Protect WiFi Network Operations with Slow DDoS
Detection and Mitigation
People seek connectivity with WiFi networks with all sorts of devices, and there is no way of knowing what firmware update they have. The behavior of these devices can be very different and while individually they may not be harmful, collectively they can cause problems. Imagine for instance a user with a wrongly configured password in combination with a device that has aggressive retry procedures and hammers the authentication server with requests. If hundreds of such users connect to the network at the same time, their combined access requests load to the authentication server may cause problems.
Each of the devices may have back-off algorithms build in, but as they retry over time persistently, collectively the load on the servers will anyway become unbearable causing service disruption for other users.
The solution requires the firewall to have intimate knowledge of what transitions belong to what user. RADIUS spoofing is used to map sessions to user-ids, and in this way also unauthenticated session can be identified. The security analytics engine connected to the firewall can spot repetitive unauthenticated sessions from unique device IDs and initiate action to implement mitigation strategies. Misbehaving devices can put in quarantine zones until the algorithm determines that they ready to forward a live access attempt again.
These type of automated operations to secure the continuity of the network services is critical in public networks where anything and anyone can connect and have an impact on the experience for others.
Enable low latency endpoints
Direct devices communication