ICON LABS
Software for Secure Managed Network Devices
HOME COMPANY PRODUCTS SERVICES PARTNERS CONTACT NEWS
WELCOME
SSH CLIENT
SSH Server
ssl server
ssl client
envoy snmp v1/v2
envoy snmp v3
envoy snmp agentX
Floodgate-SNMP
 
Floodgate-SNMP™

Icon Labs
Floodgate-SNMP™
Burst Management for SNMP

Overview

Floodgate-SNMP™ the industry’s first SNMP burst management solution, provides dynamic filtering to protect your SNMP manager from a flood of SNMP traps. Floodgate-SNMP applies user defined thresholds to detect and block a flood of SNMP packets. Floodgate-SNMP™ is available as a network appliance or as a server application for Linux, BSD or Solaris.

Protection from SNMP Trap Floods

SNMP flood conditions can result from a single or multiple network element flooding the network with traps, a network outage affecting many network elements, or cascading failures. SNMP trap floods can result queue overflows, log file overflows, dropped traps or processing delays as the SNMP manager processes through the flood of (often redundant) SNMP traps.

With Floodgate-SNMP™ traffic from any network element that begins flooding the network with traps is automatically blocked until the traffic from that network element no longer exceeds the low water threshold. Traffic from all other network elements is not blocked.

Floodgate-SNMP provides:

• User defined thresholds for enabling and disabling filtering.
• Event logging – all threshold crossings are logged to file.
• Web interface for configuration and reporting.
• Dynamic blocking – enables and disables filtering in real time based on network traffic.
• IP address based filtering. Blocks packets only from those IP addresses that are flooding the SNMP manager with packets.


Features

- Configurable high-water and low-water thresholds.
- Configurable interval length.
- All threshold crossings are logged.
- Available as a network appliance or server application for Linux, BSD or Solaris.
- Drops traps from any IP that exceeds high water threshold.
- Forwarding re-enabled when the number of packets per interval drops below the low water threshold.
- Supports SNMP v1, v2 and v3.
- Transparent forwarding. The Source IP is the IP address of the network element that generated the trap.

Dynamic Filtering

Floodgate-SNMP™ provides protection from SNMP trap floods without having to reconfigure your firewall settings or take manual action to block the traffic. Only traffic from the offending IP addresses is block allowing valid network traffic to be processed without interruption.
 
copyright (1992-2009)