How it works
How it works
For all of our equipment, essential free protection is enabled by default. The system protects against volumetric and amplification attacks, but more sophisticated attacks may bypass the basic protection. We block the attacked IP address for a set period of time to protect the infrastructure and other servers from outages.
However, you can also purchase Advanced DDoS protection. This option redirects traffic to the threat mitigation system (TMS) during an attack, which aids in traffic filtering and threat detection. This system detects an attack, filters attack traffic, and allows only legitimate traffic that does not impact the server’s operation. You can configure TMS’s ACL (access control list). The main benefit is that a server’s IP address is not blocked during an attack, and the server remains operational. Advanced DDoS protection is currently available for bare metal servers.
Advanced protection advantages
Here at Gcore, we provide basic protection to all customers, and it is enabled by default. If you want to activate advanced protection, please visit this article. For advanced protection, the option would be in “always on” mode. With “always on”, your traffic goes through the TMS all the time, even when there is no attack. This protection immediately responds to an attack and ensures that only good traffic is sent to your server. There are some advantages of getting advanced protection, like:
- Improved defense against volumetric (L3), protocol (L4), and application (L7) attacks help to reduce or eliminate the disruptive effects of DDoS attacks without interrupting uptime.
- In the event of an attack, a higher blocking threshold or no blocking at all (depending on the billing plan).
- Instant reaction to an attack. The protection detects an attack in under three seconds.
- Lower trigger threshold. Smaller volume attacks are detected.
Additional key features
- Clean Traffic Limit. This will depend on the location.
- Black hole threshold (IP blocking). No limit.
- Time-to-Mitigate (start of mitigation) within 5 seconds after an attack is detected.
- IP addressing with a dedicated subnet.
- DPI. We utilize some DPI elements (as part of DDoS protection) to analyze traffic.
- Billing. A billing plan is shown in the Gcore client control panel.
Advanced protection is a paid service. The cost is determined by your location and the amount of incoming traffic that needs to be filtered. For approximate prices, refer to the product page. For an accurate price, you can also contact technical support.
For more information on how to activate Advanced DDoS Protection, please check this article.