Haltdos Falcon is a high-performance DDoS protection solution utilizing AI for real-time attack detection and mitigation, significantly outperforming traditional hardware with latency under 60 microseconds. It provides comprehensive, multi-layered security against diverse DDoS attack types while ensuring seamless integration without requiring extensive IT expertise. Available in various deployment modes and featuring 24/7 support, Haltdos Falcon is designed to maintain business continuity and safeguard online services from increasingly sophisticated cyber threats.

1. FALCON(Enterprise DDoS Protection Solution)
Technical Specifications
& Datasheet
Simplifying IT Security with
Artificial Intelligence
HaltDos Falcon is a high-performance DDoS detection and mitigation solution, leading industry in
precision, scalability, intelligent automation, and performance. HaltDos is certified EAL 2+ solution
under Common Criteria Certification Scheme.

2. Falcon at a glance:
AI-Enabled: Employs AI to automatically detect and effectively respond to
cyber-attacks in real time without any human intervention.
High-Performance: Industry standard in latency by DDoS appliance is around 200
microseconds, HaltDos provides < 60 microseconds latency. 3x faster than
traditional hardware-based solutions.
Bi-Directional: Ensure protection against both inbound and outbound traffic and
decrease the attack degree.
Transparent Layer 2 Solution: Deploy-and-forget appliance. No need for IT security
experts for management. Ready to deploy in any network environment.
Protect Your Business
DDoS attacks are increasing in scale and complexity and threatening to damage
businesses around the globe. These attacks combine high-volume traffic with
stealthy, low-and-slow, application-targeted techniques. There is almost an
unlimited array of tools that hacktivists and cyberterrorists can exploit to prevent
customers access to your web services.
Sophisticated DDoS attacks are much smaller in size, making it nearly impossible
for traditional ISP-based mitigation methods to detect them. To combat these
attacks from reaching the enterprise network, organizations need a solution that is
equally dynamic and broad-based.
HaltDos is available when you need help most. HaltDos uses signature-based
pre-emption, entropy-based detection, and anomaly-based detection and mitigation
techniques to accurately and automatically detect and mitigate attacks at lightning
speed. Also, HaltDos mitigation appliance features full protection from traditional
vulnerability-based attacks through proactive signature updates, preventing the
already known attacks.
HaltDos mitigation appliance uses signature-based pre-emption, entropy-based
detection, and anomaly-based detection and mitigation techniques to accurately
and automatically detect and mitigate attacks at lightning speed.
HaltDos is a real-time DDoS protection hardware device, which maintains business
continuity by protecting the application infrastructure against existing and emerging
network- based threats that cannot be detected by traditional Intrusion Prevention
Systems.
First and Last Line of Smart and Automated DDoS
Defense Against Cyber Attacks
1
Amidst fierce competition, your business
cannot afford to slow down. With HaltDos,
you don’t have to sacrifice productivity and
performance to get leading-edge security.
HaltDos provides multi-layer, multi-vector
protection to ensure that your IT network
stays online and always accessible to your
customers.
Get peace of mind for your online business
with HaltDos - real-time, all the time network
protection solution.
Support
24 x 7 x 365
Support
On-Site
Warranty Support
Twice a Year Site
Visit Assurance
Centralized Helpdesk
TALK WITH
HALTDOS
Web haltdos.com/solutions/ddos
Call 1800-120-2394
Reach haltdos.com/contact

3. Why Trust HaltDos Falcon?
2
360° Security
All round protection from simple to sophisticated zero-day attacks.
Real-Time Metrics
Audit report on Attack, application health, customer interaction and more
Maintains Business Operational
Attack or no attack, HaltDos ensures your business stays operational all the time.
Multi-Vector Attack Protection
Detect and mitigate DDoS attacks of many types, including volumetric, protocol, and
application-level attacks
Security Simplified
100% customizable with on the fly updates. Easy to scale and takes no more than a few
minutes to set up.
No Human Policy
"Hands-off" solution with self-learning capability that adapts to changing network
conditions and requires minimal tuning.
Accurate Attack Mitigation
Stateful and/or Stateless DDoS appliance providing best in class attack detection and mitigation
in the most demanding operational environments.

