Procera enables broadband service providers to implement effective threat mitigation strategies with market-proven intelligent policy enforcement solutions.
Broadband Threat Mitigation
With the proliferation of malware, viruses and other network threats expanding, broadband network operators need to think beyond firewalls. Many are turning to Unified Threat Management (UTM) strategies that combine firewalling, intrusion prevention, gateway virus and spam safeguards, content filtering, and other threat detection and mitigation measures in a single, integrated system.
How can broadband operators implement effective unified threat detection and mitigation in their access and core networks? They need solutions that enable them to:
- Monitor network traffic in a granular way to pinpoint potential threats and block them quickly
- Respond to threats in real time according to established policies, enforcing mitigation measures specific to each threat type
- Enable fine-grained mitigation of attacks at the subscriber and application layer
The Procera Solution
Procera enables broadband operators to manage threats more effectively with real-time Intelligent Policy Enforcement (IPE) solutions that provide three key use cases:
- Awareness of all network traffic and data. Our IPE solution provides granular awareness of all subscriber data and activity, as well as device, application type, location, and more. Providing visibility down to a single flow in the network enables operators to zero in on the applications used for attacks as well as the characteristics of the attack traffic, including the ability to capture the traffic in the PacketLogic system for forensic analysis.
- Detection of potential threats, in real time, according to defined policies. Our IPE solution analyzes traffic against a comprehensive library of application signatures and can detect anomalous activity based on session and bandwidth limits, instantly alerting threat mitigation and audit systems when thresholds are breached.
- Blocking, quarantining and reporting of suspect traffic. Procera’s solution also reports on and quarantines infected devices or subscribers exhibiting prohibited behavior (e.g. activity resembling a DDoS attack). Optionally, the subscriber can be redirected to a captive portal that notifies them of the infection or prohibited activity, requiring subscriber acknowledgement and corrective action before access is restored.
<< PacketLogic for Fixed Broadband Service Providers