DDOS PROTECTION

​Sistemul Fortinet Fortigate 3040B IPS/IDS Next-Generation oferă protecție in-line ale datelor și aplicațiilor critice, fără a afecta performanța și productivitatea.

DDoS Detection & Mitigation – system de detectie si mitigare a atacurilor DDOS.

DDOS Protection
Defends against known, unknown and evolving DoS, DDoS and other volumetric attacks.

DOS Protection
Defends against attacks via TCP, UDP, IP protocols, Invalid IP packets, ICMP types, Time To Live field, packets lengths, and more

Portal
Receive up to the minute notifications of attacks, mitigation and resolution of DOS and DDOS attacks.

Robust Network
With over 230Gbps of Global Routing capacity we can handle the largest of attacks.

Managed
Our highly trained team of security specialists monitor the network ensuring it is running at its peak performance.

Dedicated Support
Our support team is here 24 hours a day, 7 days a week, 365 days a year monitoring your services and ensuring it stays online.

Anti-DDoS Tunnel for Networks
The Anti-DDoS Tunnel is the quickest way for an entire Network and its downstream customers to be protected against volumetric or application specific DDoS attacks.

It is a completely automated solution that filters the traffic only when an attack is detected.

It is compatible with all edge routers supporting GRE or L2TP and gives the Network total control of which subnets are advertised through this tunnel via BGP advertisements.

Secure Uplink with Free Download IP transit
The Secure Uplink is the most efficient and simple way for an Internet Service Provider (ISP) to protect its network and its downstream customers against volumetric or application specific DDoS attacks of up to 1 Tbps.

By just adding a new upstream provider in its current list of peers, the ISP obtains immediately a completely automated solution that filters DDoS attacks for all subnets advertised through BGP to this line.

What does this service do?

This addon provides you with an affordable source of Denial Of Service protection.

If you don’t know what this is, nor have you been sent an email regarding a nullroute being applied against your IP, it’s unlikely you need this.

How much does it cost ?

All service (hosting, vps, dedicated, games, teamspeak) include free DDoS protection.

Aditional protected IP addresses cost $3.00/month per IP address in all locations we operate.

How much filtering is provided?

We provide over 999+ million packets-per-second of filtering or over 1Tbit/sec for volumetric floods.

This amount of protection is not dedicated to you but is a pool all protected users share from in each location.

What subnets does the the Layer 7 protection use?

Layer 7 protection connections will come from the following subnets.

93.115.83.64/26
93.115.90.64/26
5.254.88.64/26
5.254.110.0/26
5.254.107.0/26
5.254.115.128/26
5.254.108.64/26

You’ll need to configure your webserver to assign the users connecting IP from the X_FORWARDING_FOR field. In NGINX you’ll want to use a setup like:

set_real_ip_from 93.115.83.64/26;
set_real_ip_from 93.115.90.64/26;
set_real_ip_from 5.254.88.64/26;
set_real_ip_from 5.254.110.0/26;
set_real_ip_from 5.254.107.0/26;
set_real_ip_from 5.254.115.129/26;
set_real_ip_from 5.254.108.64/26;
real_ip_header X-Forwarded-For;

For Apache 2.2 you’ll have to install mod_rpaf to do this for you.
For Apache 2.4 you’ll want to installmod_remoteip. You’ll want to configure mod_remoteip.

What types of floods does it protect against?

Here is an exhaustive list of floods that our filtering helps protect against:

  • TCP SYN + ACK
  • TCP FIN
  • TCP RESET
  • TCP ACK
  • TCP ACK + PSH
  • TCP Fragment
  • TCP (SYN, etc.), ICMP, UDP Floods
  • HTTP URL GET/POST Floods
  • Malformed HTTP Header Attacks
  • Slow-HTTP Request Attacks
  • SYN Floods Against SSL Protocols
  • Malfromed SSL Attacks
  • SSL Renegotiation Attacks
  • SSL Exhaustion (Single Source/Distributed Source)
  • DNS Cache Poising Attacks
  • DNS Request Flood
  • SIP Request Floods
  • IGMP
  • Brute Force
  • Connection Flood
  • Spoofing / Non-Spoofed
  • Mixed SYN + UDP or ICMP + UDP flood
  • Ping of Death
  • Smurf
  • Reflected ICMP and UDP
  • Teardrop
  • Botnets
  • Blackenergy, Darkness, YoYoDDoS, etc
  • Common DoS/DDoS Tools
  • Slowloris/Pyloris, Pucodex, Sockstress, ApacheKiller
  • Voluntary Botnets
  • HOIC, LOIC, Etc
  • Application Attacks
  • Zero-day DDoS attacks
  • DDoS attacks targeting Apache, Windows, or OpenBSD vulnerabilities

As well as many others. Some protection may require a ticket to be enabled, namely some of the HTTP layer 7 protection.

In some cases we can get custom rules put in place to help, so be sure to let us know if you see a flood passing through.

Is there an SLA?

Our filtering carries a 99.9% uptime SLA.
This SLA does not cover users getting application layer floods.

RemoteIPHeader X-Real-IP
RemoteIPInternalProxy 93.115.83.64/26
RemoteIPInternalProxy 93.115.90.64/26
RemoteIPInternalProxy 5.254.88.64/26
RemoteIPInternalProxy 5.254.110.0/26
RemoteIPInternalProxy 5.254.107.0/26
RemoteIPInternalProxy 5.254.115.129/26
RemoteIPInternalProxy 5.254.108.64/26

DOS/DDOS

Multi-level DDoS Protection Technology Sensor can announce upstream provider(s) through BGP to stop routing traffic towards the attacked destinations.
Sensor can announce the upstream Internet Service Provider (ISP) or a Managed Security Service Provider (MMSP) that offers anti-DDoS services to scrub malicious packets in cloud.
Flow Sensor and Packet Sensor provide in-depth traffic analysis, traffic accounting, bandwidth monitoring, traffic anomaly and DDoS detection.
Filter can scrub and/or rate-limit malicious packets by applying dynamic filtering rules on stateless software firewalls and hardware packet filters. Dedicated filtering servers can be clustered in packet scrubbing farms. It can protect critical services against attacks that do not congest upstream links.
Filter can automatically send notification emails to the ISPs originating non-spoofed attacks.
Filter can apply filtering rules and ACLs on third-party DDoS mitigation appliances, firewalls and routers.

  • DDoS Detection & Mitigation – An innovative traffic anomaly detection engine detects DDoS attacks. The malicious traffic is blocked in a granular manner
  • Detailed Forensics – View packets and flow records for each attack. Detailed attack reports can be emailed to interested parties
  • Full Network Visibility – Supports all major traffic monitoring technologies: packet sniffing at 10 Gbps, Cisco NetFlow, sFlow, IPFIX, NetStream, cflowd and SNMP
  • Complex Analytics – Generates complex reports with aggregated data for hosts, IP groups, interfaces, applications, protocols, countries, ASNs and many more
  • Flow Analyzer and Collector – Provides a fully-featured NetFlow, sFlow, and IPFIX collector. Flows can be stored, searched, filtered, sorted and exported