DDoS protection: how protection works, tariffs, activation, deactivation

DDoS protection is a service that protects your servers and instances from DDoS attacks.

How it works
Advanced protection modes
Tariffication
How to order service
How to deactivate service
 

How it works

Basic (free) DDoS protection is set up on all of our equipment by default. When a server or an instance is attacked, the system blocks its IP so the attacker cannot continue the attack. The server does not suffer, but it becomes unavailable for several hours.

You can order advanced (paid) DDoS protection. It redirects traffic to TMS (threat mitigation system — a system for cleaning traffic and detecting threats) during an attack. This device detects an attack, cleans up the traffic, and sends to the server only data that will not harm it. You can set the ACL (access control list) for TMS. The main advantage is that IP is not blocked during an attack, and the server remains available.

Advanced protection can operate in one of two modes: always-on or on-demand.

Advanced protection modes

With on-demand, traffic passes through the TMS only during an attack. The system needs about a minute to identify the threat and start redirecting traffic to the TMS. The server will receive "dirty" traffic during that time and cleaned traffic — after.

With always-on, your traffic passes through the TMS all the time, even when there is no attack. With this protection mode, the response to the attack will be instant and the server will be guaranteed to receive only clean traffic.

 

Improved protection

Basic protection

On-demand

Always-on
Payment

Paid

Paid Free

How soon it
recognizes an attack (maximum time)

2 minutes

 

5 second

 

3 minutes

 

What attacks it protects from 














• Standard amplification attacks

Attacks from fake
IP addresses

Attacks using flows or volumetric attacks (L3)

Attacks to establish
a connection (L4)







Standard amplification attacks

Attacks from fake
IP addresses

Attacks using flows or volumetric attacks (L3)

Attacks to establish
a connection (L4)

Attacks at the application layer (L5-L7)



Standard amplification attacks

Attacks from fake
IP addresses












Protection mechanism 









1. Attack detected

2. Traffic is redirected
to TMS

3. TMS cleans up traffic

4. TMS sends cleaned traffic to the server


1. All traffic passes through TMS

2. When attacked,
TMS immediately
cleans up the traffic

3. TMS sends cleaned traffic to the server

 

1. Attack detected

2. The attacked IP
is blocked for a while





 

What cases it is suitable for 








You are rarely
attacked

You are not attacked
at the application
layer (L7)

The server does not host a critical business application

You are attacked
from 2-3 times a day

You are attacked
at the application
layer (L7)

The server hosts
a critical business application

You are practically
not attacked

The server does not host a critical business application





 

Tariffication

 The price of a DDoS protection service depends on three things:

  • OSI layers to be protected. Two ranges are available: L3-L4 and L3-L 7, the first option is cheaper.
  • The bandwidth that will be used by TMS to send traffic to the server. Several options are available: 1 Mbps, 10 Mbps, 100 Mbps, 200 Mbps, 500 Mbps, 1 Gbps, 2 Gbps, 10 Gbps. The lower the bandwidth is, the cheaper the tariff is.
  • The region where the server is located. Prices vary from location to location, please send a request for service and we will tell you the price of DDoS protection in a particular data center.

The price does not depend on the choice of on-demand or always-on protection mode but remember: always-on is available at L3-L7 protection layers, and on-demand is available only at L3-L4.

We are also considering the possibility of providing a tariff with individual conditions: describe protection parameters you are interested in and we will be happy to discuss an individual offer for you.

How to order service

DDoS protection is provided for instances or baremetal servers of Cloud and dedicated servers of Hosting. We can also provide protection for your, third-party equipment (not related to us).

To order protection for a rented server/instance, send the request to technical support via the chat in the lower right corner of the screen. Please note: the main IP of the server will be changed after we set up the protection. Specify in your request:

  • Server ID
  • OSI layers to be protected (L3-L4 or L3-L7)
  • Protection mode (on-demand or always-on)
  • Bandwidth
  • Whitelist and blacklist of IP (optional, you can send it later)

To order protection for a third-party server, fill out an application at the bottom of the Server DDOS protection section of our website. Specify in the application:

  • You contacts
  • Location of your equipment
  • Subnet of your equipment
  • Whitelist and blacklist of IP (optional, you can send it later)

To rent a new dedicated server of Hosting with DDoS protection, select the configuration of the server in the Dedicated servers section of our website and fill out an application at the bottom of the page. Specify in it:

  • Server configuration
  • OSI layers to be protected (L3-L4 or L3-L7)
  • Protection mode (on-demand or always-on)
  • Bandwidth
  • Whitelist and blacklist of IP (optional, you can send it later)

To rent a new instance or baremetal server of Cloud with DDoS protection, write to technical support via the chat in the lower right corner of the screen. In the message, indicate that you need equipment with DDoS protection.

The service is currently available in not all data centers. Locations, where we provide DDoS protection, are indicated on our website in the “Protecting servers around the world” section. They can be viewed as a map or a list. Before making an application, check if the data center you need is on the site.

mceclip0.png    mceclip1.png

How to deactivate service

To deactivate protection on the server, write to technical support — we will stop the service. Please note: the main IP of the server will be changed after deactivation.

Was this article helpful?
Recently viewed articles