The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Edge Cloud
Edge Cloud
Chosen image
Home/Edge Cloud/Bare Metal servers/Advanced DDoS Protection/About Advanced DDoS Protection for Bare Metal

About advanced DDoS Protection for Bare Metal

How it works

For all of our equipment, basic free protection is enabled by default. The system protects against volumetric and amplification attacks, but more sophisticated attacks may bypass the basic protection. We block the attacked IP address for a set period of time to protect the infrastructure and other servers from outages.

However, you can also purchase Advanced DDoS protection. This option redirects traffic to the threat mitigation system (TMS) during an attack, which aids in traffic filtering and threat detection. This system detects an attack, filters attack traffic, and allows only legitimate traffic that does not impact the server’s operation. You can configure TMS’s ACL (access control list). The main benefit is that a server’s IP address is not blocked during an attack, and the server remains operational. Advanced DDoS protection is currently available for Bare Metal.

Advanced protection advantages

Here at Gcore, we provide basic protection to all customers, and it is enabled by default. If you want to activate advanced protection, please visit this article. For advanced protection, the option would be in "always on" mode. With "always on", your traffic goes through the TMS all the time, even when there is no attack. This protection immediately responds to an attack and ensures that only good traffic is sent to your server. There are some advantages of getting advanced protection, like:

  • Improved defense against volumetric (L3), protocol (L4), and application (L7) attacks help to reduce or eliminate the disruptive effects of DDoS attacks without interrupting uptime.
  • In the event of an attack, a higher blocking threshold or no blocking at all (depending on the billing plan).
  • Instant reaction to an attack. The protection detects an attack in under three seconds.
  • Lower trigger threshold. Smaller volume attacks are detected.

Additional key features

  • Clean Traffic Limit. This will depend on the location.
  • Black hole threshold (IP blocking). No limit.
  • Time-to-Mitigate (start of mitigation) within 5 seconds after an attack is detected.
  • IP addressing with a dedicated subnet.
  • DPI. We utilize some DPI elements (as part of DDoS protection) to analyze traffic.
  • Billing. A billing plan is shown in the Gcore Customer Portal.


Advanced protection is a paid service. The cost is determined by your location and the amount of incoming traffic that needs to be filtered. For approximate prices, refer to the DDoS Protection webpage. For an accurate price, you can also contact technical support via chat or email support@gcore.com.


For more information on how to activate Advanced DDoS Protection, please check the article.

Was this article helpful?

Not a Gcore user yet?

Discover our offerings, including virtual instances starting from 3.7 euro/mo, bare metal servers, AI Infrastructure, load balancers, Managed Kubernetes, Function as a Service, and Centralized Logging solutions.

Go to the product page