Providers that protect against DDoS attacks
Akamai
Akamai [11] operates one of the largest content delivery networks (CDNs) worldwide and uses its network to offer DDoS protection in the cloud. In addition to the DNS and BGP variants, Akamai sells proxy protection, which places your individual applications (e.g., ports on IP addresses) under their protection.
Like Link11, the Prolexic Connect product provides data centers with the option to slip under the wing of CDN (Figure 2). Like Link11, Akamai structures the billing model as a subscription and uses the 95th percentile of clean or normal incoming traffic to calculate a price. In the BGP variant, the number of /24 networks and the number of protected sites still play a role.
Conclusions
If you run your infrastructure with AWS, you will be grateful for the basic protection provided. Advanced protection is quite pricey, though. You should consider whether Amazon's presence is so relevant for your business that it justifies a premium of more than $3,025 per month. The option to pay per attack can quickly have an adverse effect on the purse of the victims. If you want to get away from Amazon completely, you need to look around for another provider in terms of DDoS protection.
The information in this article can probably steer you in the right direction, but it does not present a universal solution. Because the pricing structures differ considerably between providers, you should first analyze your own threat situation closely. Have you already experienced attacks or been threatened with attacks? If so, was the entire company threatened or just one department? In the latter case, even Amazon can be useful, especially if the volume of regular traffic is not too high.
Even if you do not take precautions against DDoS attacks with specific measures, you should at least have a contingency plan up your sleeve and discover your options beforehand. Link11 and Arbor offer emergency links on their websites in the event of an attack. For those at risk, there is no time to lose.
Infos
- NetFlow: https://en.wikipedia.org/wiki/Netflow
- sFlow: http://www.sflow.org
- Ipfix: https://tools.ietf.org/html/rfc7011
- Border Gateway Protocol: https://tools.ietf.org/html/rfc1772
- Flowspec: https://tools.ietf.org/html/rfc5575
- Netfilter Conntrack memory usage: https://johnleach.co.uk/words/372/netfilter-conntrack-memory-usage
- A10: https://www.a10networks.com/products/thunder-series/ddos-detection-protection-mitigation
- AWS Shield: https://aws.amazon.com/en/shield/
- Arbor: https://www.arbornetworks.com/ddos-protection-products
- Link11: https://www.link11.com/en/
- Akamai: https://www.akamai.com/us/en/resources/ddos.jsp
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs