DDoS Protection

Advanced and comprehensive anti DDoS solutions, guarding against network and application layer attacks as an ‘Always-on’ or ‘On-demand’ service.

Contact a security expert

One of the hardest cyber security threats to protect against is distributed denial of service (DDoS) attacks. According to a report by Kaspersky Lab, a single DDoS attack can cost a business its reputation, customers and over £1.2 million.

4D have partnered with Voxility, an industry leading DDoS mitigation specialist, to deliver a seamless anti DDoS service to 4D Colocation, Cloud and Connectivity customers; allowing you to deploy successful defences against damaging attacks.

What is 4D DDoS protection?

4D DDoS Protection is an advanced, in-line anti DDoS solution that can be deployed either as an ‘always on’ or ‘on demand’ service depending on whether you want pro-active mitigation or a responsive solution to an on-going attack.

Once deployed, 4D DDoS Protection provides comprehensive protection against network and application layer attacks with protection for Layer-2, Layer-3, Layer-4 and Layer-7 as well as zero-day attacks.

Highlights:

  • Delivered in-line for your existing network services
  • Low flat monthly cost depending on the number of attacks per month and level of protection requirement
  • Protection of layer-2, layer-3, layer-4, layer-7 and zero-day attacks up to 1.2 Tbps
  • No additional bandwidth charges with protection of traffic up to existing CDRs and port speeds

DDoS protection details

Our protection inspects layers 2, 3, 4 and 7, which are all layers that are relevant to be inspected. We have implemented anti-spoof for TCP (layer 3) to HTTP bots (layer 7). These are just examples and 4D DDoS Protection works with any type of DDoS attack, any application, any type of content.

The protection is optimised to block almost all known attacks; if a new pattern of attack is not filtered, our DDoS engineers adjust the protection systems.

If layer 7 filtering is also activated (reverse proxy), when you receive an attack towards a web server port 80 or port 443 (if the SSL certificate has been provided and active on the reserve proxy), the content of the site is cached by DDoS filter. Only non-cached filtered traffic will reach your servers.

DDoS platform solutions

The dynamic solution (machine learning)

  • Performed during Layer 7 filtering
  • Uses behavioural identification / progressive challenge algorithm to determine whether an IP is dangerous or not
  • The output is used to populate the blacklist

IP Blocking

  • Performed on the network border through ACL’s, configurable at customer request.
  • Performed within the 4D DDoS Protection platform

Blacklist/Whitelist

  • The blacklist is populated by dynamic solution technique and any entry is removed automatically
  • Performed within the 4D DDoS Protection platform
  • The whitelist is applied to bypass behavioural identification

TCP/UDP Generic Inspection & Filtering

  • TCP/UDP filtering is achieved through ACLs and building inclusive/exclusive firewalls
  • Performed within the 4D DDoS Protection platform
  • Built with the standard communication in peer-to-peer, client-server, server-client relationships
  • Deviation from the standard communication will trigger filtering

Deep Packet Inspection

  • Performed within the 4D DDoS Protection platform
  • Both header and body of the packet are inspected in order to determine if the traffic is safe
  • Keeps track of frequency of the message being sent

Common types of attack we filter

  • IP non-existing protocol attack such as Flood with IP packets with reserved values in protocol field
  • Attack with fragments such as sending mangled IP fragments with overlapping, over-sized payloads to the target machine
  • ICMP attacks such as: ICMP Flood, Smack, Smurf attack
  • IGMP attacks such as: IGMP flood
  • TCP attacks such as: SYN Flood, SYN-ACK Flood, ACK Flood, FIN Flood, RST Flood, TCP ECE Flood, TCP NULL Flood, TCP Erroneous Flags Flood, TCP Xmas, Fake Session, SRC IP Same as DST IP
  • UDP attacks such as: General Random UDP Floods, Fraggle, DNS query, DNS Amplification (+DNSSEC), NTP Amplification, SNMPv2, NetBIOS, SDP, CharGEN, QOTD, BitTorrent, Kad, Quake Network Protocol, Steam Protocol
  • HTTP attacks such as: Slowloris (Apache / IIS Attack), R-U-Dead-Yet (RUDY), HTTP Object Request Flood
  • Other category attacks such as:  Misused Application Attack, Slow Read attack

Get expert advice

Get in Touch

24/7 UK Support

We offer 24/7 support from our team of highly qualified Sussex and Surrey-based engineers as standard. So, when you need help we’re immediately available on the phone, by email or through our online ticketing system.

 

Find out more