What is a distributed denial of service?
How does Belnet DDoS Mitigation work?
What are the possible failures?
What are the three different levels of mitigation service provided by Belnet?
What are the differences between the basic reporting and the advanced reporting?
How do I access the management interface?
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.
The service detects the attack, the thresholds are configured for each type of packet (ICMP, IP fragment, TCP SYN, UDP,…).
As the attack can take the shape of a certain type of packet being sent, DDoS Mitigation will drop the packets associated with the attack. For example, with an UDP flood attack, in case of that type of attack, only UDP packet will be dropped.
The response is automatic and fast, there is not delay because servers are located in our Datacenters, cleansing is done “in-line” no need for redirection to a 3rd party.
- Bandwidth saturation: Network congestion, drop of packet for all traffic.
- Server resource failure:The server can not answer all the request due to lack of CPU/RAM/…
- Maximum connection request reached on Firewall:The firewall connection table is full, it can not accept any more request.
There are 3 flavors of services:
- Basic: standard configuration ; fixed set of parameters ; no reporting.
- Tuned: standard configuration ; fine-tuned set of parameters ; basic reporting.
- Advanced: advanced configuration possible, fine-tuned set of parameters ; advanced reporting.
- With the Basic, there is no reporting.
- With the "Tuned", there are 12 reports per year on demand.
- For the Advanced, there is 1 report per month and 12 on demand.
There is no management interface, everything is automatic.