DDoS Mitigation

While DDoS attack methods are constantly evolving, the business risks involved remain the same.

Network unavailability, website downtime, privacy breaches, brand damage, compromised digital assets: each one can be devastating. And each one can cripple any organization with significant associated recovery costs. Micron21 are pioneers in the industry and protect some of Australia’s largest companies and agencies from crippling DDoS attacks. As such, Micron21 has built a strong reputation as Australia’s most trusted provider of DDoS prevention services.

Diligently rectifying security issues.

To stay ahead of these increasingly complex challenges, we continually improve the way we guard against denial-of-service attacks. Micron21 protects organizations. We stop attacks from hindering network performance. We act quickly and diligently to rectify any security issues, regardless of the size or scope of the challenge involved.

The reality is that all online services are vulnerable. But with Micron21 DDoS mitigation services, you can have full confidence in the stability of your online infrastructure. As a leading Anti DDoS provider, our services are purpose-designed to detect, analyse and mitigate DDoS attacks of all types and sizes. We protect global enterprise networks and government services by providing low-latency close-to-source DDoS mitigation.

Tiered service offerings include remote protection for websites and online resources, or network-based protection via our Soak and Scrub services.

Why Micron21 for DDoS mitigation?

  • Comprehensive protection for remote online services or entire networks
  • Multi-enterprise vendor mitigation solutions include Brocade, NSFOCUS, Juniper and A10 provide a superior protection platform
  • 700gbit of mitigation capacity directly connected to 1500+ networks globally
  • Domestic traffic within each scrubbing region is cleaned within the region, avoiding increased latency and additional international traffic rerouting
  • Global Multiprotocol Label Switching (MPLS) network for optimal routing of clean traffic across regions
  • 'Always on' or 'on demand' reliable protection services
  • We can protect a single /32 route if required, without rerouting a /24 advertisement
  • Proven since 2009, offering enterprise level DDoS mitigation services since 2013
  • Provided by an Australian company, which is not bound by the patriot act
  • 5 global scrubbing centres (Melbourne, Sydney, Singapore, Amsterdam, Los Angeles)
  • Ensures the integrity of mission-critical applications
  • Protection against the latest emerging threats
  • Direct support access to our Security Operations Centre (SOC) monitoring your services in real time

Micron21 protects businesses with industry leading Distributed Denial of Service solutions. We take a comprehensive approach to mitigating denial of service attacks. DDoS/mitigation protection employs multiple layers of physical hardware to inspect, scan and filter traffic at the packet layer. There are four protective barricades to our DDoS protection. Brocade Edge Routers are designed to identify and sustain legitimate traffic. NSFOCUS DDoS Mitigation inspects the meta data of packets for known attack patterns against a zero-day database, while instructing A10 load balancers to drop illegitimate traffic. As a final measure of security, Juniper Firewalls provide a final layer of defence at the client end.

Detect, analyse and mitigate DDoS attacks. JOIN MICRON21 NOW

Micron21 DDoS Scrubber.

The Scrubber service is designed for networks with capacity to absorb unwanted attacks, but that lack the capability to surgically differentiate the unwanted attack traffic from clean traffic. It is a perfect solution for low or high volumes of traffic and ideal for large carrier networks who want to provide DDoS protection as a service to IP transit customers.

There are two modes within the DDoS Scrubber service: automatic and manual.

In automatic mode, threats are detected by our mitigation platform via a deployed onsite virtual appliance. Using flow analytics techniques, the appliance detects cyber threats within a network in the space of a few seconds.

To ensure that network security, compliance and integrity are maintained, the onsite dedicated virtual appliance provides real-time analytics of threats without exporting any data outside of your network. When an attack is confirmed, the priority virtual appliance provides an immediate alert and injects a /32 route via BGP into your network. This will funnel traffic towards the closest Micron21 scrubbing centre.

We surgically separate unwanted and clean traffic in seconds. The clean traffic is then safely returned to the protected network in a process that is completely transparent to the end user. When the threat subsides, the virtual appliance removes the injected route, provides notification that the threat is over and returns routing traffic to its previous state. The virtual appliance is extremely configurable. It offers custom thresholds for different types of attacks and alerts and is capable of monitoring an entire network.

