WHY YOU NEED DDOS PROTECTION
DDoS attacks are growing in sizes and frequencies and this is projected to increase due to the availability of cloud servers and IoT (Internet of Things) coupled with increase in last mile bandwidth. Reported volumetric attack have exceeded 1Tbps and is set to grow.
At BGP Network we have put in a DDoS network protection service that mitigates these large scale attack with large bandwidth reserve worldwide with a specific focus on China. We are the largest Tier-2 bandwidth provider for traffic into China. In addition, our solutions are present in Asia, North America and Europe to enable us to better intercept DDos attack wherever it might originate.
BGP DDoS Protection Features
- All our POPs are equipped with multiple upstream providers to ensure greater redundancies.
- 4T of total capacity to handle any volumetric attack wherever it might occur.
- 600G traffic specific for China centric routes from 3 main telecom companies, making us one of the preferred Tier-2 providers.
- Block a wide range of DDoS attack, TCP SYN+ACK, TCP FIN, TCP RESET, TCP ACK, TCP ACK+PSH, UDP, ICMP, IGMP, Brute Force, Connection Flood, DNS Flood, Ping of Death, Malformed Header, Reflected ICMP & UDP as well as many others..
- 24 hours x7 days monitoring, our team monitor traffic patterns to predict, identify and intercept large scale attacks if and when it occurs.
- Clarify and classify each issue swiftly and co-operate with Level 2 support team.
- Provide our client with user friendly portal access for live status.
Portal Access shows real-time graph to monitor the traffic condition of your system and attacks as and when it happens.
- Partner with top-tier providers to offer best possible latency and minimal packet loss.
- Work closely with our upstream vendors to ensure any detected issues are resolved in a timely manner.
Protect your servers from DDoS Attacks
Get in touch with our experts to learn what you can do to protect yourself from such attacks in the future! Keep your services running despite potential attacks, and stay available at all times!
To keep your server and your client devices safe, BGP has introduced an infra anti-DDoS construct that provides users with layers of anti-DDoS defense. Through augmented filtering, limiting query quota and the support of early detection + intelligent mitigation solutions, this method is always at hand to provide strong cleanup of your hosted sites and network grids, setting them free from any potential threats.
In action, once a BGP server detects a potential DDoS threat the client will receive a basic IP clean-up and, by demand, an interim nullification rout of malicious IP addresses. Given that our mitigation service is defined as carrier agnostic/neutral, we can redirect your web flow (by BGP configuration) onto BGP’s own global mitigation network for further disinfection without the interference of carrier signal rejection, keeping all of your servers safe and secure without much fuss. Reports are then generated through an intelligent anti-DDoS informative network, completed and supplemented by our partners and collaborators gathered to strengthen our vast resources against any outside threat.
While stopping DDoS attack sounds complicated for many, our DDoS prevention packages are perfectly suitable for any business and IT/security budget and can offer your organization a worthwhile guarantee against a threat that could deprive you of important company resources.
- Broad spectrum DDoS prevention for L3/L4.
- Volumetric cleanup for application layer.
- Mitigation models offered:.
- “Always-On” or “By-Demand”.
- Preventive mitigation (traffic baselining).
- MPLS/VPN Option: Additional security is applied through web traffic direction through MPLS/IP VPN paths, ensuring anonymity and concealing as traffic is transferred from BGP Global Mitigation Network to the customer data center for clean traffic.
- GRE Option: A tunnel system through GRE, setting a safe and secured path within public networks from BGP global mitigation network to the customer data center for clean traffic.
- Internet Direct Option: Web traffic is cleaned and then directed over L3.
BGP Operation Center, in action every hour will monitor every edge routers to detect anomalies in volumetric flows, and provide early warning against threats.
- Early detection and threat warning system users towards L3 and L4 DDoS attacks.
- Netflow, Sflow and Jflow data evaluation.
BGP Flowspec, managed by the BGP Security Operation Center to enable rapid response to threats, creates reports and notifications that is compliant to ACL rules delivery to any network. It neutralizes DDoS attacks by:
- Tight Monitoring: Heavy surveillance and monitoring to predetermined network rates for traffic with permissions.
- Analysis of Strategies: Virtual Routing and Forwarding (VRF) redirection for intricate traffic analysis. Netflow, Sflow and Jflow data evaluation.
BLOCK ANY TYPE OF DDoS ATTACK
- TCP AYN+ACK
- TCP FIN
- TCP RESET
- TCP ACK
- TCP ACK+PSH
- TCP Fragment
- Brute Force
- Connection Flood
- Mixed SYN + UDP or ICMP + UDP Flood
- DNS Flood
- Ping of Death
- Reflected ICMP & UDP
- As well as other attacks