Implementation: keep on the safe side!

Protection levels

Any effective protection against DDoS attacks needs to cover every level that might be targeted. DDoS-Guard does this in the following ways:

Bandwidth: Traffic Analyzer & Filter

Threat posed by high bandwidth and a large number of packets.

Analysis of incoming packets in terms of protocol and port and at the IP level (source/destination) provides protection.
Special logic for recognizing attacks.
Automatic and manual filters.

SYN flood: SYN Blocker

Threat posed by a large number of SYN requests from "spoofed" IP addresses.

The automatic SYN Blocker provides protection by only passing on confirmed clients to the server.
This level functions completely automatically and complies with all RFCs.

Application: Request Analyzer & Filter

Threat posed by taking advantage of system and program errors or by penetrating URLs requiring large amounts of CPU.

The Request Analyzer & Filter provides protection through a special logic for identifying potential attacks and by blocking sources or URLs.

The TCP-Session Rate Limiter allows to either limit maximum concurrent sessions or maximum new sessions per second - these values can be configured for both the entire protected server or per client IP. This automatically blocks malicious clients.

Guardian: Hacker offers to shut Putin's website

In the spirit of the free market computer hackers in Russia have put their services up for sale, offering to "take out" any website for a price. more ...


	Protection Levels \| Admin Interface \| Redirect Mode \| VLAN + MPLS \| DDoS-Guard data sheet


	Carrier and Provider \| Key Accounts \| eGovernment \| System Integrator