📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - in Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account. Otherwise, see the FAQ.

Andrisoft WANGUARD

From EverybodyWiki Bios & Wiki


WANGUARD
File:WANGUARD logo.png
Developer(s)Andrisoft SRL
Initial releaseMarch 1, 2006
Stable release
5.3 / December 23, 2013 (2013-12-23)
Written inC, PHP, JavaScript, Perl
Engine
    Operating systemLinux
    Available inEnglish
    TypeNetwork monitoring, DDoS mitigation
    LicenseProprietary EULA
    Websitehttp://www.andrisoft.com

    Search Andrisoft WANGUARD on Amazon.

    Andrisoft WANGUARD is a commercial software that monitors IP traffic and protects networks from DDoS attacks by filtering the malicious packets and by black-holing destinations.
    Its web interface provides customizable Dashboards with real-time traffic graphs and tops, complex reports with aggregated data for hosts, departments, interfaces, applications, ports, protocols and more.
    Infonetics Research includes Andrisoft among the tracked DDoS prevention vendors.[1]

    File:WANGUARD 5 Main Dashboard.jpg
    WANGUARD 5 Dashboard
    File:WANGUARD 5 Interfaces Overview.jpg
    WANGUARD 5 Interfaces
    File:WANGUARD 5 DDoS Attack.jpg
    WANGUARD 5 Attack Report

    Features[edit]

    The key features [2] of the product are:

    • Distributed traffic monitoring – it uses software sensors that can be deployed across the network to monitor IP traffic by Port mirroring, NetFlow, SFlow or IPFIX.
    • Web Interface – the integrated Ajax-based web portal provides centralized management and a network-wide visibility of traffic flows, events and other collected data.
    • DDoS detection – DDoS attacks are detected by a traffic anomaly detection engine that can use user-defined traffic policies or Holt-Winters-based traffic behaviour analysis.
    • DDoS mitigation – it generates Iptables rules that block attacking IP Addresses; spoof attacks are filtered by applying dynamic rules for source or destination TCP and UDP ports, IP protocols, TTL, TCP SYN etc.
    • Collector of flows and packets – it provides a flow collector and a web-based, Wireshark-like Packet analyzer that can save packets or flows.
    • Real-time reporting – the traffic analysis engine updates graphs, tops and statistics every 5 seconds; histograms appear animated.
    • Historical reporting – every data retention parameter can be configured from 1 day to 10 years; reports can be generated for any custom time period.
    • Scheduled reporting – consolidated reports can be automatically generated and emailed at preconfigured intervals of time.
    • Automatic responses – it includes modules for sending emails, executing custom scripts, notify SIEM systems though SNMP traps etc.; responses to threats can be extended though an open API.

    Editions[edit]

    Since 2012 Andrisoft is also releasing a "lite" version of WANGUARD called WANSIGHT that doesn't contain features related to traffic anomalies.[3]

    Releases[edit]

    Date Release Notes
    1 March 2006 1.0[4] First public release
    1 March 2008 2.0[5] Major performance improvements and a completely rewritten web console
    5 January 2009 3.0[6] Major performance improvements, bug fixes, 10 Gigabit Ethernet packet sniffing, Netflow sampling support and improved AS Numbers support
    8 May 2010 4.0[7] Adds a brand new Web User Interface, performance improvements, partial SFlow support, 95th percentile, greatly improved traffic accounting and traffic graphs support, advanced permissions for user roles, FreeBSD 8 support, LDAP and Active Directory support, Events Reporting, Scheduled Reports, Tables and Logs can be exported in Excel, VLAN & MPLS support, PF_RING support for improved 10 Gbit/s packets sniffing, RAM storage method for IP graphs, RRDCache support, NetFlow archive, 4 Console themes, DNS reverse lookups for IP addresses
    20 October 2012 5.0[8] WANGuard is renamed WANGUARD. It adds extensible traffic decoders, a new traffic thresholds system, NetFlow v9, native SFlow, IPFIX, traffic capturing framework, Combined Reports and Dashboard, full IPv6 support, new decoders, multiple CPU support for packet sniffing, in-NIC hardware filters, IPv4 and IPv6 mask restrictions to BGP announcements

    See also[edit]

    External links[edit]

    References[edit]

    1. http://www.infonetics.com/pr/2013/1H13-DDoS-Prevention-Appliances-Market-Highlights.asp
    2. http://www.andrisoft.com/software/wanguard#features
    3. http://www.andrisoft.com/software/wansight
    4. First release at http://web.archive.org/web/20071011091644/http://andrisoft.com/
    5. Andrisoft announces WANGuard 2.0 http://www.andrisoft.com/company/news/wanguard-platform-2-released
    6. Andrisoft announces WANGuard 3.0 http://www.andrisoft.com/company/news/wanguard-platform-3-released
    7. Andrisoft announces WANGuard 4.0 http://www.andrisoft.com/company/news/wanguard-4-0-released
    8. Andrisoft announces WANGUARD 5.0 http://www.andrisoft.com/company/news/wanguard-5



    This article "Andrisoft WANGUARD" is from Wikipedia. The list of its authors can be seen in its historical. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


    Retrieved from "https://en.everybodywiki.com/index.php?title=Andrisoft_WANGUARD&oldid=1853650"
    License CC BY-SA 3.0
    Powered by MediaWiki
    Powered by Semantic MediaWiki