Flowmon DDoS Defender DDoS detection for ISPs

Flowmon DDoS Defender End of Sale

The End of Sale date is April 6th, 2022. From this date forward, no new DDoS Defender orders will be accepted, and associated new product sales SKUs will be removed from global price lists.

Learn more about the EoS in FAQ

Detection and analysis

The Flowmon DDoS Defender provides tailored DDoS attack detection by the ability to apply a different baseline to every tenant or traffic component. Detection thresholds can be manual or adaptive where they follow the contour of peace traffic without any input from you. When an attack is detected, the Defender notifies you and signals the corresponding mitigation system.

Full awareness

You can access additional information such as the type of attack, timeframe, traffic line, threshold, and more, with additional critical insights like target IP addresses, or the attack origin – country, subnet, router or interface.

Automated response

The DDoS Defender triggers mitigation automatically based on your defined policy. Leverage your existing infrastructure with BGP Flowspec, filter traffic with a Remotely Triggered Black Hole (RTBH) or re-route traffic using the Border Gateway Protocol (BGP) or Policy-Based Routing (PBR).

Mitigation tiering

Get the maximum out of your in-house mitigation capabilities. When your own infrastructure’s mitigation capacity is exhausted, the DDoS Defender automatically forwards excess traffic to a cloud scrubber.


You can ascribe different detection and mitigation presets and reporting to each tenant. Tenant segments can be grouped and you can assign access rights to each group or tenant individually while each tenant retains access to their own data.

DDoS Defender integrations

Integration options with complementary security tools and platforms are enormous.

DDoS attack blocking

The DDoS Defender integrates with the mitigation appliances of multiple vendors and cloud scrubbing services.

  • Radware
  • A10 Networks
  • Corsa Networks
  • Corero Networks
  • NaWas cloud scrubbing service
BGP Flowspec mitigation

A mitigation method based on advanced traffic filtering at routers that operates with dynamic attack signatures and triggers actions accordingly. BGP Flowspec rules can be based on:

  • Destination prefix
  • Source prefix
  • IP protocol
  • Destination port
  • ICMP type
  • ICMP code