Users can now track attacks in real time, view traffic breakdown by protocol, configure settings for each interface, and download detailed reports. Most importantly, they can assess the effectiveness of DDoS filters and fully understand the situation during an incident.
Let’s explore 5 new features of the StormWall Portal and review some existing DDoS protection tools that are still effective.
1. Traffic before and after cleaning — building network protection against DDoS attacks
In the StormWall Portal for managing BGP Network Protection, we have added a visual dashboard with a graph of outgoing and incoming traffic, indicators of the 95th percentile and, most importantly, traffic before and after StormWall filters.
Figure 1. StormWall Portal of the «Network Protection» service: dashboard and attack history
How useful is this tool?
Detailed analysis. If earlier in the protection management of StormWall Portal only a graph was presented after cleaning with StormWall filters, now the dashboard allows you to study in detail how DDoS protection took place during / after the attack and in real time — that is, right during the attack.
Use more flexible traffic analysis settings for this:
- set the required time interval,
- sort traffic by type (incoming/outgoing),
- see the breakdown by protocols,
- select data in PPS format (DDoS attack speed) or BPS (attack volume).
Charts before and after cleaning are available online — and for this you do not need to contact technical support. You will quickly learn about all cyber dangers — the graph contains up-to-date information about traffic both before and after cleaning, including ongoing DDoS attacks.
Efficiency mark. How well StormWall’s traffic cleaning filters worked is shown in the graph on the dashboard.
2. DDoS protection of services — breakdown function by protocols
In the StormWall Portal for protecting services, sorting by protocols (including TCP/UDP) is organized. Moreover, you can use it directly during a DDoS attack.
Figure 2. Breakdown by protocols in «Protection of TCP / UDP services»
3. TOP-10 AS in the «History of attacks» section — an additional means of repelling DDoS attacks
The new DDoS countermeasure tool «TOP 10 Autonomous Systems (AS)» is located in the «Traffic Details» tab. This is an important method of combating DDoS attacks, complementing the already existing TOP-10 by IP and protocols.
How useful is this tool?
Autonomous systems are a system of IP blocks belonging to a particular provider or data center. It happens that providers do not provide adequate security for their networks, including from DDoS attacks, and they become the sources of these attacks.
Figure 3. The «Traffic Details» tab in the «Network Protection» service with TOP-10 by protocols, AS and IP
In the «History of Attacks» section, from the old, but convenient tools: a table with all network protection attacks, for all protected objects in chronological order. Sort attacks by IP addresses and detectors by BPS and PPS, generate reports for the required time interval.
Figure 4. Section «History of attacks»
Report tab — graphical representation of traffic at the time of an attack with BPS/PPS indicators, attack status, attack level, attack start/end time, initial peak and peak power.
Figure 5. «Report» tab in the StormWall Portal
4. New section «Interfaces» — detailed information on all protection interfaces
Extended statistics for each object opens when you click on it in the dashboard. This opens a graph with a visual display of traffic and attacks, the history of attacks on this protected object, a list of all interfaces and data on them.
from the old tools. The graph inside the protection object consists of the total incoming and outgoing traffic on all interfaces. Within each graph, traffic is presented before and after filtering by the StormWall service with the ability to select a time interval, PPS format (DDoS attack speed, from English packets per second) and BPS (attack volume, from English bytes per second). In the «History of Attacks» tab, information about a specific attack for a specific object of protection remained unchanged: attack start and end time, attack type, BPS/PPS detector, IP address. Of course, with the search for attacks by time interval.
Figure 6. Section «Interfaces» of the object in the StormWall Portal
How useful is this tool?
The «Interfaces» section is one of the key updates in managing the StormWall Portal of the «BGP Network Protection» object. This is a graphical display of all interfaces of an object (tunnel, physical, or IX) and the traffic going through them — each interface has its own color, which is convenient if several interfaces are protected.
5. Black/white lists for securable objects of TCP/UDP services
We have included in the list of 5 useful StormWall Portal updates for users of StormWall DDoS protection solutions the black / white list setting — the feature appeared at the beginning of 2023, but it is worth mentioning it again.
Black/white lists are one of the working tools for filtering out malicious traffic. Create and edit lists of legitimate and illegitimate IP addresses/networks: for example, company branches or partner services that should never be filtered.
Figure 7. Black/white lists in the StormWall Portal for managing the protection of TCP/UDP services
Results: what updates give
These updates allow you to solve a wide range of important tasks. In particular, with the new tools it became possible to:
- Proactively respond to emerging DDoS threats with more informative dashboards.
- Sort data packets by TCP/UDP protocols.
- Find the TOP 10 sources of autonomous systems, and therefore, understand which companies own the carried out DDoS attacks.
- Customize the list of legitimate and illegitimate IP addresses on your own.
- Get comprehensive information for each protection interface.
The StormWall team is constantly working on its own DDoS filtering platform and strives to create a convenient StormWall Portal for users with maximum protection management settings. The plans include increasing the volume of the cleaning network, improving functionality, and much more. Follow the news in the company’s social network profiles and on the official website in the «Blog».
DDoS Protection for Websites
- Activate protection in 10 minutes
- 24/7 technical support