Protection modes
Basic protection is on by default at no cost. Advanced protection is a paid add-on that keeps the server online throughout an attack by routing all traffic through the TMS.| Feature | Advanced protection | Basic protection |
|---|---|---|
| Pricing model | Paid | Free |
| Maximum time to recognize an attack | 5 seconds | 3 minutes |
| Attacks it protects from | Common amplification attacks, IP spoofing attacks, volumetric attacks (L3), connection attacks (L4), application-layer attacks (L5-L7) | Common amplification attacks, IP spoofing attacks |
| Protection technology | 1. All traffic passes through TMS. 2. In case of an attack, TMS immediately filters the traffic. 3. TMS sends legitimate traffic to the server. | 1. Attack is detected. 2. The attacked IP is blocked for a while. |
| Best for | Servers attacked frequently, servers attacked at the application layer (L7), servers hosting critical business applications | Servers rarely attacked, servers not hosting critical business applications |
Basic protection
Basic protection is enabled by default for all servers. No action is required.ACL rules
Basic protection uses predefined ACL rules to block the following traffic types:- Reflection attacks: DNS, NTP, SSDP, MSSQL, LDAP, SNMP, CharGen, Memcache, Echo, RIP, ARMS
- Fake source IP attacks:
0/32,127.0.0.0/8,192.0.2.0/24,224.0.0.0/3,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 - Traffic below 200 Mbit/s per destination IP is not protected
Null-routing
When Basic protection detects a DDoS attack, the system temporarily blocks the target IP address. This mechanism is known as null-routing: the server is protected from attack traffic but becomes unreachable from the internet for 1 to 24 hours. To keep the service available during an attack, upgrade to Advanced protection.Advanced protection
Advanced protection routes all traffic through a Threat Mitigation System (TMS) at all times, even when there’s no attack. TMS immediately filters malicious traffic on detection, within 5 seconds, and forwards only legitimate traffic to the server, so the server stays online throughout an attack. To enable Advanced protection, fill out the request form. Our team will review the request and provide a suitable configuration. Setup time is typically 1-3 business days after approval.DDoS attack statistics
The real-time DDoS attack statistics feature provides a live dashboard with an overview of ongoing attacks on protected resources. Filter by data center, time interval, and attack metrics such as bits per second (bps) and packets per second (pps).
Pricing
The price for DDoS Protection depends on three factors:- OSI layers. Two options are available: L3-L4 and L3-L7. L3-L4 protection is more affordable.
- TMS bandwidth. Pricing varies based on the TMS bandwidth used to send traffic to the server. Available options: 1 Mbit/s, 10 Mbit/s, 100 Mbit/s, 200 Mbit/s, 500 Mbit/s, 1 Gbit/s, 2 Gbit/s, 10 Gbit/s. The lower the bandwidth, the lower the price.
- Server location. Prices vary by data center. Contact us and we’ll advise on pricing for a specific location.