The RioRey Advantage

Why are traditional network protection schemes effective against threats such as viruses and Trojan horses, but not well-suited to DDOS protection? To answer this question, we will look at an historic view of network designers’ notions about protection prior to the emergence of the DDOS threat and compare that to our approach.


Traditional Approach:

This traditional scheme is very effective against common network security threats, such as viruses and Trojan horses, unauthorized attempts to compromise databases or hosts, and other illegitimate actions that the attacker wishes to accomplish unnoticed. However, adapting these techniques to combat DDOS attacks is problematic.

Router

  • Main function - Packet routing
  • Auxiliary function - Provide netflow information for billing and network diagnostics. Netflow information is used by anomaly detection devices to detect unusual network utilization, signaling a potential DDOS attack.
  • During a DDOS attack, once the attacker is identified, network operators can eliminate the attack by manually "null routing" (dropping) attack traffic, one attacking host or domain at a time.
Access Control List and/or Firewalls
  • Maintain a list of rules detailing the restriction of use for each host and device on the network.
  • Restricts traffic to and from a host unless it is a permitted and known type of service.
  • Can be configured to control both inbound and outbound traffic.
  • Once a DDOS attacker is identified, network operators can eliminate the attack by manually changing the ACL or Firewall table, one attacking host or domain at a time.
Intrusion Detection Systems (IDS)
  • Use deep packet inspection to analyze packets for virus, trojan horse and other application attacks.
  • Deep packet inspection technique is applied to DDOS protection, but must examine every packet in real-time.


RioRey™ Approach:

RioRey's innovative protection architecture, which features our Perimeter Protection Platform (PPP), is depicted in the diagram below. Our Platform removes attack traffic at the edge of the network, delivering line rate filtering to the entire infrastructure downstream. Because RioRey algorithms recognize good traffic and allow it to flow unimpeded, network communication is not hampered.

Perimeter Protection Platform

  • Added in front of the router, dedicated to DDOS mitigation.
  • High throughput, delivering line rate filtering to the entire network.
  • Filters out the majority of DDOS, preserving good data to the network.
Router, with the added Perimeter Protection
  • Relieves router congestion during a DDOS attack, maintains network performance despite an attack.
  • No need to update thousands of "null route" tables and clean up after an attack.
Access Control List and or Firewalls with the added Perimeter Protection
  • No manual intervention such as updating access lists during and after an attack
Intrusion Detection Systems with the added RioRey Perimeter Protection
  • Without the extra DDOS packets flooding the IDS, the system can now devote all resources to monitor and filter traditional attacks, which often attempt to penetrate under the cover of a DDOS attack.

What Our Customers Want

  
 Zero training and prep time
No need to train operators. No need to gather baseline data. RioRey DDOS protection starts on installation.
 Ease of installation
Set our device on the rack and connect it to the network. Turn on filter mode and it immediately begins protecting your network. The entire installation (including opening the box) takes less than an hour.
 No blocking of valid customer traffic while blocking attack traffic
Our system is designed for zero false positives — in other words, we never block valid customer traffic. Equally important, we never blacklist your customer's computer even if it may sometimes act as a zombie attack computer. Your customer can communicate with you even when you are blocking attack traffic from the same computer.
 Protection from DDOS at the front of the network
The RioRey box sits at the very front of your network and blocks the flood of DDOS traffic. Removing overwhelming DDOS attack traffic before it enters the network allows your existing network defenses to operate better by devoting full resources to stoppping other forms of invasions that are often embedded in DDOS attacks.
 A network-independent device
Our equipment functions independent of your network. In the unlikely event that our solution should fail, our fail-safe mode maintains your network connection, avoiding any network downtime.
 Minimal network personnel time and effort in the detection and blocking of DDOS attacks
Our system is totally automatic. Network personnel can monitor our system using rView but they do not need to take any actions to identify or block a DDOS attack. Operators can generate detailed reports using the rCare analytics tool.
 A straightforward, easy-to-use management system
The RioRey management system (rView) can be configured in a few minutes. Numerous data and views are made available to network operators but no actions are required to identify or block DDOS attacks.
 Fast response time for identifying and blocking attacks
We do not need to collect baseline data of any kind for our system to work. Identification of a DDOS attack occurs in seconds and blocking action begins in less than a minute.
 Affordable pricing
Aggressive pricing makes the RioRey solution the industry's price-performance leader. The price is even more attractive when you factor in zero training costs and zero need operator intervention.
 A solution that meets throughput requirements
Protection for networks at the 100 Mbps rate. At the high end we provide a very cost-effective solution for protecting network flows at 1 Gbps.
Copyright 2008, RioRey, Inc.