Applies To:
Show Versions
F5 DDoS Hybrid Defender
- 13.0.0
Introduction to DDoS Hybrid Defender
F5® Herculon™ DDoS Hybrid Defender™ protects your organization against a wide range of DDoS attacks using a multi-pronged approach. By combining on-premises and cloud technologies, analytics, and advanced methods, DDoS Hybrid Defender is a hybrid solution that detects network and application layer attacks, and is easy to deploy and manage.
DDoS Hybrid Defender mitigates against the full spectrum of DDoS attacks including:
- Network capacity attacks
- DNS and SIP protocol volumetric attacks
- HTTP and HTTPS volumetric attacks
- HTTP and HTTPS CPU-based (heavy URL) attacks
You can specify which objects to protect on the network, assigning the appropriate protections to network devices and application servers, and prevent attackers from exhausting network resources and impacting application availability. DDoS Hybrid Defender can be installed for high availability (two systems) or as a stand-alone system.
Example DDoS Hybrid Defender deployment
DDoS Hybrid Defender™ guards against multiple types of attacks including protection for the device, protection for the data center, networks, and, optionally, offloading using F5 Silverline® cloud-based services.
Here is how it works: A DDoS Hybrid Defender™ system that is deployed in your network defends against DDoS Layer 3 through Layer 7 attacks as long the upstream Internet pipe is not saturated. When the upstream pipe is flooded, DDoS Hybrid Defender can signal the F5 Silverline Cloud Platform to help mitigate the attack. DDoS Hybrid Defender sends Silverline Cloud Platform the information that an attack was detected, and provides the application or CIDR definition, destination subnet, attack type, and the attack size.
The Hybrid Signaling feature enables enterprises with DDoS Hybrid Defender to integrate with F5 Silverline to divert traffic during large attacks. The F5 Silverline Cloud Platform scrubs the volumetric attack traffic and forwards the clean traffic to the customer’s networks. The clean traffic is sent through GRE tunnels that were set up between the Silverline scrubbing centers and the customer’s networks.
Example DDoS Hybrid Defender deployment
