NSFOCUS engineers have developed a series of innovative, advanced algorithms that accurately detect and prevent malicious DDoS attacks. These integrated filtering modules include:

• Anti-Spoofing
• Protocol Analysis
• Customized Application Analysis
• User Behavior Analysis
• Dynamic Fingerprinting
• Rate Limiting

Working together, they deliver a solid defense by applying probability statistics against both known and unknown DDoS attacks. In addition to traditional anti-DDoS methods used by firewalls, IPS systems, etc, NSFOCUS's ADS appliance utilizes efficient algorithms of attack detection and identification to deal with massive DDoS attacks. The NSFOCUS ADS does more than merely stop attacks; it also applies cleaning techniques to ensure that only valid traffic gets through, and that your network remains operational.

NSFOCUS’ specially-designed ADS operating system reduces memory overhead, ensuring consistent, efficient operation; its modularized control system guarantees operation availability, under even the most extreme attack scenarios.

For customers who need greater throughput requirements, NSFOCUS’ high-end ADS appliances utilize Tilera’s® TILE64Pro™ multi-core architecture, dramatically boosting prevention capability up to 10 Gbps without compromising performance.

NSFOCUS’s ADS appliance is an integrated system ready to detect and mitigate increasingly sophisticated, complex, and deceptive DDoS attacks, including SYN Flood, UDP Flood, ICMP Flood in the network layer, as well as HTTP Get Flood, and DNS attacks in the application layer.

The full line of NSFOCUS’s ADS appliances features an advanced cluster architecture, with processing scalability, allowing you to easily expand your system capacity as needed. Both in-line and traffic diversion modes are flexible and easy to deploy in a cluster when additional processing capacity is required. The traffic diversion deployment mode enables DDoS traffic attack prevention capability from a single unit of up to 100 Gbps, scaling to more than 200+ Gbps in clustered mode.

NSFOCUS’s ADS appliances feature an intuitive, web-based GUI that makes it easier for you to manage the policy definition, operational monitoring, and report generation processes. Multiple monitoring and reporting levels provide your network operators and security administrators with a wide range of detailed real-time and historical information, as well as valuable information for security experts to review and tune your ADS security policies.

Integrated with the NSFOCUS NTA (Network Traffic Analyst) and NSFOCUS ADS-M (Management Console), the NSFOCUS ADS system offers an anti-DDoS solution that automatically analyzes and cleans anomaly traffic and provides unique policy application, reporting and self-service capability for end users.

When your network is attacked, traffic is diverted away from the main path and filtered by an ADS deployed at your egress point. After it’s filtered, the cleaned traffic is streamed back to your network. The out-of-path mode ensures network security, maximizing your corporate uptime.