| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| en:dpi:dpi_options:opt_ddos:ddos_description [2025/09/23 11:05] – elena.rudich | en:dpi:dpi_options:opt_ddos:ddos_description [2025/09/24 08:04] (current) – [Organic AntiDDoS System] elena.rudich |
|---|
| |
| =====Most Common Forms of Attacks on Telecom Operators===== | =====Most Common Forms of Attacks on Telecom Operators===== |
| - Uplink Channel Overflow | - Inbound Channel Overflow |
| * Amplification attacks (DNS, NTP, UDP flood, and others)\\ Protection: blackholing attacked addresses or applying flowspec on the uplink channel; other protection methods are ineffective. | * Amplification attacks (DNS, NTP, UDP flood, and others)\\ Protection: blackholing attacked addresses or applying flowspec on the uplink channel; other protection methods are ineffective. |
| * BotNet attacks — each bot generates relatively small traffic resembling legitimate traffic, but the aggregate traffic exceeds the capacity of the operator's ingress channels; source address spoofing is not performed (see also item 2)\\ Complication: the target IP for the attack often involves not one address, but up to a thousand addresses\\ Protection: blackholing attacked addresses, flowspec on the uplink channel (for certain traffic types), creating a list of BotNet network addresses and blocking them on SSG (for certain traffic types) | * BotNet attacks — each bot generates relatively small traffic resembling legitimate traffic, but the aggregate traffic exceeds the capacity of the operator's ingress channels; source address spoofing is not performed (see also item 2)\\ Complication: the target IP for the attack often involves not one address, but up to a thousand addresses\\ Protection: blackholing attacked addresses, flowspec on the uplink channel (for certain traffic types), creating a list of BotNet network addresses and blocking them on SSG (for certain traffic types) |
| |
| ====Organic AntiDDoS System==== | ====Organic AntiDDoS System==== |
| The evolution of the DDoS protection solution aims to scrub traffic even before it enters the internet. Deploying SSG AntiDDoS complexes at multiple telecom operators will allow stopping BotNet traffic inside the operator's network. Centralized management via VAS Cloud will enable lightning-fast response to any attacks and leave even the transport channels between operators, IXs, and Data Centers untouched. If an attack is detected on any resource protected by SSG, it is possible to transmit parameters for scrubbing to the operator from which the illegitimate traffic originates. | The evolution of the DDoS protection solution aims to filter malicious traffic even before it enters the internet. Deploying SSG AntiDDoS complexes at multiple telecom operators will allow stopping BotNet traffic inside the operator's network. Centralized management via VAS Cloud will enable lightning-fast response to any attacks and leave the transport channels between operators, IXs, and Data Centers untouched. If an attack is detected on any resource protected by SSG AntiDDoS, it is possible to transmit filtering parameters to the operator from which the illegitimate traffic originates. |
| |
| {{ :en:dpi:dpi_options:opt_ddos:antiddos-2.png?nolink&900 |}} | {{ :en:dpi:dpi_options:opt_ddos:antiddos-2.png?nolink&900 |}} |
