Machine Learning

The system learns traffic patterns for different protocols and creates adaptive baselines. Two baselines are modelled: suspicion of an attack and an actual attack. This off-the-shelf functionality ensures real-time detection with a low number of false positives.

Learn More


Divide the traffic into logical portions per tenant, location or network path. All the consecutive detection methods, reporting and triggered actions are set in line with the specific needs for that traffic (blackholing, redirection for scrubbing etc.).

Learn More

Comprehensive Network Visibility

The DDoS Defender comes as a package with full network performance monitoring and diagnostic functionality. This enables tracking latency degradation, traffic structure analysis for capacity planning, traffic engineering and QoS monitoring.

Advanced Action Triggering

Choose from a variety of options: from an email alert or a syslog message to traffic redirection into a RTBH, 3rd party scrubbing centre; additionally, traffic dropping is an option too, and rate-limiting using BGP Flowspec. Mitigate traffic automatically or manually to ensure no downtimes and latency drops, and create different rules for different tenants or types of traffic.

Features to Keep Your Services Always Available

Manual Thresholds

Manual thresholds are simple rules that alert when traffic with specific characterestics reaches undesirable point. Administrators are notified in advance so they can take appropriate actions and stay ahead of problems.

Native Scrubbing Center Support

Flowmon DDoS Defender natively supports all the major vendors in the scrubbing centre market. The configuration itself is a matter of picking the vendor's name from a drop-down menu. Integration with the vendor is always kept up to date.

Learn More
BGP Flowspec

When an event has been detected, Flowmon creates attack partners and injects them as rules to routers, which can then redirect, forward, drop or rate-limit traffic and more. Rules can be manually adjusted at any given point and all the changes are automatically reverted back after the attack ends.

Learn More
Mitigation Tiering

Clear the pipe from most illegitimate traffic with BGP Flowspec and then redirect the rest into your scrubbing centre. This directly lowers performance and bandwidth requirements on your scrubbing technologies.

Full Mitigation Control

All actionable scenarios may be triggered automatically under the full supervision of an engineer, who can decide to revert the changes or modify mitigation rules at any given point. The process can also be carried out manually.

Explore Flowmon Now

Try Flowmon Demo or Explore Use Cases