Home > Enterprise > Security > DDoS Mitigation
Network unavailability, website downtime, privacy breaches, brand damage, compromised digital assets: each one can be devastating and can cripple any organization with significant associated recovery costs.
Micron21 are pioneers in the industry and protect some of Australia’s largest companies and agencies from crippling DDoS attacks.
In an era where cyber threats are increasingly sophisticated, Distributed Denial of Service (DDoS) attacks and other malicious activities pose significant risks to organizations worldwide. These threats can lead to network unavailability, website downtime, data breaches, brand damage, and compromised digital assets each with devastating consequences and substantial recovery costs. Micron21 stands at the forefront of cybersecurity, offering state-of-the-art solutions that encompass advanced DDoS mitigation including network-based protection across Layers 3, 4, and 7 and bot protection via our different service offerings.
Our solutions are tightly integrated with our Security Operations Center (SOC) with comprehensive Security Information and Event Management (SIEM) capabilities. Leveraging the latest advancements in technology and staffed by a dedicated team of security experts, Micron21 provides unparalleled protection tailored to safeguard your organization’s critical infrastructure.
Micron21 offers comprehensive multi-layer protection that defends against volumetric, protocol, and application-layer attacks, ensuring holistic security for your organization. Our services are powered by advanced technology, integrating the latest DDoS mitigation solutions to effectively detect and neutralize emerging threats. With over 700 Gbps of mitigation capacity directly connected to more than 1,500 networks globally, we have the capability to absorb and mitigate large-scale attacks.
Our global network of scrubbing centers—strategically located in Melbourne, Sydney, Singapore, Amsterdam, and Los Angeles—ensures low-latency, close-to-source mitigation. We utilize dedicated infrastructure for scrubbing attack traffic from clean traffic, employing high-performance equipment from industry leaders such as Cisco, NSFOCUS, Juniper, Extreme and A10 Networks. This dedicated approach optimizes performance and ensures that your legitimate traffic remains unaffected.
Micron21’s extensive peering with all major Australian networks like Telstra, Optus, TPG, AAPT, Vocus, and all major peering exchanges in Australia and internationally allows for direct network interconnections. This extensive connectivity reduces latency and improves the overall efficiency of our DDoS mitigation services. Additionally, we offer customized protection by being able to protect a single /32 IP address without the need to reroute larger /24 subnets, providing flexibility to meet your specific network requirements.
Our clients benefit from expert support through our 24/7 Security Operations Center (SOC), staffed by certified security professionals. This ensures that you have immediate access to assistance whenever you need it, further enhancing the reliability of our services.
In today’s digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms large over organizations of all sizes.
While many service providers claim to offer DDoS protection, a closer examination often reveals that their solutions lack the depth and effectiveness required to combat sophisticated cyber threats.
In today’s digital landscape, malicious bots have become a pervasive threat, often used to launch sophisticated HTTPS attacks that can bypass traditional security measures.
Recognizing the significance of this threat vector, Micron21 has integrated advanced bot protection mechanisms into our DDoS mitigation services to safeguard your web applications and APIs.
Micron21’s DDoS mitigation services provide comprehensive, stateless, multi-layered protection against volumetric, application, and web application attacks. Our stateless architecture allows for rapid processing and analysis of packets without the overhead of maintaining session states, enabling high-performance defense mechanisms. We support multi-protocol environments and offer advanced inspection capabilities, effectively mitigating attacks across TCP, UDP, ICMP, HTTP, HTTPS, DNS, and SIP protocols.
Our protection extends to a wide array of attack vectors, including amplification attacks like NTP, SSDP, SNMP, CHARGEN, and Memcached. We also defend against fragment floods, connection exhaustion attempts, header manipulation, and carpet-bombing attacks. By integrating with Threat Intelligence Feeds, we stay ahead of emerging threats, utilizing real-time data on malicious IPs, botnets, and attack patterns.
Understanding the critical role of DNS and HTTPS in modern networks, we provide specialized protection mechanisms for these services. For DNS, we implement DNS rate-limiting, DNS TCP-bit checks, DNS CNAME checks, DNS retransmission controls, and DNS keyword checking to prevent abuse and amplification attacks. Our defenses against random subdomain attacks ensure the integrity and availability of your DNS infrastructure.
For HTTPS traffic, we offer advanced security measures including HTTPS keyword checking, HTTPS authentication, HTTPS dynamic script analysis, and HTTPS frame check sequence (FCS) checks. We utilize HTTPS pattern matching and guard against HTTPS slow attack checks, such as Slowloris attacks that aim to exhaust server resources. Our HTTPS SSL connection control ensures secure and efficient handling of encrypted traffic without compromising on performance.
Micron21 employs sophisticated IP behavior analysis to monitor and assess the legitimacy of incoming traffic. By analyzing patterns such as connection rates, geographic origin, and packet anomalies, we can identify and mitigate suspicious activities. Trusted source IP control allows us to prioritize traffic from verified sources, enhancing the efficiency of legitimate communications.
Additionally, our systems perform empty connection checks to detect and block attempts to consume server resources with incomplete or malicious connections. For Voice over IP services, we provide SIP authentication to secure against protocol-specific attacks.
Our DDoS mitigation strategies are underpinned by a suite of sophisticated algorithms designed to detect and neutralize threats effectively.
We perform RFC (Request for Comments) checks to ensure that all network traffic adheres to established internet protocol standards. This helps us identify and discard malformed or malicious packets that deviate from expected behaviors.
Our systems leverage blacklists, Threat Intelligence (NTI) blacklists, whitelists, GEOIP filter lists, and access control lists to allow or block traffic based on reputation and geographic origin.
