DDoS protection

As part of the Cyber security suite, the DDoS protection is a all in one IP protection cloud service what offers users full control and clear insights. 

The Cybersecurity suite its DDoS protection is offering high performance layer 3, 4 and 7 protection with full control and clear insights. Together with a full featured Web Application Firewall (WAF) it’s the best possible network with application layer DDoS defense on the market.

  • Protocol abuse attack defense
    Defense against IP spoofing, LAND, Fraggle, Smurf, Winnuke, Ping of Death, Tear Drop, IP Option, IP Fragment Control Packet, TCP Label Validity Check, Large ICMP Control Packet, ICMP Redirect Control Packet and ICMP Unreachable Control Packet attacks.
  • Web attack defenseDefense
    against HTTP Get Flood, HTTP Post Flood, HTTP Head Flood, HTTP slow header flood, HTTP Slow Post Flood, HTTPS Flood and SSL DoS/DDoS attacks.
  • Scanning and sniffing attack defense
    Defense against Port Scanning, IP Scanning, Tracert Control Packet, IP Option, IP Timestamp and IP Routing Record attacks.
  • DNS attack defense
    Defense against DNS Query Flood attacks from real or spoofed source IP addresses, DNS Reply Flood attacks, DNS Cache Poisoning attacks, DNS Protocol Vulnerability Exploits and DNS Reflection attacks.
  • Network-layer attack defense
    Defense against SYN Flood, ACK Flood, SYN-ACK Flood, FIN/RST Flood, TCP Fragment Flood, UDP Flood, UDP Fragment Flood, NTP Flood, ICMP Flood, TCP Connection Flood, Sockstress, TCP Retransmission and TCP Null Connection attacks.
  • SIP attack defense
    Defense against SIP methods Flood attacks.
  • Mobile attack defense
    Defensible DDoS attacks launched by mobile botnets, for example, AnDOSid/WebLOIC/Android.DDoS.1.origin.
  • Botnet traffic blocking:
    Blocking of controlling traffic of botnets, active zombies, Trojan horses, worms, and tools, such as LOIC, HOIC, Slowloris, Pyloris, HttpDosTool, Slowhttptest,Thc-ssl-dos, YoyoDDOS, IMDDOS, Puppet, Storm, fengyun, AladinDDoS, and so on C&C DNS request traffic blocking
  • Feature-based filtering Blacklist
    HTTP/DNS/SIP/DHCP field-based filtering, and IP/TCP/UDP/ICMP/Other Protocol field-based and load feature-based filtering.

Interactive statistics!

The Serverius Cybersecurity suite is using an Elastic cluster we are offering interactive, super fast loading and super cool looking Grafana statistics.

Realtime DDoS attacks map

All normal and dirty data traffic is graphically presented on a personalized attack map. This gadget provides a nice overview of where your attacks are coming from.

Personalized UDP, TCP, DNS, SIP, HTTP(s) service baseline

Many defense policies are available to create your policy per IP or per hosted application. You will choose the protection technologies, the machine learning system will change periodically all thresholds for you (based on your real usage).

api

Full featured API

All main functions of the DDoS protection are available by API. This provides your own infra structure the ability to communicate automatically with the DDoS protection.

  • DDoS, bad bot protection in or outside the Serverius datacenters.
  • Unlimited incoming (dirty) data traffic.
  • Protection can operate in in-line or out of path mode.
  • Protect up to 1048574 IPv4 (/12) and a million IPv6 (/32) IP subnets!
  • Capable to defend up to 1Tbps+ DDoS attacks.
  • Using the protection by Hybrid, GRE tunnel, direct fiber or colocation.
  • Detailed attack notification by e-mail and/or SMS.
  • Enable DDoS, bad-bot protection for 1 or many IP subnets.
  • Enable/disable hundreds of protection methods per policy.
  • Add/remove/search IP subnets by API.
  • Protect IPv4 and IPv6.
  • Run protection in transparent modes: detect but not protect.
  • Optional Flowspec rules. Configurable by hand at the client panel or API!
  • Set rate-limits per IP (Safe Zone group).
  • Geographically IP blocking.
  • Enable/disable commercial IP reputation blacklists.
  • Creating advanced firewall rules and add them to Safe Zones.
  • Learning mode! Protected IP data-traffic and its behavior is analyzed and is used to automatically adjust a personal security layer!
  • Detailed email and SMS notification during IP attacks.
  • Attack packet capture. When an attack happens, you can download .pcap files of the attack traffic.
  • DDoS attack simulators to test your protection layer.
  • Toptalker IP information for incoming and outgoing data traffic.
  • Detailed attack reports per day, week or month.
  • Black and whitelist your source IP subnets.