DataCenter Defender - GRE

For datacenter operators, or owners of large network IP space, it can be extremely challenging to deal with DDoS attacks and avoiding the collateral damage to their networks and customers. A minute is all that is needed to saturate a DC’s bandwidth, causing an outage not only to the target, but all other customers inside that DC.

That's why DOSarrest developed the Datacenter Defender (DCD). The DCD platform leverages the mitigation engines of the DOSarrest network, scrubbing DDoS traffic (volumetric and advanced) and then routing valid traffic on an established clean path back to the customer's Datacenter, all within a few seconds.

Receive A Free Quote


The DCD Platform can be configured in 3 ways:

BGP Based Trigger

In this type of configuration, customers configure a BGP session with DOSarrest, over which they can announce their netblocks anytime. This will cause all visitors to that netblock to come into the DOSarrest network, where the attack traffic will be scrubbed, and clean traffic tunneled/routed back to the customer network.

Control method: Customer controlled

Modes of Operation: “Always on” or “hotstandby”

Connectivity Options: GRE, IPsec, direct connect, MPLS/VPLS, Equinix Cloud Exchange, Cloud WAN.

Flow Based Trigger

For customers who do not have BGP capabilities, but are able to export Network Flows (Netflow/Jflow/Sflow) to the DCD platform. The DCD platform will analyze incoming flows, and automatically modify routing for effected netblocks and immediately mitigate the attack once it starts to come into the DOSarrest network. Once the attack is over, routing is restored back to normal.

Control method: Automatic

Modes of Operation: “Always on” or “hotstandby”

Connectivity Options: GRE, IPsec, direct connect, MPLS/VPLS, Equinix Cloud Exchange, Cloud WAN.

Secure Stack

For customers who are not able to do option 1 or 2, and have a server or stack that needs DDoS protection. Typical customers of this service are organizations who are co-locating their servers, or using a public cloud (eg. AWS or Rackspace).

Users of this service are allocated a Secured DOSarrest IP/IP’s, which they configure on their servers. A tunnel is created from the DOSarrest network to the server(s), over which the Secured IP is routed.

Control method: Customer controlled

Modes of Operation: “Always on”

Connectivity Options: GRE or IPsec.


Global Network Footprint

Global Network Footprint

Our Global Network Footprint across Europe, North America and Asia, ensures you can connect to DOSarrest at the closest possible node/s. And because we are peered at the largest regional peering exchanges in each region, as well as multiple Tier 1 Upstreams, it ensures your visitors have a speedy connection.

Fantastic Flexibility

Fantastic Flexibility

Create customizable blacklists/whitelists, Geo IP Restrictions, Protocol Specific Thresholds, and much more, all through our DCD portal.

Real Time Report and Alerts

Real Time Report and Alerts

Real time reports on attacks statistics and mitigations implemented, broken down into attack protocol vectors and source networks.

Combinations of Configurations

Combinations of Configurations

Set up one or more tunnels, Combine GRE and Layer 2 x-connects, implement Symmetrical/Asymmetrical routes, Multiple Class C’s; define whatever combination is best suited for your environment. The choice is yours.

The DCD platform is supported 24/7/365 by our SOC and can be a fully managed service.

Experience, Technology, and Focus

Ready to get started? Contact us now and get a free quote!

Get A Free Quote