DDoS Protection

by Anexia

DDoS protection in the terabit era


1.7 Tbps – the largest DDoS attack in the world to date was recorded in February 2018; it targeted an American website. This attack brought us squarely into the era of terabit-magnitude DDoS attacks. The scope of DDoS attacks is growing worldwide at an alarming speed; attacks with speeds of 400 Gbps are classified today as almost routine. With attacks of this size, businesses quickly reach the limits of their available bandwidth. At Anexia, we have set ourselves the task of supporting businesses in these circumstances and can now protect you from DDoS attacks with a bandwidth of 2 Tbps. With Anexia DDoS Guard, our comprehensive DDoS solution, we have already successfully repelled the largest attack in Austria to date (700 Gbps) within a very short time.

ManagedHosting__ddos-schutz
Comprehensive protection against DDoS attacks
Comprehensive protection against DDoS attacks

DDoS attacks are becoming ever more comprehensive and more refined, with larger volumes of traffic, the utilization of millions of insecure IoT devices, increased highly distributed attacks and a focus on layer 7. The development of layer 7 attacks is particularly problematic, since these are more difficult to detect. Effectively repelling DDoS attacks thus remains a constant challenge. The attackers work very effectively, continually changing the objectives and methods of attack. This dynamic approach enables them to exploit the new weak spots that constantly emerge in IT systems. You can secure the availability of your servers, services, web applications and infrastructure with our comprehensive and scalable DDoS protection. In addition to protection for layers 3 and 4, we also offer upon request the right protection, tailored to your application, for the applications layer (layer 7) that is increasingly becoming the focus of attacks.

Response in seconds Response in seconds

95% of all attacks are detected by our Anexia DDoS Guard within a very short time and successfully repelled. Users of your infrastructure generally do not notice anything, while damage is limited or avoided altogether. This means that the availability of your services is maintained along with your customers’ satisfaction level – with no harm to your reputation.

Fully automated Fully automated

Our DDoS protection secures web applications, websites, DNS servers and IT infrastructures reliably, comprehensively and fully automatically. Once the DDoS attack has been repelled, you receive a report and an analysis of the attack.

Emergency DDoS protection Emergency DDoS protection

During a DDoS attack, every second counts when it comes to avoiding damage, costs and loss of reputation. We are available for you 24/7 in an emergency and can implement our DDoS solutions without delay. Avoid loss of revenue and reputation – implement our DDoS protection now, before a potential attack occurs.

Anexia DDoS Guard

Anexia DDoS Guard offers a multi-level DDoS solution based on Netscout Arbor DDoS protection, extended with our Anexia technology (developed in-house). The implementation is entirely neutral for the whole of the infrastructure, while the modular design of Anexia DDoS Guard makes it available on all relevant layers (3, 4 and 7). Anexia DDoS Guard integrates seamlessly into all Anexia services, but it can also be used by external customers.

Anexia DDoS Guard
Anexia DDoS Guard
Features
  • Constant monitoring of all incoming data packets directly and in real time
  • 2 Tbps available bandwidth
  • 95% of all attacks are detected and warded off in a matter of seconds
  • Comprehensive protection from DDoS and amplification attacks (UDP, NTP, etc.), TCP-based attacks (SYN and ACK floods and others) and upon request from layer 7 attacks
  • Protection for layers 3, 4 and upon request for layer 7 in the network and Internet infrastructure
  • Geo and IP blocking with IP addresses filtering of certain countries & use blacklists and whitelists for IP addresses
  • Preventative hardening in accordance with our applications and network specialists
  • Fully HTTP/2 capable
  • BGP Flowspec to repel volumetric attacks individually and precisely, as well as wholly automatically, at the routing level
  • 24/7 availability of the Anexia Network Operation Center, including on public holidays
  • IP reputation filter for IP addresses known for DDoS attacks
  • Analysis & Reporting of larger attacks & overview of all attacks within the web interface of the Anexia DDoS Guard
SOME OF OUR CUSTOMERS

Our team has already successfully repelled hundreds of DDoS attacks. Even larger DDoS attacks are not a problem for our infrastructure.

What is a DDoS attack?
What is a DDoS attack?

A distributed denial of service (DDoS) attack is basically intended to compromise the availability of servers, web applications or infrastructure. In such circumstances, requests from ordinary users can no longer be properly processed. In most cases, the attacks are constructed in a very simple way and are easy to understand. A server or web application has a particular load limit below which it can function without problems. The DDoS attack is aimed precisely at this load limit and attempts to exceed it by flooding it with a large number of requests. These requests are executed automatically by bots that are in most cases ordinary computers or other IoT devices that have been infected with malware. Successful attacks result in high and unnecessary costs for a business and the IT infrastructure; they harm not only the course of business but also the brand itself and customer satisfaction.

DDoS attacks can have a variety of different patterns. The commonest recorded are volumetric or flood attacks (e.g. TCP, UDP, ICMP and DNS amplification). These attacks occur on the network layers (OSI) 3, 4 and 7. The objective of volumetric attacks can be to fully utilize the available bandwidth of a server or to overload the system (e.g. ping flood, SYN flood, UDP flood). Volumetric attacks can be detected relatively simply and quickly by a DDoS protection solution.

Less frequently, DDoS are reported on the applications layer. With these attacks, weak points in an application are deliberately sought out and attacked. Again, the aim is to overload the resources and to interfere with access to services or web applications. Such attacks are less frequent and are significantly more costly for the attacker. In turn, they are more refined and harder to detect. In such cases a web server might, say, be overloaded with a large number of supposedly legitimate, resource-intensive requests.

Our sophisticated solution offers you optimal protection against DDoS attacks of all types, thereby securing the availability of your services, web applications and servers.

Many years of experience
2 Tbps bandwidth
Protection for layers 3, 4 and 7
24/7 availability
Emergency support
You might also be interested in:
Virtual Firewall
Virtual Firewall
More
Web Application Firewall
Web Application Firewall
More
Virtual Server
Virtual Server
More
Load Balancing
Load Balancing
More
Your message to us
Attachment :
Your message to us
Attachment :
sosEmergency