4. DDoS Mitigation Techniques
(How to Prevent DDoS Attacks)
3
Deep Packet Inspection
(Look within the application payload of packet)
Accurate detection of malicious packets
Serves real-time network monitoring
Enhances the capability of ISPs to prevent the
exploitation of IoT devices in DDOS attacks
Checks:
Connection State
Attack Signature
Packet Payload Content
Packet Headers
Whitelisting / Blacklisting
(Manual operations to perform on IP prefixes)
Filter legitimate/malicious incoming requests
that are coming from any geographical region
Ensure regulatory compliance regimes
Prevent inbound flood attacks from the multiple
IP resources
Prevent outbound flood attacks from your IPs
Traffic Shaping
(Improve Latency)
Stream optimization and increased network
performance
Prevent False Positives
Traffic Rate Control
(Monitoring and Rate Limiting Traffic)
Prevents Volumetric attacks, Protocol and
Resource attacks
Network and Application level enforcement
Examples
Connection Limit
Connection Rate Limit
Packet Rate Limit
HTTP Request Limit
Aggressive Aging
(Connection Timeout for Idle / half-open connections)
Prevent against the Open connection and Slow
connection attacks.
Prevents idle connections to fill up the connection
tables in servers.
Much sooner Timeout for Inbound and Outbound
Connections.
Slow connection attacks aim to make a service
unavailable or increase latency to a service.
Anomaly Detection
(Automatic detection based on the traffic behavior)
Enables quick attack mitigation response.
Accurately detects the abnormal behavior of the traffic.
Prevents Zero-day DDoS
Checks
Traffic Pattern
Packet Analysis
HaltDos DDoS attack mitigation appliance is a dedicated, specially designed device to detect and
mitigate an array of DDoS attacks.
UDP | ICMP | IGMP | Smurf | TCP FIN | TCP ACK | Teardrop | Slowloris | Spoofing | DNS flood | TCP RESET | HTTP Flood | Brute Force | Ping
of Death | TCP SYN+ACK | TCP ACK + PSH | TCP Fragment | Connection Flood | Zero-day DDoS attacks | Reflected ICMP and UDP | Attacks
targeting DNS servers | Mixed SYN + UDP or ICMP + UDP flood | Attacks targeting Apache Windows or Open BSD vulnerabilities And more...

5. Deployment Modes
4
Inline Mode
Inline DDoS Mitigation mode inspects all the traffic in real-time and can identify, analyze and mitigate within seconds.
HaltDos supports flexible inline mode deployments:
Standalone deployment
High Availability 1:1 deployment with separate management
Stack deployment with separate management
In inline mode, the solution also supports the “inactive” protection mode where only attack detection is enabled and “active” protection mode where
attack detection, as well as mitigation, are enabled. In “inactive” protection mode, the solution analyzes traffic and monitor attacks without performing
any mitigations. Protection mode can be changed on-the-fly by configuring software bypass setting.
Offline Mode
HaltDos is deployed out-of-line through a span port or a network
tap. Offline mode, in general, is for trial implementation. For
example, before deploying HaltDos inline mode and allowing it to
affect the enterprise network traffic, you can deploy it in offline
mode for evaluation purposes. The generated information further
helps in creating enterprise policies for attack detection and
mitigation.
High-availability settings allow configuring multiple
HaltDos Mitigation servers to run in a cluster (sharing
states, parameters and behaviour). This also ensures
reliability & service continuity. To set this, you need to
fulfil the following two conditions:
Availability of minimum of two HaltDos mitigation
appliances
Ensure both devices are in direct connection with each
other over a dedicated HA port
High Availability Mode

6. 5
Technical Specifications
MODEL HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G
Form Factor
Processor
1U Rack Server 1U Rack Server 1U Rack Server 1U Rack Server
Intel Xeon E5-2620
v4 2.1Ghz, 20M Cache,
8.00GT/s
2x Intel Xeon E5-2620
v4 2.1Ghz, 20M Cache,
8.00GT/s
2x Intel Xeon Processor
E5-4655 V4 2.5Ghz,
25M Cache, 8.00GT/s
2x Intel Xeon Processor
E5-4620 V4 2.1Ghz,
25M Cache, 8.00GT/s
Sockets 1 2 2 2
Core 6 6 8 10
Memory 32GB 64GB 64GB 96GB
2TB 7.2K RPM
SATA 6Gbps
2TB 7.2K RPM
SATA 6Gbps
2 TB 7.2K RPM
SATA 6Gbps
2 TB 7.2K RPM
SATA
HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
1U Rack Server
2x Intel Xeon Processor
E5-4620 V4 2.1Ghz,
25M Cache, 8.00GT/s
2
12
128GB
2 TB 7.2K RPM
SATA
Hard Disk Drive
PERFORMANCE
Max. Throughput 1Gbps 5Gbps 10Gbps 20Gbps
Max. Concurrent Sessions 1,000,000 4,000,000 10,000,000 10,000,000
Maximum SYN Flood Attack Rate
(SYNs per second)
1,000,000 7,000,000 7,000,000 20,000,000
<60 <60 <60 <60
50Gbps
25,000,000
50,000,000
<60Latency (micro-seconds)
PORTS
GE(GBIC) 2 x 1G
Hardware Bypass
(Copper or Fiber)*
2 x 10G
Hardware Bypass
(Copper or Fiber)*
2 x 10G, 4 x 1G
Hardware Bypass
(Copper or Fiber)*
4 x 10G & 8 x 1G
Hardware Bypass
(Copper or Fiber)*
12x10G
Hardware Bypass
(Copper or Fiber)*
Network Operation Transparent Layer 2 Forwarding
BYPASS, DETECT & MITIGATE
Includes GE and FE
In-line and SPAN Port
Operation Modes
Managing Ports
Deployment Operation Modes
PHYSICAL
Operating Temperature
Humidity (non-condensing) 8%-90%
10-35C
IPMI 2.0 Compliant
Optional FIPS - 2/ Non-FIPS SSL Offloading through Cavium© technology
IEC 60950-1, EN 60950-1, CISPR 22/CISPR 24 and EN 55022/55024 CE Class A,
FCC Class A, RoHS
CE Class A,
FCC Class A, RoHS
System Management
Hardware security module (HSM)
Safety Certifications
PROTECTION
Stateful Operation
Stateful Inspection
TCP Stream Reassembly, IP Defragmentation
RFC compliance verification for TCP, ICMP, DNS, HTTP, SSL
RFC compliance verification for IPv4, IPv6, TCP, UDP, ICMP, DNS, HTTP, SSL
Anomaly-based adaptive zero-day protection, Flood protection for IP, TCP, UDP, UDP
(with ICMP Back Scattering), ICMP, DNS, SNMP, NTP, DNS Query, IP Fragmentation
and Zombie connection flood
Protocol Inspection
Network DoS/DDoS Protection
* No. of inspection ports
can be customized

