Standard methods of DDoS protection provided by default
- Deprioritisation of traffic – a self-defence system designed by RETN and implemented over RETN’s entire network. The system gathers information about incoming traffic from edge routers and identifies potential DDoS attacks aimed at the client. The malicious traffic receives lower priority and is dropped in case of traffic overflow. This method is available for all RETN Internet clients and protects from volumetric attacks.
- Blackhole – basic protection method based on BGP protocol. The client conducts analyses, identifies the direction of the attack (ex. IP-address) and announces it to RETN using blackhole community 9002:666. All the traffic to the announced IP-address is dropped. This method is available for RETN IP Transit clients able to analyse their traffic and protects from volumetric attacks.
- Pamir –in-house designed instrument aiming to assist the client’s analysis of incoming traffic and DDoS attack direction & identification. With the help of Pamir the client is able to determine the type, direction, intensity, and duration of an attack, as well as to track the history of previous attacks Pamir is offered to all RETN IP Transit clients and is suitable for those unable to analyse their traffic on their own.
Advanced methods of DDoS protection
- Extended blackhole – a more selective method of detection and blocking of DDoS attacks than standard blackholing. There are two working modes available: blocking of all UDP-traffic going towards the client (blackhole community 9002:667) or blocking only of UDP-traffic from “known amplifiers” and fragmented UDP (blackhole community 9002:668). This method protects from volumetric attacks and is suitable to RETN IP Transit clients who are able to analyse their traffic.
- FlowSpec – a type of protection that enables the client to fast-track the process of blocking various DDoS attacks by individual filtering rules. The customer analyses the traffic, identifies the type and direction of DDoS attack and transmits filtering rules (FlowSpec rules) to RETN’s routers using BGP protocol. The rules are activated by RETN at the edge router closest to the client. FlowSpec is suitable for RETN IP transit clients able to analyse their traffic and it protects from multiple kinds of DDoS attacks.
- Arbor – a flexible self-learning system for analysis and filtering of DDoS attacks, developed by Arbor Networks. Arbor Peakflow SP analyses the client’s traffic that should be protected and when a DDoS attack is detected directs the traffic to Arbor TMS that filters it and lets only non-malicious traffic through to the client. Arbor solution will suit all RETN Internet clients, protecting from multiple kinds of DDoS attacks up to application level.
Service Features and Benefits
- Effective defence against different types of DDoS attacks: volumetric, protocol and application attacks
- Possibility to deploy one or a number of measures to achieve required protection level
- Manageable methods for traffic filtering and blocking, such as FlowSpec rules and Arbor solution
- Effective comprehensive solutions for customers with the highest standards of service availability: Gaming and Media Customers, Bank structures, CDN and Carriers.
- Basic protection offered as standard across RETN’s network
- Unique in-house designed tool to analyse incoming traffic (Pamir)
- Available at over 180 PoPs on-net worldwide