DDoS PROTECTION

Distributed denial of services still remain one of the biggest challenges to any production infrastructure exposed to the internet, Racknation’s experience on this field has produced one of the most stable multi stage mitigation schemes on our spectrum of IAAS in the area, learn why below:

How does it work?

  1. Hacker triggers a botnet attack to an unsuspecting victim

  2. Our inline flow analyzer consumes data via a port mirror, the flow analyzer detects a pattern that seems to indicate an attack is in place, this process takes around 4 to 8 seconds which is the advantage of using a port mirror and not netflow or ipfix sampling patterns which have a greater delay

  3. Inline flow analyzer triggers a BGP routing change in our Edge that sends the traffic that belongs to a specific /24 prefix under attack to Magic Transit DDoS mitigation which takes the bulk of layer 3 and layer 4 attacks

  4. The flow analyzer also triggers flowspec rules on our Edge Juniper devices which injects filtering rules to our routers to block any possible leaks that Magic Transit might produce, this is a great technique with more complex DDoS attacks like carpet bomb attacks which sends traffic to many ip addresses at the same time

  5. As a last step, a RioRey filtering cluster sits between our Core routers and client Edge Routing, RioRey produces a last step inline filtering that cleans any remaining traffic that might have escaped the initial 2 filters ( magic transit + flowspec filtering )

How to implement?

  • All our services can be integrated with our DDoS protection scheme, you can add our advanced DDoS solution to any VPS, Cloud or dedicated server as well as any colocation services you host within Racknation’s two datacenters.

  • All mitigation is transparent and inline for our clients, you can even protect your own ip space via BGP in case of clients with their own ip space or Autonomous system.

  • Installation time is automatic and immediate in case of VPS, Cloud, Dedicated Servers and clients using Racknation’s ip space, in case of clients with their own ip space, setup and implementation might take 48 to 96 hours.

Why is our approach better?

  • Racknation doesn’t rely entirely on a third party provider to react and filter complex DDoS attacks, we operate stage 2 and stage 3 of our filtering completely inhouse, which means our SOC department can react immediately to unexpected situations derived from complex attacks which is a very different approach from our competition which usually only rely on third party’s to provide all mitigation and sanitization of their traffic