The Clouding platform has several Anti-DDOS systems that prevent and filter denial of service attacks. Keeping your servers always available.
Our Anti-DDOS system works in several stages:
Local filtering in hypervisors
Hypervisors are connected to the Clouding network at 80gbps. This and its impressive hardware features, makes them an excellent distributed filtering platform.
Normally, traffic is delivered directly to your server, but in general, traffic received is examined to detect possible attacks. This could be called "Sensor" mode.
When the system is in "Sensor" mode, it performs a light inspection of traffic, which is imperceptible at the performance level.
When the "sensor" mode detects strange behavior in the network of a cloud server, the system goes into "Strict" mode in approximately one second.
When the system is in "Strict" mode it performs a much deeper inspection of the traffic, as well as very strict filtering. By performing such thorough filtering and inspection, this mode can result in a small increase in response times. Traffic must pass several rules and controls to be allowed through.
Local filtering in our central firewalls
Our central firewalls - which are connected to the various Internet access providers - continuously examine the traffic that arrives at the data center.
To begin with, they block clearly malicious traffic, so that it does not get to enter our data center. Although they perform a very basic block, since this process must be done in a very short time - just a few microseconds.
At the same time, they also review the volume of traffic received by each server, so that they can keep track of how much traffic each receives and thus detect possible DDOS attacks.
The filtering performed by the central firewalls of Clouding is very light, since these firewalls manage a large amount of flow and should not introduce delays in it.
In the case of attacks of a relatively low volume - few gbps per second - the central firewalls delegate the task of inspecting and cleaning the traffic in depth to the Hypervisors, so that the filtering of traffic is distributed among multiple large capacity equipment.
In the event of large volume attacks - several tens of gbps - firewalls activate the next line of defense.
External filtering internationally
When the main Clouding firewalls detect a large volume attack - several tens of gbps - they proceed to indicate to an external filtering platform, that its receiving traffic by that cloud server.
This traffic diversion is done in an automated way, in just 1 or 2 seconds and is completely transparent.
The platform is capable of filtering attacks of more than 2tbps, so it is capable of filtering the largest attacks detected so far.
When this protection system is activated, the traffic destined for that server is received in several geographical points by an external platform. This filters the attack and only delivers clean traffic to our firewalls. This clean traffic is delivered normally to the destination server.
Summary
This 3-phase implementation allows us to filter from relatively small attacks - from a few hundred mbps - to attacks of thousands of gbps. All this without affecting the normal functioning of the services and always introducing the minimum possible delay during an attack.
Info
In case your servers receive a large number of constant and very regular DDoS attacks, you can enable the Strict Anti-DDoS option permanently in your client panel.
If your servers do not receive constant attacks, we do not recommend activating this option, as it can have adverse effects on certain applications such as VPN, DNS, RDP servers or monitoring servers, among others.