Protection against DDOS attacks

Protection against DDOS attacks. Detection and mitigation of unwanted traffic

Many years of experience in protecting servers from DDOS attacks has resulted in one of the most excellent attack detection and mitigation systems currently offered to any Internet access service at no extra charge.

Physical structure of the detection system:
  • Traffic sensors on external network connections
  • Traffic sensors on the internal connections of the network
  • Real-time traffic analysis servers with a heuristic traffic modeling component
  • Mitigation control servers
  • Switches mirroring the traffic
Physical structure of the Mitigation System:
  • High-performance network switches
  • Backbone routers
  • DDOS BYPASS routers

Basic types of mitigated attacks:
  • Volume dense attacks based on UDP packets
  • Socket overrun attacks - based on TCP packets
  • SYN FLOOD attacks
  • Attacks on individual layer 4 services.
  • Packet fragment attacks
  • NTP REDIRECTION attacks
  • DNS FLOOD attacks
Attack detection times and mitigation times:

  • Using real-time analysis technology, most attacks are detected and mitigated within a few (average 2-4) seconds.
A more detailed description of DDOS attack protection systems is available for interested and existing customers.