Strictera NDP

Adaptive protection delivering instant DDoS detection and robust filtering to keep your IT infrastructure secure

Book a demo

DDoS detection in <100 ms

Flexible rule-building for customized protection

Continuously updated threat signature database

About the product

Strictera NDP is an on-premises solution designed to protect IT infrastructure from DDoS attacks with intelligent traffic analysis and high-performance filtering. It ensures your network stays resilient against even the most sophisticated threats, combining precision and power for uninterrupted operations.

Product components

Traffic analysis module

Continuously monitors inbound and outbound network packets, detecting anomalies and routing DDoS attacks for immediate filtering.

Protection module

Delivers robust defense against DDoS attacks and network threats, with network and session-layer protection. Achieves up to 400 Gbps and 400 Mpps per Unit, ensuring powerful protection against all DDoS attack types.

Additional cloud filtering

Free hours of cloud-based filtering are included in every plan. Monthly. No matter how much time the attack is on.

Features

Rapid and accurate anomaly detection

Identifies 30+ DDoS attack vectors in under 100 ms, ensuring threats are caught the moment they emerge.

Instant filtering of all DDoS attacks

Strictera NDP delivers comprehensive protection against volumetric floods, amplification, and DDoS carpet-bombing attacks, including encrypted web application traffic filtering.

Consistently high performance

Handles NetFlow up to 250,000 fps per Unit, maintaining performance even during complex, multi-vector attacks.

Proprietary XDP and eBPF traffic processing core

Supports the creation of up to 150 million unique traffic-processing rules, blocking attacks in <1 second in Always-on mode for continuous protection.

User-friendly protection management

Easily configure rules and access detailed reports through an intuitive web interface, streamlining security management.

Layered hybrid protection

Combines on-premises and cloud capabilities for multi-layered filtering and high availability, ensuring robust defense against any attack scale.

Continuously updated threat signature database

Strictera’s signature database, maintained by our analysts and network engineers and updates hourly to stay ahead of emerging threats.

Unlimited traffic analysis

From activation, Strictera NDP continuously monitors and stores all traffic data, providing deep insights for more precise anomaly detection, faster network incidents investigation and proactive identification of infrastructure bottlenecks.

Analysis & mitigation synergy

1.

The intelligent analysis module continuously monitors inbound and outbound packets, detecting anomalies and DDoS activity within milliseconds.

2.

Confirmed threats are instantly routed to a high-performance filtering engine.

3.

The engine applies granular filtering rules in real time, blocking malicious packets while allowing legitimate traffic to pass without delay.

4.

The seamless synergy of analysis and filtering ensures minimal false positives and instant response to attacks.

5.

Always-on protection guarantees reliable network security.

Deployment mode

Inline

Traffic is continuously routed through Strictera NDP’s software via separate network interfaces for constant monitoring and instant filtering.

Supports hybrid setup: local Strictera NDP Inline + Cloud Inline.
Compatible with L2 multicast, ARP, LACP, and LAG.
Ideal for small organizations with one or two critical channels, as well as regulated industries like government, ensuring no blind spots and minimal latency.

Outline (VLAN Swap)

Traffic is handled via a single interface, accepting traffic with one VLAN tag and returning it with another.

Maintains BGP connections with routers, supporting IP address announcements via tools like BIRD or automated systems.
Perfect for large organizations, ISPs, and cloud operators with distributed networks, enabling selective filtering by prefix during attacks to reduce load and maintain low latency.