Technologies or «How our DDoS protection works»
You don't often hear about DDoS attacks, as only incidents involving large websites are known. It may seem that such attacks are rare in our time. But this is not at all the case. According to the data of the past year, every sixth company was subjected to DDoS attacks.
StormWall has its own security system. First of all, the attack is instantly opened using a specialized DDoS sensor. In the event of an attack, traffic is redirected, and it enters the informational traffic already cleared. After repelling the attack, the system continues to operate as usual. The client receives automatic notifications about the beginning and end of the attack. An additional check for false positives is provided.
Triple Filter: triple traffic cleaning
All traffic passing towards your server is cleaned in three places:
Over 100 edge routers spread all over the world are set up to discard traffic that should not reach you by definition. This layer of protection makes our clients resistant to 100+ Gbit attacks, because TCP and UDP amplification is completely blocked on this layer.
Most part of TCP/UDP flood is blocked on this layer. Thanks to using hardware filtering appliances, extremely high packet processing speeds are reached. Filtering network is built in a way to evenly distribute load on several hardware filtering appliances.
Thin filtering layer where the most complex and smart attacks are blocked, including bot attacks. For HTTP traffic, this layer includes BanHammer HTTP filtering system.
Our FlowSense system constantly monitors all data flows coming to your server/website, searches anomalies and automatically determines ongoing attack type.
As a result, automatic adjustment of filtering parameters happens using BGP FlowSpec (RFC 5575) and API of our filtering systems.
BanHammer: HTTP flood filter
BanHammer is our system for filtering HTTP flood precisely tuned on dozens of thousands of real attacks on our clients’ websites. Despite the name, there are no bans - we use intelligent filtering methods based on behavioural and signature analysis.
It made it possible to reduce number of false positives to minimal values as well as maximize percent of filtered flood.
Global Session Technology
Our infrastructure is built catastrophe-resilient, so even a cataclysm leading to outage of one point-of-presence will not lead connection loss. How it is achieved?
Due to our Global Session system, all our filtering points all over the world «know» that client is has connected to your server and in case of unavailability of one of the points traffic will be automatically redirected to another point nearest to the client.
ZeroNAT Tunnels Technology
NAT technology was invented in 1990s to reduce usage of public IP addresses on the Internet. Now it is often use in other purposes. We do not use NAT for our tunnels (or elsewhere in the network).
When you use tunnel to connect protection, you see real IP directly on your server. It helps achieving maximum performance (NAT consumes a lot of resource), reducing latency and avoiding NAT-related problems. Moreover, number of TCP/UDP ports under protection is unlimited!
SpeedRoute: traffic without delays
Traffic from clients to your server via the Internet almost always goes through the cheapest channels, which do not always provide the required level of speed and latency. When you enable StormWall protection, traffic from the filtering point closest to the client to the server is directed through our own leased communication channels between data centers, which provide minimal ping, minimal latency fluctuation and have no shaping.
For example, if your server is in Europe, and your clients are in Russia, the average ping for them will decrease by 3-8ms. We do not save on your traffic!
HyperCache: fast download speed
Your website will load faster with StormWall protection because large files will be automatically cached in RAM of our caching servers and delivered to your clients momentarily! RAM works dozens of times faster then SSD disk, so each website can be speeded up this way.
Also, HyperCache removes most of unnecessary load from your server helping it response faster. HyperCache is absolutely transparent for your website visitors and does not require you to change anything on the website. It does not cache anything unnecessary and is highly tunable for your needs. Even if your server is on another part of planet, your users will load pictures from the nearest point!