Radware Cloud DDoS Protection Service Integration

Note: This integration requires Cisco XDR Advantage or Cisco XDR Premier licensing tier.

Radware's Cloud DDoS service is based on the industry's most effective attack DDoS detection algorithms and mitigation technologies.

This solution is fueled by a powerful detection algorithm that considers all attack probabilities (not just volumetric attacks), uses a behavioral engine and employs advanced active challenges to verify good versus bad traffic.

In Cisco XDR, the Radware Cloud DDoS Protection integration allows users to investigate IP addresses to retrieve reputation data from the solution and check if any attacks have been detected involving those addresses.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Third-Party tab and navigate to the Radware Cloud DDoS Protection Service integration.

  3. Click the plus sign (+) in the lower-right corner of the card. The Radware Cloud DDoS Protection Service integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the Radware Cloud DDoS Protection Service integration in Cisco XDR.

You can perform the following tasks after you integrate Radware Cloud DDoS Protection Service with Cisco XDR:

  • Investigations - Start a new investigation into IP addresses and see if any records of them exist in your Radware Cloud DDoS Protection Service. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know Radware Cloud DDoS Protection Service has recent information. For details, see Investigate.

  • Pivot Menu - Use the Pivot menu to access actions in Radware Cloud DDoS Protection Service. Available actions include searching for IP addresses.