MITIGATOR detects and automatically suppresses L3-L7 DDoS attacks. It contains more than 50 countermeasures based on challenge-response, rate-based, regexp, validation, limitation, iplist, application behavior.
MITIGATOR allows protection of TLS applications without traffic decryption. It does so via various methods of TLS and JA3 fingerprints analysis. In combination with other countermeasures and a web server log analyzer, it is possible to achieve maximum protection without traffic decryption. In addition, by using the HCA countermeasure, it is possible to authenticate senders using the challenge-response method within HTTPS.
MITIGATOR supports SYN-proxy (TCP Splicing) protection when the outgoing traffic from protected resources passes through it. If there is only incoming traffic, MITIGATOR uses the generally accepted checking methods of TCP session resetting and the wrong sequence number with different combinations of flags. In addition to the standard protection mechanisms, a unique mode of operation with ISN synchronization is available, in which asymmetric traffic protection does not require unnecessary packet exchange or disconnection with the client. It supports activation of host protection only for servers under attack, which negates the impact on the traffic of other services.
Detection of attacks and protection of individual policies does not require constant direction of traffic to MITIGATOR.
MITIGATOR contains countermeasures which can describe the typical traffic behavior of the protected protocol and set the sender authentication rules. In addition MITIGATOR team has developed a specialized user authentication protocol convenient for embedding in a protected application.
MITIGATOR constantly monitors traffic and activates filtering in less than a second if an anomaly is detected
MITIGATOR updates frequently to effectively counter current threats. Releases with new protective techniques and customer requests are issued every 2 months
MITIGATOR achieves high performance even on common server hardware. No additional accelerators required
Products and services
DDoS protection tool designed for telecom operators, hosting companies, corporate clients and security service providers
A software designed for collection and analysis of the network hardware telemetry, detection of DDoS attacks and traffic inspection. Works in conjunction with MITIGATOR, receives telemetry via NetFlow v5/v9, sFlow v5, IPFIX protocols
Reputation lists of IP addresses, autonomous systems and JA3 fingerprints. Delivered in the form of regularly updated feeds, they can be used to filter traffic and analyze the behavior of the sender based on his hit in the feeds
The log analyzer serves to protect HTTP and HTTPS. It analyzes data received from Web servers via syslog (RFC 3164) and checks if it matches the rules specified for the security policy
Service for network traffic dump analysis, used to identify patterns (PCAP Signature Generator). Additionally, the service analyzes lists of IP addresses and JA3 fingerprints
Cloud DDoS protection service, designed to secure websites, applications, and networks
04.04.2025 v25.02 is available for installation v25.02 adds: DNAT countermeasure, test drop via sFlow, working with multiple LOGANs, support for ISN operation behind NAT, lightweight backup, manual soft start in countermeasures, the ability to change the Web Challenger configuration and Web Challenger health check, support for domain names in named lists, CRB6 and SPRB6 to IPv6 policies. Enhanced functionality of countermeasures WL, WL6, BL, TBL, TBL6, ACL, ACL6, FTLS, and also Cloud Signaling, Incidents, PCAP, PCAP6, Collector, TACACS+ and TAP interface. JA3 countermeasure renamed to FTLS.
17.12.2024 v24.10 is available for installation v24.08 adds the Overview page, bulk changes to protection policies, routing rules disabling and group named lists, syslog sending for test mode drops, global soft stop. Enhanced functionality of countermeasures WL, WL6, TBL, FRAG, GEO, ACL, ACLI, FACL, LACL, FRB, RETR, SLOB, DNS, and also BGP, Incidents, PCAP, Collector, Logan and Active Sync. Multiple UX changes have been made.