In the last months of 2016 Serverius became the Dutch leader DDoS protection. That’s quite amazing against all (worldwide) competitors. Let’s see why IP network owners like our product so much. 

During my daily advisory work, a lot of people asked me what the difference is between Serverius and other companies when it comes to DDoS protection. “Why are you better than my current supplier?” Most of the time this question is based on their lack of knowledge of technical features that might be needed in the future. The solution of defending future DDoS attacks will be in the details. But what can you expect during these future attacks?

The only solution for network owners is a combination of advanced tooling. Therefore I created the comparison table below to show people what the rough differences are between different parties.

Sem Hindriksen, Solution manager at Serverius

DDoS protection comparison table

This comparison is based on the most used companies in the Netherlands that are offering DDoS protection as a service. All parties offer services by their own hardware infrastructure, no external services can be used. All companies that are reselling or partially use of others are excluded (this exclude around 94% of all Dutch service providers). The offered service should be IP based, protecting all IP protocols, services and port numbers without any other (hosting) services.

The word “DDoS protection” is used by many companies in lots of different ways. For some it’s to protect a website, another will tell you it’s to protect against congested uplinks and another will offer a full IP security layer with many other protection techniques. Let’s put all cards on the table and see what the differences are.

Keep in mind that the best DDoS protection provider does not exist. Every user will have it’s own and different protection goals. But still there are quite some differences in quality and pricing. Some services offer the same or less and are still more expensive than others. Therefore the scheme below will give you an better overview of the differences. I hope you enjoy!

imperva incapsula comparison table Serverius comparison table Voxility DDoS comparison table Corero DDoS Protection comparison table Nawas NIBP alternatief vergelijking tabel Akamai
Definition goal of "DDoS Protection"Protecting private IP infrastructures and hosted IP applications in the cloud to prevent full uplinks and offline IP applications.Protecting private IP infrastructures and hosted IP applications in the cloud to prevent full uplinks and offline IP applications.Protecting private IP infrastructures to prevent full uplinks.Protecting private IP infrastructures and hosted IP applications in the cloud to prevent full uplinks and offline IP applications.Protecting private IP infrastructures to prevent full uplinks.Protecting private IP infrastructures and hosted IP applications in the cloud to prevent full uplinks and offline IP applications.
Client target audience:Private network owners who need IP protection by a self service portal and large enterprise IP applications who need fully SLA managed DDoS protection.Private network owners who need IP protection by a self service portal and large enterprise IP applications who need fully SLA managed DDoS protection.Ip-transit, colocation or dedicated server users who need to be protected against volume DDoS attacks.Private network owners who need IP protection by a self service portal and large enterprise IP applications who need fully SLA managed DDoS protection.Private network owners who need to be protected against simple volume DDoS attacks.Private network owners who need IP protection by a self service portal and large enterprise IP applications who need fully SLA managed DDoS protection.
Centralized client panel available where users can configure their own IP security layer?nonono
Personal attack map, based on a overview of the user his attacks?nono
No risk of extra payment afterwards when user have multiple attacks?
Unlimited amount of DDoS attacks per service/package per month?
Company have more than 100 clients in total?
Attack information is automatically used to protect all users against future DDoS attacks?
Seamlessly working with IP transit from the supplier or others.
Inhouse Research and Development department?
Neutral client acceptance?
Only members from the NBIP
App or IP scan of protected subnet?
Clear SLA available?
Uptime guarantee?
Service including a personal training for better IP protection?
imperva incapsula comparison table Serverius comparison table Voxility DDoS comparison table Corero DDoS Protection comparison table Nawas NIBP alternatief vergelijking tabel Akamai
Volumetric (Layer attack protection?
Application (layer 7) attack protection? - DNS, http, https, voip, other.
Maximum protected IPv4 and IPv6 subnets:Up to a /21 IPv4 and IPv6 n.a.n.Up to a /12 IPv4 and a /32 IPv6Up to a /24. No IPv6. Depending the extra services, extra subnets will cost extra setup and monthly fee.Up to a /20 IPv4 and IPv6 n.a.n.Up to a /22 IPv4 and IPv6 n.a.n.Fair use IPv4 and IPv6
Be able to protect only 1 IPv4 subnet out of a /24?
Unlimited incoming data-traffic without cost (without service pause)?
Supported by own 24/7 support engineers?
Periodically learning mode to adjust the IP protection layer to the application.
Without schedule, only by client request.


