WebMux – Using Flood Control versus Firewall for DOS and DDoS Attacks

Product Tech Tips Index

AVANU’s WebMux Flood Control Feature Stops Cybercrime DOS and DDoS Attacks in its Track

Cybercrime has been around for a long time but more recently has been very high profiled in its nature and everyone is affected from it.  Not only is it on a rise, it is rampant.  How can AVANU help prevent cybercrime? AVANU is the developer and manufacturer of the WebMux Network Traffic Manager, a server load balancing solution for managing, controlling, and securing Layers 4-7 network traffic.  WebMux has a unique Flood Control® feature that was specifically developed for a United States service organization of the Department of Defense in 2012 to provide protection for their servers against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks at the IP/UDP level.

How is AVANU’s WebMux Flood Control different from a Firewall?  Firewall rules and protocols are set where it is either ‘on’ or ‘off’ meaning if the settings are wrong, it could block legitimate traffic to the network servers.

The WebMux Flood Control features can limit or stop undesired or unwanted Internet Protocol (IP) network traffic, including protocols that rely on IP, such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), etc.  One example of undesirable or unwanted network traffic is Denial of Service Attacks (DOS, or DoS) or Distributed Denial of Service Attacks (DDOS, or DDoS) in which attacking computers (which may include un-suspecting proxies used by the attackers) attempt to establish large numbers of network connections to prevent legitimate traffic from getting through to the intended system that is targeted in the attack.  The Flood Control feature can set parameters that permit normal traffic but block traffic outside of the definition of normal.

Flood Control settings are “Packet Rate,” “Packet Threshold,” and “Timeout in Seconds.”  Those settings can be understood as the “Average Packets per Second Limit,” “Instantaneous Packet Limit,” and “Amount of Time a Client IP Address Will Be Blocked, in Seconds.”

WebMux has the ability to detect attacks on the networks, to trap bad IPs on the fly, and can also log the information of bad IPs for further review.

The Flood Control feature is available on all of the WebMux hardware appliance models and the Virtual WebMux software editions.