DDoS attacks have been in existence for over 20 years causing websites to become unavailable to their legitimate visitors. These attacks are accomplished by utilizing one of these 2 main methods or techniques.
Method 1 : Flood the victim’s network with so much traffic that their Internet service provider’s network infrastructure such as router’s, switches, load balancers, firewalls, etc are not able to process the volume of traffic directed at their website. This attack method is commonly referred to as “ Volumetric “ attacks.
Method 2 : This method can be very difficult to detect and even more difficult to stop. These types of attacks are usually on layer 7 of the OSI model and are crafted and delivered in such a way so as to blend in with your legitimate Internet visitor traffic. This is where DDoS protection specialists earn their keep and can make the difference between your website being up or down. These types of attacks are commonly called “Sophisticated “ attacks.
Sophisticated attacks are by far the most common type of attack since 2012
As an illustration have a look at this Interactive attack map, showing the number of small(150Mb/sec or less) DDoS attacks in real-time that we stop for our customers.
DOSarrest's DDoS protection service has evolved over the last 10+ years to handle the largest and especially the most sophisticated attacks, we have a fair bit of experience after all.
DOSarrest's DDoS protection service is a fully managed security service. What does that mean to you ? It means you don't have to ever login if you don't want to. Our SOC will take care of any configuration changes you want, tell us what you want to accomplish and we'll do the rest, usually within 10 minutes. Should you like to control things yourself, by all means login and take charge, our customer portal is second to none, very responsive and very intuitive, allowing your changes to be active in seconds.
Our DDoS protection service is comprehensive in every sense, when it comes to protecting websites. We stop any and all DDoS attacks. The truth is that 95% of all attacks on websites are actually pretty small but are very sophisticated layer7 attacks, that will take your website down just as fast as a mega volumetric attack but they're harder to detect and stop. We take care of these as well. How do we do it ? We don't utilize any off the shelf DDoS mitigation hardware or application firewall hardware and never have. We have developed our own software that enables us to create multi-tiered complex rules to combat any attack, this means attacks that have never even been seen before, we can stop on the spot.
We are just releasing our latest( Q2 2017) major upgrade of our core backend software along with a new customer portal and advanced analytics. This is our 5th major release in the last 11 years.
The service operates by allowing customers to redirect by DNS their URL's/ Domains to a DOSarrest VIP(Virtual IP), once this is done all traffic will flow to one of our globally distributed scrubbing centers where it will be scrubbed of any malicious traffic and then we will forward the clean traffic to the customers' origin server wherever it may be. The customer's origin server IP is kept completely hidden from all Internet visitors and therefore cannot be attacked directly.
We employ a layered approach to DDoS mitigation comprised of 3 major layers plus A Web Application Firewall(WAF) layer on all of our globally distributed nodes. All customers websites use all nodes simultaneously, this allows us to chop up any mega attacks into smaller bites and gives customers a performance boost at the same time, by caching some or all of their content around the globe.
The layers are best illustrated in this graphic and video.
Layer 1 as shown above is accomplished with the help of our upstream providers where we have strategically placed filters inside their backbones. Layer 2 is done on our routers and load balancers. Layer 3 is done with our in-house developed software which we have developed and re-developed over the last 11 years, this is the layer where we stop the most sophisticated layer 7 attacks. At this level we can create any security and/or performance feature in a matter of minutes and deploy it for any customer right away or choose any of the ready-made, available features in our portal and deploy it in seconds.
We have tried to make our DSS customer configuration area as intuitive as possible. We have seen many other's DDoS protection configuration portals and some are just an endless panel of options of things to enable or disable, some of which have nothing to do with website security or performance. We have tried to make things as easy as possible for our customers. We have developed what we call "features" there are 2 types of features, Security and Performance features. All you have to do is select an area of your website where you would like to apply a feature, which could be at the VIP level, the webserver level or a particular URI that you may wish to define. Then apply the feature to the level you have chosen. It's that simple, no guess work on what or where something will affect the operation of your website. Should you require a feature that is not listed in our feature choices, no problem, tell us what you want and we'll make it for you, usually on the spot within minutes and make it available.
In addition to the features mentioned above there is one other major security mechanism that is very useful, which is ACL's (Access Control List). Customers can white list by IP address certain areas of their website by predefining who's allowed in and deny all others. This is most frequently applied to sensitive website URL's like /admin-login, predefine which IPs can access this URL and deny everyone else.
Security Operations Center… Depending on how you see things, not everything can be automated or performed by machines, automation is nice but in the end, highly skilled, responsive people are required to ensure everything is working as it should. We have as high a support analyst to customer ratio in this business than any other DDoS protection service. Our 24/7 SOC is constantly monitoring alerts that may be triggered by malicious traffic and then investigate further when required. Customer support is available by phone, email or chat by qualified, experienced engineers and analysts, our average response time is within 10 minutes.
ISPs and MSPs can now white label our customer portal to give their customers the look and feel as if its their own DDoS protection service and can exclusively manage their customers configurations yet allow their customers to login and see their respective website analytics.
Some larger network providers can use our API's to integrate our service into their own existing customer portals and panels. This allows NSP's and MSP's to offer their customer base one of the most advanced cloud based DDoS protection and WAF services available today, all backed by a 24/7 expert security team. A great in demand service with a new revenue stream without the cost.
Once traffic has passed through the above 3 layers it moves into the Web Application Firewall, which is one of the most advanced cloud based WAF's available on the market today.Learn more about WAF