• KnowledgeHub
• Contact Us
• Search

• Home
• Products
  • ZXTM
  • ZXTM LB
  • ZXTM GLB
  • ZWS
  • ZXTM VA
• Solutions
  • By Industry
  • By Technology
  • ZXTM Technology Solutions
• Partners
  • Partner Programs
  • Find a Partner
  • Become a Zeus Partner
  • Partner Login
• Download
  • Download Center
  • ZXTM Desktop Evaluator
  • ZXTM Full Evaluation
  • ZXTM LB Full Evaluation
  • ZXTM VA Full Evaluation
  • ZXTM GLB Full Evaluation
  • ZWS Full Evaluation
• News
  • Zeus in the News
  • Press Releases
  • Awards
  • Events
  • Press Contacts
  • RSS Feed
• Library
  • Product Reviews
  • Analyst Reports
  • White Papers
  • Case Studies
  • Fact Sheets
  • Deployment Guides
  • Testimonials
  • Our Customers
  • Zeus Newsletter
  • Benchmarks
  • Videos
• Support
  • Support packages
  • Support website
  • Training
  • Knowledgehub
• About
  • Executive team
  • Investors
  • Contact Us
  • Careers

Products » ZXTM » Secure » Service Protection

Service Protection

Zeus Extensible Traffic Manager (ZXTM) has unique protection against Denial of Service (DoS) attacks and transparently shields your Internet infrastructure from well-publicized exploits. New proactive security countermeasures can easily be deployed across your cluster with no downtime to your services. Built-in real-time monitoring and threat analysis reporting keep you informed on how, when and by whom your site is being attacked so that you can take appropriate action.

Quick Links

• Where does ZXTM's service protection fit in my network?
• Why do I need anti-DoS protection for my services?
• How can I protect my vulnerable web servers against common exploits?
• What kind of protection does ZXTM provide?
• How do I obtain a set of filters to block common exploits?
• How can I monitor the number of intrusion attempts being made?

Where does ZXTM's service protection fit in my network? 

A typical network will already have multiple security layers to protect it. ZXTM is a complimentary solution which augments the effectiveness of existing security measures.

• Your Internet Service Provider (ISP) regulates your bandwidth and ensures that your services are not exposed to bandwidth consumption attacks.
• Your firewall protects the perimeter of your network and allow traffic in only to the services you wish to be available externally.
• Your virus scanners screen out requests with a malicious payload before they reach the users' client machines.
• ZXTM prevents application-level attacks by analyzing the content and structure of the requests made to your services with TrafficScript functions, and screens out suspicious, malformed or non-standards-compliant requests before they reach your servers.
• ZXTM's service protection policies apply maximum connection rates to prevent deliberate attempts to overload application servers through repeated CPU-intensive requests.

Why do I need anti-DoS protection for my services? 

Any Internet-facing service is vulnerable to Denial-of-Service (DoS) attacks. At the most basic level, all many of these attacks do is to repeatedly perform 'legitimate' requests for your service, but in such large quantities that your server becomes overloaded. The massive increase in virus circulation has led to an increase in so-called Distributed Denial-of-Service attacks (DDoS). In this situation, innocent Internet-connected computers are turned into dormant 'zombies' as a result of software installed by the virus. When the signal is given, they are used en masse as a platform for denying service to companies' services at the whim of the perpetrator.

We recognize this threat and in response have incorporated anti-DoS functionality into our core products. This service protection allows you to set reasonable limits on the number of simultaneous connections permitted either by individual IP address, or by larger groups of IP addresses. This proactive measure ensures that your Internet infrastructure is much less susceptible to the DoS or DDoS attacks now prevalent. Other useful features include:

• testing and debugging modes to enable you to fine-tune your service protection;
• real-time monitoring and threat analysis;
• dynamic configuration - no downtime required to make changes;
• (TODO service protection filter update service )

How can I protect my vulnerable web servers against common exploits? 

With the vast increase in the number of Code Red and Nimda attacks, and new vulnerabilities being discovered daily in web servers such as Microsoft® IIS, Apache and Sun ONE (formerly iPlanet), businesses run the risk of being brought to their knees because they cannot keep up with the level of patching required to maintain their web servers. Despite Gartner's advice, Zeus understands that immediate wholesale migration away from an established web infrastructure to a more secure platform is often not an option for many companies.

As an interim solution, ZXTM includes HTTP request filtering as standard. Whilst this is not a substitute for keeping your vulnerable web servers fully-patched, this functionality ensures that you can protect your web servers from immediate harm when new exploits are discovered. Addition of new filter rules causes no interruption to your service, however protection of that service begins immediately, enabling you to:

• perform the necessary maintenance without the worry that your site could be brought down at any moment;
• apply only patches which you are confident won't create additional security holes;
• apply patches at the convenience of you and your IT support staff, rather than at the moment a new vulnerability is published.

What kind of protection does ZXTM provide? 

ZXTM's Service Protection System enables you to configure your system to reject certain requests, or limit the number of concurrent connections that will be accepted from different IP addresses. This enables you to protect your web sites from external attempts to overload the system (Denial-of-Service attacks).

The Service Protection System can also protect you against known and suspected security attacks. Third-party applications may be vulnerable to newly-discovered security holes, and it may be some time before a patch can be obtained from a vendor. However, a Service Protection rule may be deployed to block attempted attacks.

As appropriate countermeasures will differ for every managed service, the Service Protection system comes with debugging and testing tools that enable you to simulate the effect of your filters without discarding any requests, minimizing the potential of operator error.

How do I obtain a set of filters to block common exploits? 

If you need to generate a set of HTTP filters for the Service Protection system, you may be interested in a free tool available from our Support web site designed to make this task easier. This tool generates a text file which can then be imported directly into your copy of ZXTM without the need for any interruption to your service or downtime of any kind.

How can I monitor the number of intrusion attempts being made? 

ZXTM comes with comprehensive real-time monitoring tools as standard. These are available in the web-based graphical management interface and can be used to monitor almost every part of the web server, including all Service Protection features. In addition, full logs are generated detailing which Denial-of-Service or exploit attempts were killed off before your web infrastructure was compromised.

Related Links

• ZXTM Brochure
• ZXTM Tech Specs
• Sun Netra Solution Brief
• HP & ZXTM Fact Sheet
• What is a Traffic Manager?
• ZXTM Options
• ZXTM Software
• ZXTM Hardware Appliances
• ZXTM Virtual Appliance
• ZXTM Load Balancer
• Product Reviews
• Analyst Reports
• Testimonials
• White papers
• Case studies

© Zeus Technology Ltd

• Home
• Sitemap
• Privacy policy
• Contact us