Without schedule, only by client request.

Without schedule, only by client request.
Personal security layer creation per IP of application by user.
By client support request.

Fully controlled by client panel.

By client support request.

By client support request.
Redundant GRE to different hardware at geographic PoP locations?
Remote API to automatically enable protection for single IP addresses and small subnets of a /24.
Set rate limit for non protected IP subnets?
By client support request.

By client panel.

By client support request.

By client support request.
Packet capture files of DDoS attacks downloadable inside client panel?
Usable as "in-line" (always on) protection?
Usable in "out of path" (on-demand) protection?
Reverse security checkup (pen-test of the protected IP/application)?
Free reverse proxy server support?
Caching Proxy availability?
imperva incapsula comparison table Serverius comparison table Voxility DDoS comparison table Corero DDoS Protection comparison table Nawas NIBP alternatief vergelijking tabel Akamai
Total scrubbing real capacity in Gbps?1,5Tbps800Gbps500GbpsUnknown120Gbps30Tbps
Incoming (dirty) data traffic without cost?
Rate limiting of IP subnets and Layer 7 protocols?
Personal firewall rules per IP subnet included?
By paid support request.

Free by client panel.

ACL by paid support request.

By paid support request.

By free support request.
Personal IP blacklist per IP security layer configuration?
without flush by client.
Web Application Firewall (WAF) included?
Can be purchased as a extra service.

Can be purchased as a extra service.

Can be purchased as a extra service.
Geographic country blocking?
Flowspec support?
Coming soon.

Optional.

Coming soon.

Coming soon.
IP reputation database blocking?
Automatic botnet blocking
Real-time IP monitoring with automatic user notification?
Direct notification by email with attack informationand SMS during attack?
Automatic protocol data-traffic graphs per protected IP subnet in client panel?
Downloadable month/week/day attack reports?
DDoS attack simulator for testing own protection?
imperva incapsula comparison table Serverius comparison table Voxility DDoS comparison table Corero DDoS Protection comparison table Nawas NIBP alternatief vergelijking tabel Akamai
Service starting pricing to use the full service (lowest package to protect at least a /24):No default pricing, only quote based pricing. Target pricing for the average client is approximately 3500,- per month, €5000 setup.Bronze package: 499,- per month, no setup.Not offering training.Anti-DDoS Cloud package: €1700 per month, no setup.DDoS Protection-as-a-Service (DDPaaS) starting at 2500,- per month, €1000 setup.NBIP membership fee + Category 1 package: 350,- + monthly VLAN cost of AMS-IX or NLIX vlan: 175 EUR per month. Note: when having more than 1 attack a month, an automatic upgrade to the next Category 2 package of 950,- per month is performed (category 2 can handle 1 or 2 DDoS attacks a month). Higher packages up to 3500,- per month.No default pricing, only quote based pricing. Target pricing for the average client is approximately 6000,- per month, €3000 setup.
Including pro-active private training for clients to use the service and approve the client infrastructure against future attacks.
By paid by the hour.

Not offering training, only answering client questions.

It is not applicable because clients cannot do anything themselves.

