Between the ever-changing nature of cyber threats and increasing volumetric attacks against networks and applications, a Managed DDoS service is vital.
A DDoS (Distributed Denial of Service) attack, either in high-volume flood or stealthy application layer form, may overwhelm your company’s links, making them unusable and stopping traffic from reaching its intended destination. Your business needs access to emails, applications and cloud and, as such, operators can’t afford to compromise on their connectivity.
With this in mind, we’ve introduced the Vox Managed DDoS service – based on the NetScout Arbor Product Suite.
Our Managed DDoS allows you to effectively detect and remove DDoS threats and mitigate attack vectors with multiple options, including:
Meaning an attack can be stopped before it even reaches your South African server.
Cleans DDoS attack traffic before it reaches South Africa.
Cleans local DDoS attack traffic before it impacts your business.
With our Managed DDoS Service, zero operator intervention is required.
To understand the impact, duration and type of attack you’re facing.
Solutions can be tailored according to your business and application service requirements.
Optional integration into the Vox SIEM with proactive notifications for those in the Vox SIEM.
A common form of cyber attack is still a DOS or DDOS attack. These attacks cause service interruptions and can stop a business from transacting. Attacks can target specific web applications used by businesses, like online retail, online services or any online presence used by business to generate income. It can also stop emails and other applications from working both in and outside the company. Solutions like TMS scrubbing clear out the attack data and allow clean traffic through – while last resort solutions, like blackholing, kills all traffic while an attack is happening but takes the load off your Firewall.
Vox offers a kill all, blackhole service, FlowSpec mitigation of a specific application attack or TMS scrubbing that filters out the “bad” traffic and allows only “good” traffic to reach its destination. This can be offered locally or internationally, for traffic coming from off shore.
Yes – because the TMS is charged per Mbps of clean traffic, you could opt to choose that during an attack only 50Mpps of clean traffic will be allowed through, even though you might have a 100MB or 1GB link. This allows you to function during an attack even if it’s at a reduced capacity.
Blackhole mitigation can be chosen by customer in AS or /24 Prefix. This option is used in an attack as a last resort or cheaper option as all the traffic during an attack is sent to a “blackhole” where the traffic is killed. This kills all data to the client while saving the infrastructure from having to stop the attack.
Flowspec mitigation can be chosen by customer in AS or /24 Prefix. It works like an access list on the network, dropping packets from the attack to a specific targeted system. For example – if a DDoS attack is aimed at your web server on port 443 and has a specific source address or address range, it’s possible to enable Flowspec to drop the traffic to your web server by source and destination.