The RETN DDoS Protection suite is a security service designed to protect you from various types of DDoS attacks.
RETN has longstanding experience in providing Internet services and we know DDoS attacks are a major threat to the Global Internet Community and to service availability for customers. To help defend our customers we have developed a set of custom tools to protect the RETN IP network and ensure service quality, stability and availability. We also provide various mitigation solutions, including the industry leading Arbor, to help our customers identify and combat malicious attacks ensuring business continuity.
Each tool can be specifically tailored for your type of business, requirements and ability to conduct analysis of the malicious traffic depending on the DDoS attack specifics. Choose whether to manage your services with standard network security features, included as standard with RETN Internet, or choose from more advanced tools a higher degree of flexibility and effectiveness in terms of DDoS detection and mitigation.
DEFAULT DDOS PROTECTION METHODS INCLUDED AS STANDARD
De-prioritisation of traffic – a self-defence system designed by RETN and deployed over the entire RETN IP network. The system collects information about incoming traffic from edge
routers and identifies potential DDoS attacks aimed at the customer. The malicious traffic
receives lower priority and is dropped in case of traffic overflow, reducing the risk of
congestions and outages. This method is available for all RETN Internet customers and
protects from volumetric attacks.
Remote Triggered Blackhole (RTBH) – standard protection method based on BGP protocol and completely managed by the customer*. The customer autonomously conducts traffic analyses, identifies the direction of the attack (ex. IP-address) and announces it to RETN using blackhole community 9002:666. All the traffic to the announced IP address will be dropped. This method is available for RETN IP Transit customers with the ability to analyse the traffic and protects from volumetric attacks.
*For customers not having a BGP session with us, NOC is available to assist with “blackholing” by request.
PAMIR – in-house designed tool aiming to assist the customers’ analysis of incoming traffic
and DDoS attack direction & identification. With the help of PAMIR the customer is able to determine the type, direction, intensity, and duration of an attack, as well as to track the
history of previous attacks. PAMIR is offered to all RETN IP Transit clients free of charge to assist companies that are unable to analyse traffic on their own.
ADVANCED METHODS OF DDOS PROTECTION
Extended blackhole (eBH) – more selective protection than standard blackholing, leaving legitimate traffic unaffected. There are two models available: blocking of all UDP-traffic going towards the customer (blackhole community 9002:667) or blocking UDP-traffic from “known amplifiers” and fragmented UDP (blackhole community 9002:668). This method protects from volumetric attacks and suits RETN IP Transit customers who have the possibility to analyse their traffic on their own.
FlowSpec – the BGP flow specification enables the customer to fast-track the process of
blocking various DDoS attacks by setting individual filtering rules. The customer analyses the traffic, identifies the type and direction of DDoS attack and transmits filtering rules
(FlowSpec rules) to the RETN routers using BGP protocol. The rules are activated by RETN at
the edge router closest to the customer defined which traffic should be discarded on the
RETN network before heading towards the interface. FlowSpec suits RETN IP Transit
customers who have the possibility to analyse their traffic, and protects from multiple kinds
of DDoS attacks.
DDoS Mitigation service (Arbor based solutions) – the highest level of DDoS protection, introduced by a flexible self-learning system, the market leader for analysis and filtering of DDoS attacks. The service powered by Netscout Arbor equipment enables the diversion of traffic to the closest scrubbing devise returning only the non-attack traffic to the customer. The Arbor solution will suit all RETN Internet customers and protects from multiple kinds of DDoS attacks up to application level. We offer three options to choose from depending on technical competence, business type and requirements:
-> Arbor Go (Automatic Mitigation, calculated per minutes of mitigation)
-> Arbor Premium (Automatic Mitigation, unlimited use)
-> Arbor Lite (Self-Initiated Mitigation)
Effective protection against different types of DDoS attacks: volumetric, protocol and application attacks
Basic protection offered as standard to ensure uninterrupted performance of the RETN network
Unique in-house designed tool to analyse incoming traffic (PAMIR) available for all customers by default
Possibility to deploy multiple security features simultaneously to achieve required protection level
Industry leading comprehensive solutions for critical networks and customers withthe highest standards of service availability: Gaming and Media Customers, Bankstructures, CDN and Carriers
Manageable methods for traffic filtering and blocking, such as FlowSpec rules and Arbor solutions
Automated detection and mitigation solutions powered by scrubbing centres located in Europe, Asia and Russia
Available at over 800 PoPs on-net worldwide