Belnet DDoS Mitigation - Technical FAQ

What is a distributed denial of service?
How does Belnet DDoS Mitigation work?
What are the possible failures?
What are the three different levels of mitigation service provided by Belnet?
What are the differences between the basic reporting and the advanced reporting?
How do I access the management interface?

Belnet Multi-Factor Authentication (MFA)

What is the Belnet Multi-Factor Authentication (MFA)?
Why the Belnet Multi-Factor Authentication is important?
How to use the Belnet Multi-Factor Authentication for the first time?
How to use the Belnet Multi-Factor Authentication after enrolment?
What to do in case of loss of mobile?
What if my Belnet Personal Login is linked to several organisations?

What is a distributed denial of service?

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.

How does Belnet DDoS Mitigation work?

The service detects the attack, the thresholds are configured for each type of packet (ICMP, IP fragment, TCP SYN, UDP,…).

As the attack can take the shape of a certain type of packet being sent, DDoS Mitigation will drop the packets associated with the attack. For example, with an UDP flood attack, in case of that type of attack, only UDP packet will be dropped.

The response is automatic and fast, there is not delay because servers are located in our Datacenters, cleansing is done “in-line” no need for redirection to a 3rd party.

What are the possible failures?

  • Bandwidth saturation: Network congestion, drop of packet for all traffic.
  • Server resource failure:The server can not answer all the request due to lack of CPU/RAM/…
  • Maximum connection request reached on Firewall:The firewall connection table is full, it can not accept any more request.

What are the three different levels of mitigation service provided by Belnet?

There are 3 flavors of services:

  • Basic: standard configuration ; fixed set of parameters ; no reporting.
  • Tuned: standard configuration ; fine-tuned set of parameters ; basic reporting.
  • Advanced: advanced configuration possible, fine-tuned set of parameters ; advanced reporting.

What are the differences between the basic reporting and the advanced reporting?

  • With the Basic, there is no reporting.
  • With the "Tuned", there are 12 reports per year on demand.
  • For the Advanced, there is 1 report per month and 12 on demand.

How do I access the management interface?

There is no management interface, everything is automatic.

What is the Belnet Multi-Factor Authentication (MFA)?

Multi-Factor Authentication is an electronic authentication method where a user is only granted access to an application or website after successfully providing two or more authentication factors, significantly reducing your organisation's risk of falling victim to cybercrime.

Why the Belnet Multi-Factor Authentication is important?

The main benefit of MFA is that it improves the security of your organisation by requiring your users to identify themselves with more than just a username and password.
By enforcing the use of an MFA factor such as a TOTP that your users have received on their smartphones, you can ensure better protection of user information and sensitive company data.

How to use the Belnet Multi-Factor Authentication for the first time?

Connect your username to an “Authenticator” that support TOTP like: Google Authenticator, Microsoft Authenticator or SaasPass.

  1. Install the authenticator of your choice on your mobile device.
  2. Log in to the Belnet application for which you need the Belnet Personal Login, for instance Dasboard and Reporting.
  3. Select the organisation with MFA and login, as you were used to do before. portal login
  4. After password verification, you will get a new screen:
  5. enrol to TOTP
  6. As you didn’t make the connection yet, select “Enroll to TOTP”.
  7. Authenticate once more with LDAP to create your TOTP seed code.
    select jouw organsatie
  8. A new screen will show a QR code and a TOTP seed:

    QR Code
     
  9. This QR code is unique and is offered just once. As a backup, you may opt to save this QR code (taking a screen shot or a picture). This may be relevant in case you decide not to make the connection with your authenticator app right now.
  10. Open the authenticator app that was installed on your mobile device. Select to add an additional authentication (this depends on the chosen authenticator app, please consult the description of the app) and select the option to scan a QR code to add a new authentication.
  11. You are now ready to use the authenticator to login with MFA with your Belnet personal Login. The Authenticator app will generate codes of 6 to 8 digits that are only valid for a limited amount of time.
  12. Note that it is not possible to use <Back> in your browser to go back to the login screen. Just proceed with step 1 under “Use of MFA after enrolment”. 

How to use the Belnet Multi-Factor Authentication after enrolment?

  1. Log in to the Belnet application for which you need your Belnet Personal Login.
  2. For the authentification, select the version with MFA for your institution.
  3. After password verification, you will get a new screen asking you to provide a Token Code:
    enrol to TOTP
     
  4. Open the Authenticator app, read the Token Code ( 6 to 8 digits) and provide these as an answer on the website of Belnet. Then you are logged in.

What to do in case of loss of mobile?

If your mobile device has been lost or does no longer function, act as follows:

  1. Log in to the Belnet application for which you need your Belnet Personal Login.
  2. For the authentification, select the version with MFA for your institution.
  3. Login, as you were used to do before. After password verification, you will get a new screen asking you to provide a Token Code:
    enrol to TOTP
     
  4. Select “Reset TOTP”. An e-mail will be sent to your mail address, you will see following message on the website: 
    a reset token message
     
  5. Open your mailbox. You will have received following message:
    mail for request of reset of a TOTP
  6. Click on the URL provided, you will be guided to a website that asks you to provide your username:
    Username login
     
  7. After providing your username, you will get following prompt:
  •  
  • message TOTP
  • Follow the procedure “First use of MFA” of this document to re-enrol yourself.

What if my Belnet Personal Login is linked to several organisations?

You’ll then need to set up MFA for each organisation separately in order to obtain a different token per organisation.

 

Access to the DDoS Dashboard and Reporting platform

Did you find this FAQ useful?

Copyright © 2021 Belnet.