DOSarrest's DDoS protection service has evolved over the last 10+ years to handle the largest and especially the most sophisticated attacks, we have a fair bit of experience after all.
DOSarrest's DDoS protection service is a fully managed security service. What does that mean to you ? It means you don't have to ever login if you don't want to. Our SOC will take care of any configuration changes you want, tell us what you want to accomplish and we'll do the rest, usually within 10 minutes. Should you like to control things yourself, by all means login and take charge, our customer portal is second to none, very responsive and very intuitive, allowing your changes to be active in seconds.
Our DDoS protection service is comprehensive in every sense, when it comes to protecting websites. We stop any and all DDoS attacks. The truth is that 95% of all attacks on websites are actually pretty small but are very sophisticated layer7 attacks, that will take your website down just as fast as a mega volumetric attack but they're harder to detect and stop. We take care of these as well. How do we do it ? We don't utilize any off the shelf DDoS mitigation hardware or application firewall hardware and never have. We have developed our own software that enables us to create multi-tiered complex rules to combat any attack, this means attacks that have never even been seen before, we can stop on the spot.
We are just releasing our latest( Q2 2017) major upgrade of our core backend software along with a new customer portal and advanced analytics. This is our 5th major release in the last 11 years.
The service operates by allowing customers to redirect by DNS their URL's/ Domains to a DOSarrest VIP(Virtual IP), once this is done all traffic will flow to one of our globally distributed scrubbing centers where it will be scrubbed of any malicious traffic and then we will forward the clean traffic to the customers' origin server wherever it may be. The customer's origin server IP is kept completely hidden from all Internet visitors and therefore cannot be attacked directly.
We employ a layered approach to DDoS mitigation comprised of 3 major layers plus A Web Application Firewall(WAF) layer on all of our globally distributed nodes. All customers websites use all nodes simultaneously, this allows us to chop up any mega attacks into smaller bites and gives customers a performance boost at the same time, by caching some or all of their content around the globe.
The layers are best illustrated in this graphic and video.
Layer 1 as shown above is accomplished with the help of our upstream providers where we have strategically placed filters inside their backbones. Layer 2 is done on our routers and load balancers. Layer 3 is done with our in-house developed software which we have developed and re-developed over the last 11 years, this is the layer where we stop the most sophisticated layer 7 attacks. At this level we can create any security and/or performance feature in a matter of minutes and deploy it for any customer right away or choose any of the ready-made, available features in our portal and deploy it in seconds.
In addition to the features mentioned above there is one other major security mechanism that is very useful, which is ACL's (Access Control List). Customers can white list by IP address certain areas of their website by predefining who's allowed in and deny all others. This is most frequently applied to sensitive website URL's like /admin-login, predefine which IPs can access this URL and deny everyone else.
Security Operations Center… Depending on how you see things, not everything can be automated or performed by machines, automation is nice but in the end, highly skilled, responsive people are required to ensure everything is working as it should. We have as high a support analyst to customer ratio in this business than any other DDoS protection service. Our 24/7 SOC is constantly monitoring alerts that may be triggered by malicious traffic and then investigate further when required. Customer support is available by phone, email or chat by qualified, experienced engineers and analysts, our average response time is within 10 minutes.
ISPs and MSPs can now white label our customer portal to give their customers the look and feel as if its their own DDoS protection service and can exclusively manage their customers configurations yet allow their customers to login and see their respective website analytics.
Some larger network providers can use our API's to integrate our service into their own existing customer portals and panels. This allows NSP's and MSP's to offer their customer base one of the most advanced cloud based DDoS protection and WAF services available today, all backed by a 24/7 expert security team. A great in demand service with a new revenue stream without the cost.
Once traffic has passed through the above 3 layers it moves into the Web Application Firewall, which is one of the most advanced cloud based WAF's available on the market today.Learn more about WAF