Riverhead Networks Expands Distributed Denial-of-Service (DDoS) Defense with DNS Protection

New Module Stops DNS Attacks, Preserves Internet Service


CUPERTINO, Calif., Feb. 18, 2003 (PRIMEZONE) -- Riverhead Networks(tm), a leading provider of distributed denial-of-service (DDoS) protection solutions that ensure Internet business continuity, today announced a new DNS-specific module uniquely tailored to shield the multitude of DNS servers at carriers, ISPs, large enterprises and Federal sites from DDoS attacks.

The new DNS module has been built into the latest release of MVP/OS(tm), the operating system that drives the Riverhead Detector(tm) and Riverhead Guard(tm) products. The Riverhead Detector utilizes powerful recognition technology to identify complex DDoS attacks in service provider and enterprise environments, while the Riverhead Guard employs sophisticated, patent-pending algorithms and technologies to block malicious attack traffic without impacting legitimate business transactions.

Addresses Internet Vulnerabilities

DNS servers, which translate commonly used Web addresses, like www.riverhead.com, into numerical Internet Protocol (IP) addresses, have long been one of the Internet's weakest security links. All service providers, enterprises and government agencies rely on various types of DNS servers, making DNS vulnerability a global problem. As recently as October 2002, a DDoS attack affected eight of the 13 Internet root DNS servers, posing the most serious threat to the World Wide Web to date.

"Given our experience with increasingly sophisticated DDoS attacks aimed at all components of the infrastructure, we have been developing a unique approach to add safeguards for critical but vulnerable DNS servers," said Steve Woo, vice president of marketing at Riverhead. "The Riverhead Detector and Riverhead Guard use patent-pending algorithms to detect and then completely block even the most insidious spoofed and misbehaving DNS queries masquerading as legitimate requests. Trials with carriers and enterprises have validated our ability to withstand the most lethal attacks while keeping DNS services and access available. The publicized root server attack has been a wake-up call for all providers to protect their own name servers -- vital to their customers' ability to reach the Internet."

"For today's Internet-dependent business, downtime from DDoS attacks is simply not an option," said Joel Conover, principal analyst for enterprise infrastructure at Current Analysis. "Systems like Riverhead's are a long-awaited answer to this threat, protecting websites, DNS servers and the upstream network against even the most complex attacks that can't be thwarted by router ACLs, firewalls or other security measures."

Availability

The DNS-enabled Riverhead Detector and Riverhead Guard will ship in March 2003.

About Riverhead Networks

Riverhead's solutions defend networks against crippling DDoS attacks, securing Internet availability. By filtering out malicious traffic, the company's security systems ensure business continuity for ISPs, hosting centers and large enterprises, maintaining network and server availability for legitimate users.

Riverhead's patent-pending Multi-Verification Process(tm) (MVP) architecture automatically blocks attack packets and forwards real customer transactions, without relying on other network devices. 'Dynamic diversion' enables Riverhead to redirect only traffic flowing towards a targeted resource through the Riverhead Guard to block malicious packets, maximizing scalability and reliability benefits.

Riverhead Networks is funded by Sequoia Capital, Cisco Systems, Gemini Israel Funds, Intel Capital and Koor Venture Capital. For more information about Riverhead, visit www.riverhead.com

Riverhead Networks, Riverhead Guard, Riverhead Detector, Multi-Verification Process and MVP/OS are trademarks of Riverhead Networks Inc. All other brand and product names are trademarks or registered trademarks of their respective holders.



            

Contact Data