A multi-layered tool to mitigate the impact of distributed denial-of-service (DDoS) attacks has been launched by Simwood.

The hardware-based solution blocks traffic from questionable sources, provides rapid and continuous monitoring for anomalies and actively blocks intrusion.

According to the company, the solution creates a broad-based defence by integrating four key aspects of security within a multi-layered model. It further backs this up with a capacity provision and DDoS mitigation for extreme attack scenarios.

The first layer maintains a continuous track of invalid IP addresses to deny any traffic to or from them; the second layer uses ThreatSTOP block lists to prevent traffic from suspicious sources; while the third layer identifies and takes the volume out of an attack, blocking traffic which deviates from continually updated acceptable behaviour patterns.

The final layer provides a final check and ‘polishes' traffic through eight sub-layers, combining packet and protocol consistency checking, rate-based protection at the lowest level, traffic rate limits, highly configurable firewalling which can specify acceptable traffic types for a particular customer and the proactive scanning of traffic for attack or vulnerability signatures. The company claimed that processing of all four layers is done within the hardware and adds a latency of 100 micro-seconds.

Simon Woodhead, managing director of Simwood, said: “The impetus for developing this solution was that we were simply unable to find an adequate solution at a workable price-point for Simwood itself. We certainly couldn't find one that could be made to work economically for our customers, and were deeply concerned at the growing risks.

“We identified a number of best of breed partners and equipment to weave a solution that offers protection with multiple USPs at a price-point that is workable for customers of all sizes and critically is also fair in structure.”