Standard methods of DDoS protection provided by default
- De-prioritisation of traffic – a self-defence system designed by RETN and deployed over the entire RETN IP network. The system collects information about incoming traffic from edge routers and identifies potential DDoS attacks aimed at the customer. The malicious traffic receives lower priority and is dropped in case of traffic overflow, reducing the risk of congestions and outages. This method is available for all RETN Internet customers and protects from volumetric attacks.
- Remote Triggered Blackhole (RTBH) – basic protection method based on BGP protocol and completely managed by the customer*. The customer autonomously conducts traffic analyses, identifies the direction of the attack (ex. IP-address) and announces it to RETN using blackhole community 9002:666. All the traffic to the announced IP-address will be dropped. This method is available for RETN IP Transit customers with ability to analyse the traffic and protects from volumetric attacks.*For customers not having a BGP session with us, NOC is available assisting with “blackholing” by request.
- PAMIR –in-house designed tool aiming to assist the customers’s analysis of incoming traffic and DDoS attack direction & identification. With the help of PAMIR the customer is able to determine the type, direction, intensity, and duration of an attack, as well as to track the history of previous attacks. PAMIR is offered to all RETN IP Transit clients free of charge and works best for those companies unable to analyse their traffic on their own.
Advanced methods of DDoS protection
- Extended blackhole (eBH)– a more selective protection than standard blackholing, leaving legitimate traffic unaffected. There are two models available: blocking of all UDP-traffic going towards the customer (blackhole community 9002:667) or blocking UDP-traffic from “known amplifiers” and fragmented UDP (blackhole community 9002:668). This method protects from volumetric attacks and suits RETN IP Transit customers who have the possibility to analyse their traffic on their own.
- FlowSpec – the BGP flow specification enables the customer to fast-track the process of blocking various DDoS attacks by setting individual filtering rules. The customer analyses the traffic, identifies the type and direction of DDoS attack and transmits filtering rules (FlowSpec rules) to the RETN routers using BGP protocol. The rules are activated by RETN at the edge router closest to the customer defined which traffic should be discarded on the RETN network before heading towards the interface. FlowSpec suits RETN IP transit customers who have the possibility to analyse their traffic, and protects from multiple kinds of DDoS attacks.
- DDoS Mitigation service (Arbor based solutions) – the highest level of DDoS protection, introduced by a flexible self-learning system, the market leader for analysis and filtering of DDoS attacks. The service powered by Netscout Arbor enables the diversion of traffic to the closest scrubbing devise returning only the non-attack traffic to the customer. The Arbor solution will suit all RETN Internet customers and protects from multiple kinds of DDoS attacks up to application level. We offer three options to choose from depending on technical competence, business type and requirements:
- -> Arbor Go (Automatic Mitigation, calculated per minutes of mitigation)
- -> Arbor Premium (Automatic Mitigation, unlimited use)
- -> Arbor Lite (Self-Initiated Mitigation)
To request more information about RETN DDoS protection services, please get in touch with our international team.
Service Features and Benefits
- Effective protection against different types of DDoS attacks: volumetric, protocol and application attacks
- Basic protection offered as standard to ensure uninterrupted performance of the RETN network
- Unique in-house designed tool to analyse incoming traffic (PAMIR) available for all customers by default
- Possibility to deploy multiple security features simultaneously to achieve required protection level
- Industry leading comprehensive solutions for critical networks and customers with the highest standards of service availability: Gaming and Media Customers, Bank structures, CDN and Carriers
- Manageable methods for traffic filtering and blocking, such as FlowSpec rules and Arbor solutions
- Automated detection and mitigation solutions powered by scrubbing centres located in Europe, Asia and Russia
- Available at over 300 PoPs on-net worldwide