In manual mode, you route traffic towards Micron21 after detecting an attack through your chosen method. You take control of advertising and withdrawing routes manually to enable protection. With Micron21 DDoS Scrubber service, you maintain complete control over the advertisement of your network - at all times. You only send specific /32 routes under traffic towards Micron21 for cleaning.

Additionally, in manual mode:

  • Securely route a single /32 IP address that is under attack in a transparent fashion.
  • We inspect, clean and scrub traffic, then return cleaned traffic with a transparent individual IP address.
  • Services are available via a physical or virtual cross connection at any Micron21-enabled Data Centre.
  • In both automatic and manual mode, customers can view the status of the protection service via the Micron21 online portal and access real–time information on attack traffic traversing our scrubbing service.

Micron21 DDoS Soak & Scrub.

Our most popular DDoS solution, Soak & Scrub offers resilient and reliable DDoS protection for customers that have neither network capacity nor capability to surgically differentiate unwanted attack traffic from clean traffic.

The service is available as 'always on' or 'on demand', with either automated or manual diversion depending on customer requirements.

Micron21 DDoS Soak, Scrub & Polish.

Our premium DDoS mitigation service, Soak, Scrub & Polish combines the power and global reach of the Micron21 network with other security measures to protect websites and online resources.

The always on protection platform enables your website and online resources to be served from the edge of Micron21's globally-distributed network (when you are not under attack).

Content is securely cached and passed along to your origin servers. We leverage TCP Anycast, assigning each of your business resources a secure Anycast Virtual IP (VIP) address and providing high-performance global accessibility.

Soak, Scrub & Polish is a robust combination of multi-layer protection including DDoS Mitigation, WAF protection, dedicated SSL offloading, load balancing and caching capabilities that are geographically separated across Europe, Asia, the USA, China and Australia. This powerful, clustered protection platform ensures high availability in the most critical attack scenarios.

  • Designed to protect layer 3 to layer 7 traffic for single or multiple internet assets, whether hosted internal or external to Micron21 infrastructure.
  • Provides comprehensive protection through a multi-vendor, multi-layered platform that load balances any application.
  • Offers secure mission-critical DDoS protection, perfectly suited to the demanding needs of enterprise corporations and government departments.
  • Proxy deployment can be set up quickly using DNS forwarding.
  • Proxy Load balanced DDoS protection for almost any protocol, including HTTP, HTTPS, FTP, DNS, NTP, SIP, Exchange, Email, SharePoint, Databases, Remote Desktop, Steaming Services and much more.
  • Flexible pay-per-use approach is completely scalable depending on requirements.
  • Ideally suited to customers who cannot reroute network traffic or those who simply need protection on individual application.
  • Automatic, backend failover is implemented in the event of a backend server failure.
  • SSL Attack Mitigation protects against SSL-based attacks. SSL decryption and challenge-response mechanisms are enforced only on suspicious traffic. Micron21 SSL certification management follows the PCI Data Security Standard and ISO 27001 to ensure the highest security standards.
  • Progressive challenge response algorithms defend the application layer against all abuses and attacks. Micron21 challenge response protocols employ non-intrusive authentication challenges depending on user behaviour and deliver a non-disruptive browsing experience with zero false-positive mitigation errors.
Want to know more?
 
What is ‘On demand’ automatic?

Threats are detected by our mitigation platform via a deployed onsite virtual appliance. The appliance identifies cyber-attacks within seconds using a combination of flow analytics (Netflow, SFlow, JFlow) and custom tuned base lines of normal traffic within the network.

Analytics and threat reports are then provided without exporting any data outside of the network, maintaining network security, compliance and integrity. This more specific route advertisement allows Micron21 to funnel traffic directly from the source towards our global scrubbing centres.

After receiving traffic, we surgically separate unwanted from clean traffic. Clean traffic is then safely returned to the protected network via the customer's choice of cross connection and our global MPLS network. This process happens transparently to the end user and is activated within seconds.

