# Key Features

| Feature Point         | Feature Description                                                                             |
| ------------------------ | --------------------------------------------------------------------------------------------------------------------------- |
| **Basic Protection**     | Blocking malformed packets<br/> Defense against syn flood, ack flood, udp flood, icmp flood etc.<br/> Defence against attacks exhausting connections, http get/post flood etc.<br/> Defense against dns request/response flood and more |
| **DNS Detection**       | Detection and protection based on the NAME, TYPE, CLASS characteristics of DNS queries/responses         |
| **Automatic Detection** | Automatic detection and protection through baseline learning, behavioral modeling algorithms and more      |
| **Deep Protection**     | Deep matching and protection by conditions such as source/destination IP, protocol, port, packet length, flag, packet content etc. |
| **Access Control**      | Configure layer 3-4 blacklists, speed limits according to source/destination IP, protocol, ports ; <br/> Configure application-layer black- and whitelist, speed limits, based on source/destination IP, protocol, ports, domain name, URL, User-Agent etc. |
| **Monitoring**            | Traffic monitoring, packet volume monitoring, event monitoring etc.                                            |
| **High Availability**  | Master-slave deployment, load balancing etc.                                                                          |
| **Attack Evidence Collection** | Real-time packet capturing for evidence based on source/destination IP, protocol, ports etc. |
| **One-click switch**  | One-click to close or open protection                                                                                                          |