API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Cloud
Cloud
Overview
Overview
Activate and manage you eSIMGetting online in China
Troubleshooting
Account types and permissionsPackagesQuality of Service
Quotas
Create a project
User rolesAdd a userManage accessView user actions
Statistics
About Resource reservation
CreateCustomize initial setupCheck the statusEnable root user
Connect via Customer Portal
Configure and manage SSH keysConvert an SSH key to PPK formatEstablish SSH connection to an instance
OverviewConfigure
OverviewCreate and configure
Monitor
Take a snapshot of your file systemSet up automatic snapshots
SSH connection
About bare metal serversCreate a bare metal serverConnect to your bare metal server via SSH
SSH connection
About Advanced DDoS Protection for bare metal serversActivate Advanced DDoS Protection for bare metal servers
OverviewUpload
NetworkSubnetworkRouter
Floating IP addressReserved IP addressVirtual IP addressDifference between virtual, floating, and reserved IP addressesAllowed address pair
Create load balancerManage load balancerLoggingAnnotations
Firewall
OverviewConfigure
OverviewBare Metal support
Create
SSH connectionkubectl
OverviewChange limitsCreate a pool
Add users with limited rights to a Kubernetes cluster
Monitor load on a specific node
OverviewInstall nginx ControllerUse nginx Controller
Create a PVC and bind it to a podConfigure NFS CSI driver for Kubernetes
Annotations for Load Balancers
Manage PostgreSQL serversBackup and restore
Upload a PKCS12 file
OverviewCreate an AI ClusterVirtual vPOD
Function as a ServiceAuthenticate to functions with API keysFunction examples
Manage containersDeploy via GitHub actions
OverviewConfigure
FilebeatFluent BitLogstash
Prometheus exporter
TerraformBilling
Set up a mailing server
API
Chosen image
Home/Cloud/Bare metal servers/Advanced DDoS protection/About Advanced DDoS Protection for bare metal servers

About advanced DDoS Protection for bare metal servers

How it works

For all of our equipment, basic free protection is enabled by default. The system protects against volumetric and amplification attacks, but more sophisticated attacks may bypass the basic protection. We block the attacked IP address for a set period of time to protect the infrastructure and other servers from outages.

However, you can also purchase Advanced DDoS protection. This option redirects traffic to the threat mitigation system (TMS) during an attack, which aids in traffic filtering and threat detection. This system detects an attack, filters attack traffic, and allows only legitimate traffic that does not impact the server’s operation. You can configure TMS’s ACL (access control list). The main benefit is that a server’s IP address is not blocked during an attack, and the server remains operational. Advanced DDoS protection is currently available for bare metal servers.

Advanced protection advantages

Here at Gcore, we provide basic protection to all customers, and it is enabled by default. If you want to activate advanced protection, please visit this article. For advanced protection, the option would be in "always on" mode. With "always on", your traffic goes through the TMS all the time, even when there is no attack. This protection immediately responds to an attack and ensures that only good traffic is sent to your server. There are some advantages of getting advanced protection, like:

  • Improved defense against volumetric (L3), protocol (L4), and application (L7) attacks help to reduce or eliminate the disruptive effects of DDoS attacks without interrupting uptime.
  • In the event of an attack, a higher blocking threshold or no blocking at all (depending on the billing plan).
  • Instant reaction to an attack. The protection detects an attack in under three seconds.
  • Lower trigger threshold. Smaller volume attacks are detected.

Additional key features

  • Clean Traffic Limit. This will depend on the location.
  • Black hole threshold (IP blocking). No limit.
  • Time-to-Mitigate (start of mitigation) within 5 seconds after an attack is detected.
  • IP addressing with a dedicated subnet.
  • DPI. We utilize some DPI elements (as part of DDoS protection) to analyze traffic.
  • Billing. A billing plan is shown in the Gcore Customer Portal.

Pricing

Advanced protection is a paid service. The cost is determined by your location and the amount of incoming traffic that needs to be filtered. For approximate prices, refer to the DDoS Protection webpage. For an accurate price, you can also contact technical support via chat or email support@gcore.com.

Activation

For more information on how to activate Advanced DDoS Protection, please check the article.

Was this article helpful?

Not a Gcore user yet?

Discover our offerings, including virtual instances starting from 3.7 euro/mo, bare metal servers, AI Infrastructure, load balancers, Managed Kubernetes, Function as a Service, and Centralized Logging solutions.

Go to the product page
Edit on GitHub