nScrub

nScrub

Introducing nScrub 1.6: Broader Support, More Offloads, Improved Algorithms

We are excited to announce this new release of nScrub, 1.6, packed with new features, expanded hardware support, and key enhancements to strengthen network defense capabilities. This release adds native support for NVIDIA/Mellanox ConnectX adapters, and extends support for Napatech adapters by enabling the TX offload support, which optimizes packet transmission performance and reduces CPU overhead. We also implemented native support for DPDK, making nScrub open to deployments where the users are widely using this SDK. We’ve also improved the detection and scrubbing algorithms, including additional checks on TCP packet …
nScrub

A Step-By-Step Guide for Protecting Your Network with nScrub

Distributed Denial of Service (DDoS) attacks represent a family cyber-attacks that are more and more common nowadays. They aim to make the service unavailable by overwhelming the victim with high traffic volumes (this is the case of volumetric or amplification attacks based on UDP, ICMP, DNS, …) or an high number of requests (including TCP connection attacks like the SYB flood, or Layer 7 attacks able to exhaust the resources of the service at the application level). This differentiate them from other cyber-attacks like intrusion attacks or malwares aiming to destroying, stealing …
nScrub

Introducing nScrub 1.4 with IPv6 Support

This is to introduce the new nScrub 1.4 stable. Besides a few bug fixes (mainly to the API) this release introduces many improvements, including: Full IPv6 support both in routing and bridge mode. Improved TCP protection, it is now possible to use SYN Proxy in asymmetric mode. Hardware bypass with watchdog support as failover mechanism in case of system failures or to handle maintenance. New plugins SDK to easily extend the core engine with custom protection algorithms. Native systemd support for multiple instances to handle multiple network segments. Support for Ubuntu …
nScrub

Protecting a Web Server from DDoS Attacks Using nScrub

nScrub is a software-based DDoS mitigation system based on PF_RING ZC, able to operate at 10 Gbit full-rate (or multi 10 Gbit distributing the load across multiple modules) using commodity hardware, making it affordable in terms of price and deployment. nScrub is easy to configure even for beginners and companies with no experience with DDoS mitigation, it can be implemented as bump in the wire (i.e. no BGP or traffic tunneling necessary) or as router for on-demand traffic diversion. In this post we will go through the installation steps for …