 5 and port mirror mode and 5- 45 seconds for Netflow/IPFIX (depends in device model).
Scalable up to Terabits (multiple existing deployments with 1+ Tbps of traffic).
Deployment and interoperability features
Wide range of supported capture engines: sFlow v5, Netflow v5, v9, jFlow, Netstream, IPFIX (including complete support for sampled flows), mirror ports (sampled), Amazon VPC Flow logs, Google Compulre VPC Flow logs
Bundled BGP and BGP flow spec (RFC 5575) support.
Could use existing devices in your network for traffic filtration/blocking
Bundled support industry-leading tool for querying and visualizing traffic information: Grafana.
Very fast delivery time: about 40 minutes for installation and initial configuration (excludes network equipment configuration and time required for server preparation).
Tested compatibility with following vendors: Cisco, Juniper, Nokia, Huawei, Mikrotik, Extreme, Arista, Brocade, Dell, HP, Palo Alto, D-Link, Edge Core, Ericsson, Force and other.
Software based solution, you do not need any specific hardware, you could use any VM or server available on your local market.
Network engineers friendly command line configuration tool: fcli.
Developers friendly: API, hook scripts, filter scripts. JSON based database for configuration/attacks with wide range of client tools for different languages.