CUPERTINO, Calif., August 4, 2003 (PRIMEZONE) -- Riverhead Networks(tm), a leading provider of distributed denial-of-service (DDoS) solutions that ensure business continuity for ISPs, data centers and large enterprises, today announced the release of Version 2.0 of the Riverhead Detector(tm) and Riverhead Guard(tm) DDoS detection and mitigation solutions. The 2.0 products include new anti-spoofing, attack recognition and management features that impart greater control for identifying and blocking the sophisticated types of DDoS attacks that plague today's Internet-dependent businesses.
Enhance, Simplify DDoS Detection and Mitigation
The Riverhead 2.0 products feature enhanced recognition algorithms that significantly improve their ability to detect previously elusive and hard-to-recognize attacks while reducing the effort required to block those attacks. These enhanced algorithms, which increase the breadth, depth and granularity of analysis performed on incoming traffic, enables Riverhead customers to identify and eliminate specific, stealthy DDoS attack flows with unparalleled precision, delivering a new level of protection for online operations.
In addition, a new embedded web-based management interface simplifies Guard and Detector configuration and monitoring, giving users greater control over their DDoS protection devices.
"As attacks grow more sophisticated, it is imperative that defenses against those attacks keep pace," said Yuval Rachmilevitz, president and CEO of Riverhead Networks. "Riverhead has met the challenge with the 2.0 products, providing users with enhanced recognition and blocking features that detect and defeat more types of attacks than ever before. For businesses suffering from DDoS attacks, this means they can now deploy a solution that ensures they will remain online and available."
Improving Attack Recognition
DDoS attacks are on the rise, according to a recent study by the Computer Security Institute (CSI) and the FBI. While other threats declined in 2003, financial losses from DDoS attacks rose 250 percent, making it the second-most expensive cyber crime behind theft of proprietary information. Many of these attacks are particularly stealthy, designed to elude detection by masquerading as legitimate transactions.
The enhanced recognition capabilities of the Riverhead 2.0 products enable the Guard to block these types of attacks. New anti-spoofing capabilities for UDP services, for instance, enable the Guard to validate traffic sources by authenticating associated control sessions - critical for identifying attacks from sources that appear, on their surface, to be valid.
The 2.0 products also feature a rich new profiling system that dramatically increases both the breadth and depth of legitimate user profiles learned, automatically tuning the precision of attack prevention. Top sources of traffic, including specific HTTP proxies, are automatically detected and individually profiled. These profiles, as well as more composite user profiles, include a number of new parameters, including connection data and ratios of packet types. Additionally, a new learning mode automatically discovers services running on protected hosts, so operators don't have to manually pre-select the services to include a valid user profile.
In addition, a new analysis mode feature allows suspected attack traffic to be diverted through the Guard without activating any protection services unless the Guard itself detects an anomaly. Previously, in addition to normal analysis, basic anti-spoofing and filtering were automatically imposed against all diverted traffic as a precautionary measure. Under analysis mode, the Guard inspects incoming traffic and initiates protection only if it verifies the presence of an attack, making the Riverhead solution completely transparent to the network unless an attack is confirmed.
Enthusiastic Reception
"We are very pleased with the new attack recognition capabilities that the Riverhead 2.0 products provide," said Yuval Tzeiri, vice president, Technologies at NetVision Ltd., a leading Israeli Internet service provider. "The ability to deal with complicated issues such as UDP-based attacks will enable ISPs and data centers to extend DDoS protection to mission-critical applications, adding a new level of security to the business."
"DDoS attacks are definitely evolving as hackers develop new methods for eluding existing defense systems," said Eric Ogren, senior security analyst at the Yankee Group. "It is absolutely critical that non-invasive defense systems evolve as well in order to protect enterprises and service provider infrastructures from sophisticated denial of service attacks. The Riverhead 2.0 products are an excellent example of this evolution, aggressively confronting emerging threats and streamlining the DDoS detection and mitigation process to help users deal with these attacks quickly, easily and efficiently, without compromising their mission-critical business operations."
Pricing & Availability
The Riverhead Detector 2.0 and Riverhead Guard 2.0 are available and shipping now. Contact Riverhead Networks for pricing information.
About Riverhead Networks
Riverhead's solutions defend networks against crippling DDoS attacks, securing Internet availability. By filtering out malicious traffic, the company's security systems ensure business continuity for ISPs, hosting centers and large enterprises, maintaining network and server availability for legitimate users.
Riverhead's patent-pending Multi-Verification Process(tm) (MVP) architecture automatically blocks attack packets and forwards real customer transactions, without relying on other network devices. "Dynamic diversion" enables Riverhead to redirect only traffic flowing towards a targeted resource through the Riverhead Guard to block malicious packets, maximizing scalability and reliability benefits.
Riverhead Networks is funded by Sequoia Capital, Cisco Systems, Gemini Israel Funds, Intel Capital and Koor Venture Capital. For more information about Riverhead, visit www.riverhead.com
Riverhead Networks, Riverhead Detector, Riverhead Guard and Multi-Verification Process are trademarks of Riverhead Networks Inc. All other brand and product names are trademarks or registered trademarks of their respective holders.