MITIGATOR can work in L2-transparent and L3-router, inline and on-a-stick modes. The integration method depends on the network structure and tasks. Traffic can be directed to MITIGATOR permanently or only at the moment of attack. Interaction via BGP is supported.
A separate product for collecting traffic statistics from the client's network infrastructure. Allows you to detect attacks and enable protection for individual policies without constantly sending traffic to the MITIGATOR.
It is possible to send protected device traffic for analysis and additional verification to the Web Application Firewall. Redirection settings are set individually for each protection policy.
MITIGATOR supports a wide range of x86-64 processors and network cards.
Runs on common server hardware
MITIGATOR supports network adapters that use hardware bypass. In the event of a system failure or a hardware platform malfunction, the network adapter switches to bypass mode at the physical layer and the traffic starts to be redirected from port to port, bypassing the network adapter controller.
Usage of cards with bypass
The software comes as a set of Docker containers.You only need to run a few commands to update the system version.
Ensuring maximum reliability of protection due to redundant devices. Traffic processing performance increases due to the growth of the number of filtering nodes.
System management is carried out using a single interface, regardless of the number of devices. In the event of a planned or emergency shutdown of any instance of the system, the ability to manage the rest remains.
MITIGATOR works with GRE tunnels in two ways: with the delivery of cleared traffic from MITIGATOR to the protected service, and with the reception of traffic from a third-party filtering service by MITIGATOR with subsequent traffic inspection.
MITIGATOR REST API allows you to perform any actions in the system in order to integrate with third-party systems and services or automate system management processes.
API usage examples:
-Integration with third-party traffic analyzers
-Loading prefix lists from external systems to form black and white lists in MITIGATOR
-Hosting control panel integration
It is possible use filtering not only by specific IP addresses, but also by updated lists from various sources. Work with lists is transparent, you can also configure the frequency of requests.
MITIGATOR allows you to send messages about system events via various channels: Telegram, E-mail, Syslog, the Vestochka notification service. The user can flexibly set up sending of the necessary notifications.
Notifications and the channels of their delivery