Defending against DDoS attacks
As one of the first datacentres in Germany to combat distributed denial-of-service (DDoS) attacks with a combination of state-of-the-art hardware and software, diva-e experts have accumulated many years’ experience and successfully defended countless attacks. But not every datacentre is technically resourced to provide effective DDoS protection. All network systems must be able to withstand high loads. At First Colo, one of the best connections in the datacentre sector provides the security needed to successfully defend against even large volume attacks.
Our service: Universal DDoS protection
Compared to traditional providers of DDoS protection, we completely secure all your infrastructure. The service includes all protocols as well as all applications and servers inside and outside our datacentres.
Our advanced DDoS defence provides reliable protection using a variety of vectors even during the most demanding attack patterns . For example, we can successfully protect you against the following DDoS attacks:
● Volume-based attacks / Flood attacks (TCP, UDP, ICMP, DNS amplification)
● TCP vulnerability attacks / TCP stack attacks (SYN, FIN, RST, SYN ACK, URG-PSH, TCP flags)
● Fragmentation attacks (Teardrop, Targa3, Jolt2, Nestea)
● Application Attacks (HTTP GET floods, SIP Invite floods, DNS attacks, HTTPS)
Our tools: Cutting-edge protection and bespoke solutions
Universal DDoS protection is an extremely complex issue which needs to be fully explained. Due to the different attack vectors, attack targets and each individual client’s technical requirements, comprehensive and effective defence against DDoS attacks usually requires specific, differing protection solutions. The exact definition, deployment and adjustment of the filter technology is always carried out in close consultation with the client. Assigning protection technology in the best way can be carried out irrespective of the target’s load situation, which needs to be exactly analysed and specified.
The result: Permanent availability of your infrastructure
Incoming traffic is constantly tested for irregularities by different protection filters. In the event of a DDoS attack, our algorithm-based filtering mechanisms can separate contaminated traffic with no delay before it can reach the actual target. In addition to our self-learning filter algorithms, incoming data traffic is monitored around the clock by the diva-e experts in the Security Operation Center (SOC). In this way, your infrastructure is not affected by incoming DDoS attacks. Even during attacks, your applications and services function trouble-free and with no disturbances.
The need for DDoS protection
Every organisation that relies on the internet to generate revenue through its own website or maintain business-critical processes requires DDoS protection. What’s more, any infrastructure, server, and website can potentially be the victim of a DDoS attack thanks to its own external internet connection. Therefore, an anti-DDoS protection solution is essential to ensure the continuous availability of your own infrastructure. As a result, DDoS protection is similar to an insurance policy: It is best if you don't need one – but even better if you have one when something serious happens.
Costs of DDoS protection
In addition to one-off deployment costs, the biggest cost factor is reserving the necessary DDoS protection bandwidth, which must correspond to the volume of attacks on the client's infrastructure. All service packages include a comprehensive range of specific adjustment and coordination options to cover individually defined threats and incorporate a wide range of protection mechanisms against numerous attack patterns. Our DDoS protection solution is easy to understand and can either be operated directly by the client or included as a managed service.