New IP protection technology: IP Judge

After almost a year of development Serverius Connectivity has added a new IP security technology to the DDoS protection Cloud and general network.

Serverius IP Judge

By Sergey Petukhin, Head connectivity infrastructure

A year ago, we looked at the execution of many different anti-ddos suppliers. It showed that in terms of security technologies, they all did the same thing: technical “bot or not” checkups with reputation based databases. Each supplier has his own way of doing these checkups, the one is slightly better than the other. But one thing that none of them did well is to combine and compare information of different commercial IP reputation, open-source IP reputation databases with their own attack information to implement these in their global network to prevent or handle attacks much better in the future. The reason is because commercial companies would never use information of a competitors and also because they still rely on some isolated scrubbing product (software or hardware) that’s somewhere inside the network and what would separate the bad from the good data traffic. These days such setup will not work anymore. It’s better to put an entire network infrastructure as protection. And in such a way that all the different hardware components will protect me and simultaneously share protection information with each other. And not only with information about themselves and other private network elements, but also with other external sources. As this principle had to be adapted to our own network and therefore also does not exist, the Serverius R&D team itself started building this software.

Using the “No one is right” principle.

It’s clear to everyone that nowadays the speed and quantity of viruses and botnets in the world is too big to be digestible by one party. Thereby there is no more right or wrong IP information. No one is more right because everything is highly dependent on the time and the way an attack takes place. Precisely this concept is the basis of our new developed software. Attack information from our own internet network and from external sources being real time compared and generated to a final result which will be injected back to the whole network. Multiple layers of information can be draped over each other where the interfaces depending on personal protection user’s settings determine the final result. The result is that there is no longer any good or bad source IP. There are, for example, from an external IP only partially restrained to a particular protocol. A simple example is for example a rate limit on only UDP traffic on a specific port number. In other words, no black or white but a broad spectrum of dark to light shades of gray.

Prevention for all users

Besides that this new system will be used for the Serverius Cloud DDoS Protection, it also has a positive effect on all Serverius network users. Partial results are clear now as an extra layer of security deployed throughout the Serverius network. From edge to core routing, switching to security stack to core switch. All layers will help along to stop bad traffic before it reaches the customer’s door. This has a very positive effect on users who are not under attack. This way network connections of for example botnets and hacked servers will automatically be weakened or blocked completely which will reduce the risks of having network problems.

During the first test of the past weeks have noticed a reduced amount infected IP’s and attacks. Some test users also reported a much larger load on their servers and firewall. Therefore these new supporting IP service is a nice addition for all our network users.

Leading in the IP data traffic market

By using this new software Serverius helps its users to protect them against the most growing dangers of the Internet. Together with our users we will face this head on. The average IP transit carrier in the world only provides an internet route between a source and destination IP, irrespective of whether it is a soiled or misused IP or not. They often say “a carrier provides transport between A and B, that’s why we get paid for”. This shearing mentality is causing carriers to have outdated services and is no longer of this time. Unlike others, Serverius takes its responsibilities and helps her clients. We do not depend on Cybersecurity to make a problem of the users.

Together with our new BGPRobot we will automatically ban more and more bad data traffic from our network. This way Serverius continues to offer support on IP services and leads by far. Given the current market, this solution is truly unique.

More info @