Businesses and Internet users alike are faced with a growing number of DDoS attacks. Such security incidents are especially feared since the scope of individual attacks cannot be anticipated. Websites or services being unavailable due to delayed data delivery (or more frequently) timeouts, can result in significant revenue losses. Therefore, it is highly advisable to protect yourself against DDoS attacks.
The InterNetX DDoS Mitigation Service offers this kind of protection. It helps to defuse DDoS attacks, ideally ensuring the continued operation of affected services or websites, while in any case reducing disruptions to a minimum.

Details

InterNetX offers two variants of the DDoS Mitigation service, Basic and Pro.

Both work proactive: attacks are detected in good time and – at the same time – are reduced to a minimum and warded off. Both versions of the DDoS protection are carried out independently from domain and port. Additionally, both services offer inhouse-protection through a mitigation hardware in our own data center.

The advantage of this DDoS protection package: In case of an attack, it's not necessary to adjust the content and DNS settings.

The following overview will help you to find out which DDoS Mitigation service best matches your web project. For an explanation of the terms, please use our DDoS glossary.

DDoS glossary

DoS / DDoS (Distributed Denial of Service)

In a DoS/DDoS attack, the attacker either infects a server system (DoS) or several systems distributed throughout the world (DDoS) and coordinates them to attack a single target. This restricts various backbone operators in their free resources, leading to temporary disruptions or failures in services or websites. In times of the IoT (Internet of Things), the number of DDoS attacks is steadily increasing as many endpoints are inadequately protected and can easily be manipulated for attacks.

Vectors of attack

There are many types of DDoS attacks. Among the best known are so-called "floods". An attempt is made to "flood" the attack target (Origin) with an extremely large number of data packets and make it inaccessible through high bandwidths. The attacks can be carried out by individual attackers (DoS) as well as by several worldwide distributed attackers (DDoS).

Scrubbing center

This is an external data center that is located "near" so-called "Internet POPs" (Point of Presence). The scrubbing center filters the traffic before it reaches the actual data center. This way even high bandwidths can be mitigated.

False/positiv-rate

As soon as a mitigation becomes active, an increased false/positive rate can occur. The reason: "Friendly" traffic is wrongly considered an attack and blocked. DDoS Protection Pro ensures a very low rate through permanent pattern recognition.

Origin protection

Many external DDoS Mitigation/Protection providers have to face the problem that the Origin itself, i.e. the IP of the website, needs to be obfuscated. This is to prevent attackers from bypassing the Origin protection and the attack being conducted around the mitigation. InterNetX, on the other hand, works with Origin protection. The IP itself is mitigated, directly protecting the Origin. The advantage: Content and DNS settings do not need to be adjusted.

IP-renumbering

Many DDoS Mitigation/Protection providers set the IP address of the affected domain to its own IP address to ward off the attack. The disadvantage: As a site operator this makes you dependent on the provider. In addition, there remains the risk of attacking the Origin IP, which is often exposed again by DNS settings such as MX records, etc. InterNetX works without IP renumbering. With InterNetX DDoS Mitigation Services, the IP address remains unchanged.