Akamai University, paid by the hour.
Included NOC/SOC department:USA based, default support during account setup and during attacks. Personal adjustments per IP or subnet are the first time free, later on it will be invoiced by the hour.European based, default support during account setup and during attacks. Basic information regarding all functionality within the DDoS Protection Cloud client panel.European based, standard "Works as advertised" For a knowledgeable system administrator that only needs rough filtering of large attacks and can implement further software firewall rules on server or to optimize his applicationDefault support during account setup and during attacks. Personal adjustments per IP or subnet are the first time free, later on it will be invoiced by the hour.European based, basic support during account setup is free. Hours to assist to attacks later on are invoice by 85,- EUR per hour.USA based default support during account setup and during attacks. Personal adjustments per IP or subnet are the first time free, later on it will be invoiced by the hour.
Additional SLA, extra care support cost.Additional SLA by quote request. Starting at 1900,- per month.Starting at 399,- per month.
Serverius 24×7 pro-active premium DDoS NOC support service is a ready-to-use SLA service. Personal adjustments by SOC admin and client requests.
Starting at 600,- EUR per month.
SLA for Anti-DDoS Filter for rented servers. Expert "Immediate and knowledgeable attention" Voxility solves any issue related with application tuning for DDoS attacks shortly after your call.
Additional SLA by quote request. Cost unknown.Additional SLA by quote request. Cost unknown.

All companies in the table above were asked upfront (by email and telephone) to fill in all items of the comparison table. Unfortunately some did not
want to cooperate. For those I tried to fill in all data as good as possible but if you think something should be changed, please let me know: sem@serverius.net

No winners, but lots of differences

Like you’ll see in the table above there are many differences between Serverius and others and no one is the real winner. But you’ve probably noticed some clear differences now. Some like Incapsula and Akamai offer a wide range of web application firewall (WAF) features and for example Nawas is offering way less protection functionality and lower performance without any remote control and is even more expensive than Voxility or Serverius.

Also the user control approach is quite different between all of them. Some only offer their service like one big magic black box without any user control. Others provide a simple web-interface to view statistics and others will offer a fully customized webinterface where users can create their advanced security layers per IP subnet or application. Therefore my advice is always to take a closer look of what you really need in your situation. Because when you want to protect a full IP infrastructure, you will need the most control and insight you can get. It will also save you a lot of support desk communication and it will reduce the noise on critical moments when you are under DDoS attack. In total it will higher the level of protection.

100% uptime guarantee

A clear Service Level Description is a must have at any DDoS protection service. It will explain the service principles that will avoid false user expectations afterwards.

During my interviews with all companies, some of them surprisingly added a 100% uptime guarantee in their SLA. I asked them for a clear explanation but unfortunately they could not provide this to me. One told me “Just trust us it will work because we are the biggest and the best!” another told me “If our protection will not work a client can cancel his contract”. The other one explained to me that they offered 100% guaranteed protection by a customized SLA document that they sell to clients as an extra. Surprisingly he was not allowed to share an example with me, nor he could tell me what the financial penalty will be when their protection will fail. Of course sales people will use it for marketing, but in reality no one can offer it. For example, even the largest networks like Akamai were not able to hold the Mirai botnet attack in 2016. All together it shows that 100% uptime guarantee is simply impossible because nobody can look into the future.

In-house Research & Development

In the ongoing battle against attackers, it is key to have a well organized R&D that will examine every new attack and adjust the global protection layer with that information. In the past 2 years our company had a lot of clients that moved from other suppliers because their IP application could not be protected elsewhere.
I’m not going to lie, it took really a lot of effort to get those applications well protected. In two advanced situations we were only able to protect them partly (the user accepted the better than nothing principle). This shows that a fanatic team of engineers is really needed to assist users in the complicated cases. If new defense mechanisms are needed to protect against new attacks, the R&D should add them asap. Therefore a normal support team will not be enough. My personal opinion is even without the human thought, any DDoS protection system is worthless because new application are build by humans, attacked with new attack techniques that are developed by humans so also the defense technology should be configured and supported by humans.

Questions or remarks? Let me know!

+31(0)887378315 – +31(0)610994525 – sem@serverius.net – Skype: sem.serverius.bv