1.7 Tbps – the largest DDoS attack in the world to date was recorded in February 2018; it targeted an American website. This attack brought us squarely into the era of terabit-magnitude DDoS attacks. The scope of DDoS attacks is growing worldwide at an alarming speed; attacks with speeds of 400 Gbps are classified today as almost routine. With attacks of this size, businesses quickly reach the limits of their available bandwidth. At Anexia, we have set ourselves the task of supporting businesses in these circumstances and can now protect you from DDoS attacks with a bandwidth of 2 Tbps. With Anexia DDoS Guard, our comprehensive DDoS solution, we have already successfully repelled the largest attack in Austria to date (700 Gbps) within a very short time.
DDoS attacks are becoming ever more comprehensive and more refined, with larger volumes of traffic, the utilization of millions of insecure IoT devices, increased highly distributed attacks and a focus on layer 7. The development of layer 7 attacks is particularly problematic, since these are more difficult to detect. Effectively repelling DDoS attacks thus remains a constant challenge. The attackers work very effectively, continually changing the objectives and methods of attack. This dynamic approach enables them to exploit the new weak spots that constantly emerge in IT systems. You can secure the availability of your servers, services, web applications and infrastructure with our comprehensive and scalable DDoS protection. In addition to protection for layers 3 and 4, we also offer upon request the right protection, tailored to your application, for the applications layer (layer 7) that is increasingly becoming the focus of attacks.
95% of all attacks are detected by our Anexia DDoS Guard within a very short time and successfully repelled. Users of your infrastructure generally do not notice anything, while damage is limited or avoided altogether. This means that the availability of your services is maintained along with your customers’ satisfaction level – with no harm to your reputation.
Our DDoS protection secures web applications, websites, DNS servers and IT infrastructures reliably, comprehensively and fully automatically. Once the DDoS attack has been repelled, you receive a report and an analysis of the attack.
During a DDoS attack, every second counts when it comes to avoiding damage, costs and loss of reputation. We are available for you 24/7 in an emergency and can implement our DDoS solutions without delay. Avoid loss of revenue and reputation – implement our DDoS protection now, before a potential attack occurs.
Anexia DDoS Guard offers a multi-level DDoS solution based on Netscout Arbor DDoS protection, extended with our Anexia technology (developed in-house). The implementation is entirely neutral for the whole of the infrastructure, while the modular design of Anexia DDoS Guard makes it available on all relevant layers (3, 4 and 7). Anexia DDoS Guard integrates seamlessly into all Anexia services, but it can also be used by external customers.
Our team has already successfully repelled hundreds of DDoS attacks. Even larger DDoS attacks are not a problem for our infrastructure.
A distributed denial of service (DDoS) attack is basically intended to compromise the availability of servers, web applications or infrastructure. In such circumstances, requests from ordinary users can no longer be properly processed. In most cases, the attacks are constructed in a very simple way and are easy to understand. A server or web application has a particular load limit below which it can function without problems. The DDoS attack is aimed precisely at this load limit and attempts to exceed it by flooding it with a large number of requests. These requests are executed automatically by bots that are in most cases ordinary computers or other IoT devices that have been infected with malware. Successful attacks result in high and unnecessary costs for a business and the IT infrastructure; they harm not only the course of business but also the brand itself and customer satisfaction.
DDoS attacks can have a variety of different patterns. The commonest recorded are volumetric or flood attacks (e.g. TCP, UDP, ICMP and DNS amplification). These attacks occur on the network layers (OSI) 3, 4 and 7. The objective of volumetric attacks can be to fully utilize the available bandwidth of a server or to overload the system (e.g. ping flood, SYN flood, UDP flood). Volumetric attacks can be detected relatively simply and quickly by a DDoS protection solution.
Less frequently, DDoS are reported on the applications layer. With these attacks, weak points in an application are deliberately sought out and attacked. Again, the aim is to overload the resources and to interfere with access to services or web applications. Such attacks are less frequent and are significantly more costly for the attacker. In turn, they are more refined and harder to detect. In such cases a web server might, say, be overloaded with a large number of supposedly legitimate, resource-intensive requests.
Our sophisticated solution offers you optimal protection against DDoS attacks of all types, thereby securing the availability of your services, web applications and servers.