Neustar SiteProtect NGTM on-premise DDoS Protection features Arbor Networks equipment for local mitigation, monitored and managed. This solution is backed by the 24/7 expertise of the Neustar Security Operations Center. The SOC monitors the threat landscape and manages mitigation, flexibly shifting defenses as foes probe your network, using a diverse mix of technologies to block numerous types of attacks.
For always-on protection, Neustar uses the Pravail® Protection Availability System from Arbor Networks. Pravail appliances come in several sizes, with capacity ranging from 500 Mbps of inspected throughput to 10 Gbps. Neustar will recommend the best equipment for your environment.
Your appliance is located in front of your firewall and IPS. While both are essential elements of a layered defense strategy, neither is designed to mitigate DDoS attacks. Pravail equipment is built to stop layer 4–7 attacks immediately. It is fine-tuned to the services it defends, minimizing false positives and false negatives
The Neustar SOC monitors your appliance 24/7, along with available NetFlow/SNMP data. The NSOC will alert you when your appliance is nearing its mitigation threshold and, upon your approval, manage failover to the SiteProtect NGTM cloud. This will most likely occur through BGP routing, though DNS redirection is available as well. When using BGP, you can request the NSOC to announce your IP block, though you will also need to withdraw your own announcement.
As attacks unfold, you have access to real-time information via the SiteProtect NG portal. When an attack ends, Neustar provides a report summarizing the incident and responses undertaken.
Neustar is a Select Member of the Arbor Networks Cloud Signaling Coalition
The CSC provides an infrastructure to coordinate DDoS mitigation from data centers like yours to protection clouds like ours. As a Select Member, Neustar is a certified provider of the highest level of cloud failover integration with on-premise Arbor Networks hardware.