Once the threat subsides, the virtual appliance removes the injected route, notifies of the mitigated attack and returns routing traffic to its previous state. The virtual appliance is extremely configurable. It features custom thresholds for different types of attacks and alerts, and is capable of monitoring an entire network.

What is ‘On demand’ manual?

With complete control, you identify threats using your preferred method and advertise the specific /24 routes under attack via Border Gateway Patrol (BGP) towards Micron21. You withdraw routes manually to enable protection.

On demand manual service offers:

  • Custom protection levels, with user-defined protection parameters based on specific requirements.
  • Transparently configured service, with no other trace of network rerouting other than BGP paths.
  • Between 20 seconds to a maximum of two minutes for Global BGP convergence and complete mitigation.
  • A physical or virtual cross connection at any Micron21-enabled Data Centre or a bi-lateral BGP session on major peering exchange across the world.
  • Flexibility of providing mitigation services via a dedicated GRE tunnel.

In always on mode you receive all the features and functions of our demand protection platform with the added benefit of traffic always being routed via Micron21 global network: essentially an IP transit service.

This service eliminates the need for routing traffic and waiting for BGP to update globally when an attack is detected. It provides real-time superior protection for every packet entering your network via Micron21.

Our always on service can be used in combination with existing upstream suppliers to provide your network with a blended service. For instance, use Micron21 for clean international capacity or known targeted IP ranges within your network, while still maintaining existing local transit providers for domestic traffic.

Soak and Scrub Protection Options Explained.
  • Clean traffic refers to the total volume of traffic forwarded to the client's network after surgical DDoS mitigation has removed the unwanted traffic.
  • Guaranteed protection is the amount of protection which is guaranteed for sustained attacks 24 hours a day. Typically, guaranteed protection is designed for low volume persistent attacks and not large UDP flood attacks which are rare and always short in duration.
  • Burst protection refers to the amount of additional protection a service receives in order to protect against large-scale short-duration flood attacks that typically last from ten minutes to an hour.
  • Burst duration refers to the amount of time a service is allowed to burst above the guaranteed protection level per attack.
How to activate a Soak, Scrub and Polish Service.

Switch the DNS record of the application you want to protect to a Virtual IP (VIP) address provided by Micron21. All inbound application traffic will then be routed to Micron21 global scrubbing centres where it will be analysed and surgically inspected. Any Layer 7 attack traffic will be eliminated, and legitimate traffic will be passed on to your infrastructure, ensuring non-stop availability for your critical applications.

Mitigation layers.
  • High-speed global close to source filtering defends against bandwidth flooding using wire-speed mitigation hardware.
  • Protocol Verification filters packets by verifying that Layer 3 network switching and routing protocols and layer transport protocols are being used correctly, enabling it to mitigate packet floods.
  • Deep Packet Inspection (DPI) filters out SYN flood and similar attacks attempting to exploit TCP/IP protocol vulnerabilities by examining the packet header and information all the way down to the application layer.
  • Adaptive filtering and signature matching uses both statistical analysis and anomaly recognition to guard against zero-day attacks.
  • Application-level Filtering blocks HTTP traffic that does not conform to protocol specifications
  • Progressive Challenge-Response algorithms are employed to further distinguish between spoofed and legitimate traffic.
  • Intelligent HTTP Malformed Filtering mitigates application-specific level attacks in real time.
  • Flexible Content Filtering deters morphing HTTP Flood attacks by adapting flexible-content filters to rapidly counter evasive intentions.
  • Rate Limiting further limits the exploitation of system and bandwidth resources against baseline statistics.
  • Web Application Firewall (WAF) protects web applications, mobile apps, and application program interface (API) apps against common threats such as OWASP Top 10 Attacks.
  • Caching serves as the last layer of protection to absorb unwanted attack traffic, if any, that may have slipped through the preceding layers.

Come see us for yourself.

Book a tour to our state-of-the-art Tier IV Data Centre

Need Help?

Speak to one of our Australian-Based Team now

Sign up for the Micron21 Newsletter