Venusense ADM (Venusense Traffic Anomaly Detection and Mitigation System), is an intelligent anti-DDOS security defense system developed by Venustech. The system is designed to identify and protect effectively and precisely against varied common attacks such as DOS/DDOS. The Venusense ADM provides perfect protection for data centers, websites, information platforms, interactive entertainment and other Internet-based network service against malicious attacks and destruction.

Features and Benefits


The Venusense ADM is equipped with self-developed anti-DDoS algorithm, can effectively identify common attacks, such as SYN Flood, UDP Flood, ICMP Flood, IGMP Flood, Fragment Flood, WEB CC Flood, Connection Exhausted and so on. CHINADDOS tackles and blocks the attack traffic in real-time through the integrated mechanism, which protects the service host and reduces the damage caused by the attack.

General and Convenient Rule of Packet Filtering

The Venusense ADM not only provide professional DOS/DDOS attack detection and protection service, but also furnished with a general matching function for packet-oriented rules, in which fields including IP address, port, flag, keyword can be set, which significantly improves the versatility and protection performance. At the same time, the pre-defined rules are more convenient to operate, such as LAN protection, vulnerability detection, etc.

Professional Mechanism for Session Tracking

The Venusense ADM, with an internal implementation of complete TCP/IP protocol stack, has a strong capability for connection tracking. The device can classify every inbound and outbound connection by source IP addresses, and send the result to users accordingly, which enables users to monitor the status of the protected hosts. Meanwhile, it is equipped with the functions of setting connection timeout, connection resetting as well as other auxiliary functions, which makes up the shortage of standard TCP protocol and ensures the performance of user servers under attack.

Simple and Varied Management Mechanism

The Venusense ADM has a wealth of management functions based on simple WEB management that supports local or remote upgrading. Besides, multiple logging and authenticating functions also greatly enhance the availability of the devices. The attacks can be monitored in real time, and the query of attack history logs can be accessed analyzed easily. Therefore, it is easier for users to track and investigate the attack.

Flexible Deployment Capability

There are many challenges for anti-DDoS deployment system for users with different network environment. The coexistence of various networks including enterprise network, IDC, ICP or metropolitan area network etc. brings greater challenges to the deployment of anti-DDoS system. But the Venusense ADM has the capability to deploy under various circumstances.

Cluster Deployment, Dynamic Expansion

When deployed on the construction of operators’ defense center, the multi-machine cluster solution of the Venusense ADM can be used to expand Guard’s processing performance. Using the Venusense ADM as the basic configuration with the 80G single-machine maximum defense capability, through the cluster-mode make ADM capability ultimate expansion.

Deployment Mode

In-line Mode

In in-line mode, the Venusense ADM is deployed with transparent mode. The attacker traffic will be filtered completely among all the incoming and outgoing traffic that passes through the system.

Out-of-Path Mode

In out-of-path mode, The Venusense ADM is used for detecting attack, and the defense system is deployed in a single link separately.

a) When attack is not detected, traffic goes directly to the service system network via the switch.

b) When attack is detected, the switch will be informed to divert all the traffic into the link of protection cluster. The attacker traffic will be filtered and be reinjected back to the system network.

c) Under the massive traffic attack, all traffic will be diverted to Venusense ADM and mitigated by Venusense ADM. after the mitigation, the clean traffic will be reinjected to the previous network.