Data Center Defender (DCD)
Cloud based DDoS protection for network infrastructure
Concerned that your network infrastructure could be a target of malicious traffic?
This is one of the worst scenarios to be in, depending on what type of business you have, a hacker can flood your network with 100’s of Gb/sec of traffic targeting any IPs that are part of your network infrastructure.
Without adequate and tested protection in place your whole data center, websites, applications or corporate network access will cease to function, and you will be at the mercy of your network provider to solve the problem.
We all know how quick network providers are to snap into action and solve problems in a timely fashion!
Network engineers employed by corporations or hosting operations are under the impression that their ISP or upstream provider will take care of a large network flood of nuisance traffic that’s overwhelming their link to the Internet.
Without a prearranged agreement in place with your network provider you may be out of luck. Then there are the network providers who claim to be able to handle a DDoS flood of traffic but have little or no experience handling such large volumes of traffic in a timely fashion, especially when the target is rotating on different IPs inside your network.
ISP's, hosting providers and network providers will not allow an attack on your network to negatively impact other customers. The immediate solution for them is to null-route or black-hole your IP space, you lose but your provider saves their other customers.
Not sure if your network can handle a DDoS attack on your infrastructure ?
Then you should test it……… Try our DDoS attack platform. Learn more here.
DDoS protection for Network infrastructure
DOSarrest’s Data Center Defender DCD
DOSarrest developed the Datacenter Defender (DCD), specifically to protect network infrastructure, the DCD platform leverages the mitigation engines of DOSarrest’s global network, scrubbing DDoS traffic (volumetric and advanced) and then routing valid traffic on an established clean path back to the customer's Datacenter or network, all within a few seconds.
How it works
There are a number of connectivity options, the easiest and fastest setup is to first setup 2 GRE tunnels to 2 different cities within the DOSarrest cloud. Only one is required for operation at any one time and one is for auto failover should there be an issue on a particular tunnel.
This service has a number of configuration options as well, the most popular mode is that the customer feeds DOSarrest their Netflow,Sflow or Jflow network data. The customer then defines thresholds on their whole netblock and/or as granular as a single IP address. Once a threshold has been triggered, DOSarrest will advertise the specific class C on the customers behalf that is being attacked, this causes all traffic for that specific Class C to ingress to all of DOSarrest’s scrubbing centers, where it is cleaned and then tunneled back to the customer’s network. The return traffic is routed directly to the Internet visitor from the customers network (Asymmetric routing) This minimizes latency and provides the ultimate performance when under attack. Once the attack has stopped the system will withdraw the customers’ class C advertisement from Dosarrest’s network and the traffic will ingress and egress from the Customer’s network as it normally does.
This is all done automatically!
Your network infrastructure is completely protected 24/7 and monitored by our 24/7/365 SOC and you can also login and see the attack and mitigation in near real-time.
Why Use DOSarrest’s Data Center Defender Platform ?
- Protect any amount of IP space in any global location
- Volumetric traffic anomalies are continuously monitored every few seconds
- AI generated rulesets- analyzes traffic, packet by packet for sophisticated anomalies in near real-time (10Sec) and blocks the malicious traffic
- Immediate intelligent mitigation, no traffic learning period required
- Asymmetric routing for ultimate performance
- Define thresholds on a single IP address or as large as a /16 network
- Traffic analysis – See what’s passing through any interface inside your network real-time using our customer portal
- Reporting - Interactive graphical displays for historical and real-time stats with “one click” filters
- Multiple configuration options, Always-on, on-demand and auto fail-back
- Multiple connectivity options, GRE tunnels, exchange points or direct connect
- Stateless operation allows for asynchronous traffic analysis and mitigation
- Employs 3rd party reputation-based databases to block known malicious IPs & domains
- Supports permanent blacklists and/or whitelists
- All traffic types are analyzed including MPLs traffic, great for NSP’s
Click Here To View Pricing