Servers.com designed our network to allow an out of the box protection against the most common amplification DDoS attacks, under typical scenarios, with no further reconfiguration.
• NTP amplification
• DNS amplification
• SSDP amplification
• SNMP amplification
• NETBIOS amplification
• RIPv1 amplification
• PORTMAP amplification
• CHARGEN amplification
• QOTD amplification
• ICMP flood
• Fragmented IP flood
This protection would be activated for any of your servers once Servers.com see significant amounts of incoming DDoS. The mitigation is implemented completely on Servers.com's network equipment and adds no latency to your packet round-trip time.
Hetzner Online uses its automated security tools to protect your web applications, websites, servers, and IT infrastructure from DDoS attacks. It uses the latest hardware applications and sophisticated filter technologies, providing you with first-rate protection against large-scale DDoS attacks. Their system protects you and your data by utilizing Arbor and Juniper hardware.
• DNS reflection
• NTP reflection
• UDP floods on port 80
• SYN floods
• DNS floods
• Invalid packets
Their automated system recognizes almost all attack patterns in advance, allowing it to block the attacks and effectively thwart the vast majority of them. Hetzner Online are able to clearly define the actual attack and then to specifically home in on and react to that particular type of attack. The method of scrubbing allows us to effectively filter out the most commonly known attacks by putting them through traffic scrubbing filters.
PsychzNetworks Scrubs DDoS attacks multiple times before even coming to your server reducing risks and saving resources.
Pyschz offers us 30Gbps DDoS mitigation for level 3/4/7 attacks.
They utilized heuristic-based DDoS detection, which enables complete defense against all known and "zero-day" threats. Traffic goes through multiple stages of scrubbing and filtering before it arrives at the destination.
They utilize high-performance scrubbers & analyzers across all data centers. With Dual-stack IPv4/IPv6 enabled Static Layer 3 policies (ACL's), They can define filters globally both on Edge and Network layer. With the help of Anycast, we can deliver traffic with low latency and almost no packet loss