Prevents Resource Starvation
Devices that rely on session counts are the weakest resource link in any organizational infrastructure. These include Firewalls, IPS systems, Unified Threat Management systems and even Load-Balancers. Since these devices have to dig deeper into packets than network devices, they can easily be resource starved with simple to generate bogus packets.
Security and Control At the Proper Layer
Effective security demands a layered approach for control and threat management. It is known that Deep Packet Inspection (DPI) tools, by virtue of their function, have limited resources. BlueShield prevents resource-wasting malicious or undesired sources from entering your network, freeing up DPI and other session-based tools to focus on more relevant traffic.
Large-Scale Attack Protection
BlueShield functions at the network layer on the existing perimeter router so no capital purchase or network re-architecture is necessary. Operating at the network layer allows tremendous capacity to tolerate the substantial attacks that easily down even the most capable Firewalls and other session-based devices.
Reputation Based Categories
BlueShield prevents access for specified IP addresses by reputation. Reputation categories include:
- Unallocated/Hijacked Sources
- Anonymizers & Proxies
- Malicious Sources
- Geographic Sources
As new vulnerability and threat sources are identified and confirmed, BlueShield categories are updated and delivered to client routers almost instantaneously.