7. 6
Functional Specifications
PROTECTION
SSL Renegotiation floods
Adaptive behaviour-based web server traffic monitoring, detection and preventing
known and zero-day HTTP DDoS attacks, HTTP GET/ POST/PUT flood, Slowloris, R.U.D.Y.
protection, Random DNS subdomain Query flood, DNS/ NTP / SNMP Amplification protection.
Application layer Protection
SSL Attack Prevention
Support for IPv6 Networks and Blocks IPv6 attacksIPv6
MITIGATIONS
Automatic Real-time Signatures
(Packet Filter Criteria)
Bandwidth Management
Source IP, Destination IP, Source Port, Destination Port, Packet ID, Packet size,
TTL (Time to Live), ToS (Type of Service), IP Checksum, TCP Sequence Number, TCP
Checksum, TCP Flags, TCP Window size, ICMP Checksum, UDP Checksum, ICMP Message Type,
DNS Query, DNS Query ID, HTTP Request URL
Adaptive traffic shaping with guarantee max threshold bandwidth per application
Zombie flood protection
Access Lists, Black/White/Gray Lists
Suspicious traffic detection for adaptive traffic shaping
Transparent proxy to prevent TCP SYN Flood
Access Control
Traffic Scoring
SYN Proxy
Aggressive Aging
Prevents connection abuse and limits flash crowdProgressive Challenge
MITIGATION FEATURES
DDoS Detection and Mitigation
Anomaly-based DDoS Detection
Bidirectional DDoS Protection
Zero-day Attack Protection
Traffic Pooling based on Source IP, Destination
IP & VLAN ID
Network & Application Layer Protection
Low & Slow DDoS Attack Protection
SSL/TLS Based Attack Protection
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
Supports Custom Signature Definitions
Protection from Malformed Packets
Blacklisting & Whitelisting
Aggressive Aging of State TCP Connections
Dark IP Protection
Rate Limiting Protection
Technical Specifications

8. 7
MITIGATION FEATURES
Deep Packet Inspection and RFC Verification for
IP, UDP, DNS and HTTP
In-built DNS Firewall
REGEX based Rule Matching Protection
Daily Updates of IP Reputation, Geo IP,
Signatures
SOLUTION FEATURES
Stateless Solution / Partial Stateful
Hardware and Software Bypass
Low Latency
Multiple Deployment Modes (Inline and Offline)
Regular Attack Signature Updates
Periodic IP Reputation, TOR IP Updates
Reconnaissance and IP Lookup for
Troubleshooting
Support for Unlimited Users
Configurable through GUI and CLI
Notification via Email and GUI
User Group Based Privileges and Access Control
AAA Support with RADIUS and TACACS+
Periodic Backup and Restoration Capabilities
In-built Dashboards. Support for Custom
Dashboards
Log Management with detailed Logging,
Audit Logs, Change Log and Syslog Support
Supports External SSL/TLS Decryption
Periodic Reporting (PDF/HTML) via Email
In-depth Statistics and Traffic Summarisation
Packet Capture for Passed, Dropped and
Custom Signatures
Support for VLAN and GRE Tunnelling
Protocols
Redundant Power Supply
High Availability Support
External SAN Storage
Support for IPv4 and IPv6
Technical Specifications
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G
HD-NIE-1G HD-NIE-5G HD-NIE-10G HD-NIE-20G HD-NIE-50G

9. HaltDos™ FALCON
Copyright© 2020 Halt Dos.com Pvt. Ltd. All rights reserved. HaltDos disclaims in full any covenants, representations, and guarantees
pursuant hereto, whether express or implied. HaltDos reserves the right to change, modify, transfer, or otherwise revise this publication
without notice, and the most current version of the publication shall be applicable.
STAY ONLINE AND ALWAYS AVAILABLE WITH
HALTDOS FALCON!
To learn more about our Enterprise DDoS Protection Solution and to ensure
360° protection for your IT network resources, please visit: www.haltdos.com