Increasingly frequent attacks aimed at Denial of Service or Distributed Denial of Service can lead to malfunctions or unavailability of basic services, critical infrastructure services and security incidents. The target of the attack can be a specific device, service or the entire network or server infrastructure, which is flooded with a large number of fictitious requests and can disable the system for long hours or days.
In response to these threats, our company has developed a new product to protect customers from DDoS attacks from the Internet. Depending on the required depth of protection, we offer the following services:
1. antiDDoS standard
The service is primarily intended to protect against volumetric DDoS attacks (i.e., attacks aimed at flooding network infrastructure or link capacity with large amounts of data). It is provided in the so-called out-of-path mode through the collection and evaluation of netflow records from routers through which the customer is connected to the global Internet. In case the system evaluates the operation as abnormal based on pre-set limit values (typical detection time is approx. 40-60 seconds), it automatically applies the filter signaled by the BGP flowspec protocol, which discards unwanted traffic in the Energotel network and thus protects the integrity of customer services. Specific source and destination IP addresses, TCP / UDP ports and flags, resp. network protocols can be filtered.
2. antiDDoS premium
The service is primarily intended to protect the critical assets of the customer, which have a requirement for very high availability and integrity of the service (i.e. the service must be available to the customer during the DDoS attack itself). It is provided in the so-called in-line mode, where customer data is permanently passed through dedicated hardware protection (so-called scrubbing center). Based on the continuous analysis of transmitted data in real time, protection is automatically applied in the event of an attack being detected, and only cleaned traffic reaches the customer. The service includes reporting of detected and cleaned attacks.