GateKeeper Cloud Protection
One-stop solution for clouds, hosting providers and data centers
Introducing the BotGuard GateKeeper
BotGuard GateKeeper is a universal solution to protect cloud web assets, data centers and web clusters by filtering web traffic at its landing point. It is able to recognize and mitigate a wide range of threats including DDoS and brute force, and completely eliminate bad bot-induced traffic from your business.
GateKeeper is an advanced reverse proxy built around state of the art bot and hacker detection technology that hides your infrastructure and protects it from L7 DDoS attacks. It also offers a wide range of security and performance features such as WAF, HTTP/3 (QUIC), TLS 1.3, 0-RRT, automatic SSL certificate management, content caching and rate limiting.
By using GateKeeper you will also prevent server overload and diminish your network traffic freeing up resources to provide a more pleasant user experience.
Full Features List
Protect your whole cloud infrastructure with ease.
SSL operations are CPU intensive and can limit the server resources. With SSL offloading, that process moves to the Gatekeeper and frees up the web server. Our solution supports TLS 1.3 cryptographic and HTTP/3 (QUIC) protocols, being that in the first case it speeds up encrypted connections even more with TLS false start and Zero Round Trip Time (0-RTT) and the second has better transmission speed, shorter loading times and a stabler connection for mobile users. All necessary security settings are included by default and our solution issues and renews all certificates automatically. Websites protected by the BotGuard Gatekeeper receive an A+ rating from Qualys SSL Labs.
Caching saves the resources needed to serve content that rarely changes. Placing the caching servers closer to the users decreases hop count, latency and server response time to create a better experience.
Botguard's GateKeeper downloads the static assets — like documents, javascript files, stylesheets, images or videos — from your web server only once, stores them locally and delivers that copy. This caching diminishes your web server's network traffic and offers a more pleasant user experience. The built-in HTTP/2 push feature prioritizes the delivery of vital website resources and reduces page rendering time.
Generally, caching dynamic content is not recommended. However, caching for only 10 seconds helps to mitigate traffic spikes that occur during atypical activities, be it a DDoS attack or a viral marketing event.
As our solution limits the number of concurrent connections and the request rate on a per-client basis, it helps to prevent website abuse and targeted server overload like the ones in a DDoS attack. In more complex cases, where a cluster is used, the attacker addresses are propagated throughout the cluster and filtered at the network stack of the operating system.
Distribute network traffic across a number of web servers and increase both processing speeds and server capacity effectiveness. Mitigate traffic spikes that occur during atypical activity, like DDoS attacks, and assure that you can prevent any single server from overloading.
The GateKeeper supports all of BotGuard's protection services, such as the Web Application Firewall (WAF) and Vulnerability Scans Protection, and helps you mitigate DDoS attacks. With the Gatekeeper in place, the website doesn't reveal its origin server's real IP address, making it harder for hackers to leverage targeted attacks against them as they will only be able to find that instance which has tighter security and additional resources to fight them. When using multiple instances of the Gatekeeper, some of them may be hidden from the attackers and left for legitimate visitors to use.
Getting Started
Deploy an instance right from marketplace using AWS, Vultr, or DigitalOcean cloud platforms.
Download the VMware-compatible application appliance image to use on premise. Other options are also available upon request.
