DoS/DDoS protection

Stress testing to eliminate congestion conditions

DoS attack (“Denial of Service”) is a violation of the availability requirement, which leads to business downtime, and reputational and financial losses.

DDoS attack (Distributed Denial of Service) is a malicious attempt to disrupt the normal traffic of a target server, service, or network by overloading the target or its surrounding infrastructure with a stream of Internet traffic.

DDoS attacks are effective because they use multiple compromised computer systems as sources of attack traffic. The employed machines can include computers and other network resources such as IoT devices.

A DDoS attack is like an unexpected traffic jam clogging up a motorway, preventing regular vehicles from arriving at their destination.

In general terms, DoS and DDoS attacks can be divided into three categories:

	Volumetric Attacks Include UDP floods, ICMP floods, and other spoofed packet flows. The goal of these attacks is to overflow the bandwidth of the attacked website or another object. The attack volume is measured in bits per second (bps).
	Protocol-layer Attacks Include SYN flood, fragmented packet attacks, Ping of Death, Smurf DDoS, and others. This type of attack consumes actual server resources or the resources of intermediate communication equipment such as firewalls and load balancers, and is measured in packets per second (Pps).
	Application-layer Attacks Include small and slow attacks, GET/POST floods, attacks targeting the web server, Windows or OpenBSD vulnerabilities, and more. Consist of seemingly legitimate and innocent requests. The purpose of these attacks is to crash the server, and their volume is measured in requests per second (Rps).

Thus, DoS/DDoS protection will help keep your systems available and minimize the impact of such attacks.

We offer a comprehensive approach at each level of DoS/DDoS protection:

1. Basic level. Installing and tweaking Cloudflare to hide real IP addresses from the Internet.
2. Application level. Analysis of problematic requests. We check the application source code and profiling results, we find bottlenecks that, for example, are not automatically scaled by means of the Kubernetes cluster.
3. Testing. Our team of specialists conducts an attack simulation to test the solution and make sure that your application is ready for a real DoS/DDoS attack.

Check out our additional services and business cases. Send the form below to request protection against DoS/DDoS attacks. Get a free consultation.