The RETN DDoS Protection suite is a security service designed to protect you from various types of DDoS attacks.
RETN has longstanding experience in providing Internet services and we know DDoS attacks are a major threat to the Global Internet and to service availability for customers. To help defend our customers, we have developed a set of tools to protect the RETN IP network and ensure efficiency, stability and availability. We also provide various industry-leading DDoS mitigation solutions, to help our customers get rid of malicious attacks and ensuring business continuity.
Each tool can be specifically tailored for your type of business, requirements and ability to conduct analysis of the malicious traffic depending on the DDoS attack specifics. Choose whether to manage your services with standard network security features, included with any RETN Internet product, or choose more advanced tools with a higher degree of flexibility and effectiveness in terms of DDoS detection and mitigation.
DEFAULT DDOS PROTECTION METHODS INCLUDED AS STANDARD
De-prioritisation of traffic – a self-defence system designed by RETN and deployed over the entire RETN IP network. The system collects information about incoming traffic from edge routers and identifies potential DDoS attacks. The malicious traffic receives lower priority and it is dropped in case of traffic overflow, reducing the risk of congestions and outages. This feature is available for all RETN Internet customers and protects from volumetric attacks.
Remote Triggered Blackhole (RTBH) – standard protection method based on BGP protocol and completely managed by the customer*. The customer autonomously conducts traffic analyses, identifies the direction of the attack (ex. IP-address) and announces it to RETN using blackhole community 9002:666. All the traffic to the announced IP address will be dropped. This method is available for RETN IP Transit customers with the ability to analyse the traffic and protects from volumetric attacks.
*For customers not having a BGP session with us, NOC is available to assist with “blackholing” by request.
PAMIR – in-house designed tool aiming to assist the customers’ analysis of incoming traffic and DDoS attack direction & identification. With the help of PAMIR the customer is able to determine the type, direction, intensity, and duration of an attack, as well as to track the history of previous attacks. PAMIR is offered to all RETN IP Transit clients free of charge to assist companies that are unable to analyse traffic on their own.
ADVANCED METHODS OF DDOS PROTECTION
Extended blackhole (eBH) – more selective protection than standard blackholing, leaving legitimate traffic unaffected. There are two models available: blocking of all UDP-traffic going towards the customer (blackhole community 9002:667) or blocking UDP-traffic from “known amplifiers” and fragmented UDP (blackhole community 9002:668). This method protects from volumetric attacks and suits RETN IP Transit customers who have the possibility to analyse their traffic on their own.
FlowSpec – the BGP flow specification enables the customer to fast-track the process of blocking various DDoS attacks by setting individual filtering rules. The customer analyses the traffic, identifies the type and direction of DDoS attack and transmits filtering rules (FlowSpec rules) to the RETN routers using BGP protocol. The rules are activated by RETN at the edge router closest to the customer defined which traffic should be discarded on the RETN network before heading towards the interface. FlowSpec suits RETN IP Transit customers who have the possibility to analyse their traffic and protects from multiple kinds of DDoS attacks.
DDoS Mitigation service – the highest level of DDoS protection, introduced by a flexible self-learning system, the market leader for analysis and filtering of DDoS attacks. The service enables the diversion of traffic to the closest scrubbing device returning only the non-attack traffic to the customer. The solution will suit all RETN Internet customers and protects from multiple kinds of DDoS attacks up to application level. We offer two options to choose from depending on business type, requirements, and in-house technical capabilities. Our specialists will be happy to help you choose the most suitable option that addresses all your business needs.
Effective protection against different types of DDoS attacks: volumetric, protocol and application attacks
Basic protection offered as standard to ensure uninterrupted performance of the RETN network
Unique in-house designed tool to analyse incoming traffic (PAMIR) available for all customers by default
Possibility to deploy multiple security features simultaneously to achieve required protection level
Industry leading comprehensive solutions for critical networks and customers withthe highest standards of service availability: Gaming and Media Customers, Fin-Tech structures, CDN and Carriers
Manageable methods for traffic filtering and blocking, such as FlowSpec rules and RETN DDoS Mitigation Service
Automated detection and mitigation solutions powered by scrubbing centres deployed across three regions
Available at over 870+ PoPs on-net worldwide