For TCP traffic, we employ techniques such as regular expression filtering and TCP SYN source IP rate limiting to manage and mitigate SYN flood attacks. We monitor TCP SYN bandwidth limits, perform TCP SYN time sequence checks, and apply TCP fragment controls to ensure the integrity of TCP communications. TCP watermark checks and pattern matching enable us to detect and block sophisticated attack patterns targeting TCP protocols.
In UDP traffic, we implement regular expression filtering and payload checks to scrutinize the contents of packets. UDP fragment control and packet length checks help us identify and mitigate attempts to exploit the UDP protocol. We also utilize UDP traffic control, watermark checks, and pattern matching, along with reflection amplification rules, to guard against reflection and amplification attacks that can overwhelm network resources.
Our algorithms are designed to detect and mitigate a wide range of attack vectors, including SYN floods, ACK floods, UDP floods, ICMP floods, IGMP floods, HTTP/HTTPS floods, DNS attacks, LAND attacks, SIP floods, and attacks exploiting protocol anomalies such as protocol null and TCP flag misuse. We defend against DNS query and response floods, NTP amplification, SSDP amplification, SNMP amplification, and CHARGEN amplification floods.
By monitoring for private IP abnormalities, traffic anomalies, and utilizing auto-learning baselines, we can detect deviations from normal traffic patterns. Our systems assess regional or IP group inbound and outbound traffic abnormalities, enabling us to respond swiftly to localized threats. False source IP detection helps us identify and block spoofed IP addresses commonly used in DDoS attacks. Integration with Threat Intelligence feeds enhances our ability to proactively defend against emerging threats.
Micron21’s platform supports programmable protection rules, allowing for customized mitigation strategies tailored to specific network environments. This flexibility enables us to adapt quickly to new attack methods and to fine-tune defenses based on the unique traffic patterns of each client.
Micron21 provides comprehensive reporting and analytics to give you full visibility into your network’s security status. We track attack events, provide detailed attack summaries, and analyze traffic trends to offer insights into the nature of threats against your network. Our extensive logging captures data on attack summaries, traffic alerts, performance metrics, link states, and authentication activities.
Our reporting capabilities include both real-time and historical reporting, allowing you to monitor ongoing threats and review past incidents for trend analysis and strategic planning. We offer scheduled reports by email, ensuring that key stakeholders receive regular updates on the security posture of your network. This level of transparency empowers you to make informed decisions about your security strategies and resource allocation.
Micron21 is committed to meeting the highest standards of compliance and certifications. Each of our scrubbing locations is Information Security Registered Assessors Program (IRAP) certified, meeting stringent Australian government security standards.
As an Australian-owned company, we are not subject to foreign data access laws like the USA PATRIOT Act, ensuring your data remains sovereign and protected under Australian law.
For our European clients, we adhere to the General Data Protection Regulation (GDPR), ensuring data privacy and protection in compliance with European standards. Our commitment to compliance ensures that your organization meets its regulatory obligations while benefiting from our advanced DDoS mitigation services.
Micron21 offers a range of DDoS Protection service offerings to meet the diverse needs of our clients. Our always-on DDoS protection provides continuous monitoring and instant mitigation of any detected attacks, ideal for organizations requiring uninterrupted service and immediate response times. For businesses with lower risk profiles or budget constraints, our on-demand protection offers flexible activation of mitigation services upon detection of an attack.
Our DDoS Protection services involve traffic redirection, where malicious traffic is diverted to our scrubbing centers, cleaned, and legitimate traffic is forwarded to your destination. This seamless integration has minimal impact on your existing network architecture and is easy to deploy. For website and application protection, our remote protection services provide DDoS mitigation without the need for network changes, using DNS-level redirection to route traffic through our scrubbing centers.
For each of our DDoS Protection services, you can customize the level and type of protection to meet your specific needs, as well as select the preferred level of monitoring and support.
Micron21’s DDoS mitigation services are designed for rapid deployment, with quick setup requiring minimal changes to your existing infrastructure. Our solutions are scalable, tailored to organizations of all sizes—from small businesses to large enterprises. Our team of experts provides guidance on best practices and optimal configurations for your specific needs, ensuring a seamless integration with your network.
Our global network and connectivity are key strengths of Micron21’s DDoS mitigation services. We have extensive peering with major ISPs and peering exchanges globally, reducing latency and improving performance. Domestic scrubbing ensures that attack traffic originating within a region is mitigated locally, avoiding unnecessary latency from international routing. Our use of BGP Anycast routing distributes incoming traffic across multiple scrubbing centers for load balancing and redundancy, enhancing the reliability of our services.
Threats are detected by our mitigation platform via a deployed onsite virtual appliance. The appliance identifies cyber-attacks within seconds using a combination of flow analytics (Netflow, SFlow, JFlow) and custom tuned base lines of normal traffic within the network.
Analytics and threat reports are then provided without exporting any data outside of the network, maintaining network security, compliance and integrity. This more specific route advertisement allows Micron21 to funnel traffic directly from the source towards our global scrubbing centres.
After receiving traffic, we surgically separate unwanted from clean traffic. Clean traffic is then safely returned to the protected network via the customer's choice of cross connection and our global MPLS network. This process happens transparently to the end user and is activated within seconds.
Once the threat subsides, the virtual appliance removes the injected route, notifies of the mitigated attack and returns routing traffic to its previous state. The virtual appliance is extremely configurable. It features custom thresholds for different types of attacks and alerts, and is capable of monitoring an entire network.
With complete control, you identify threats using your preferred method and advertise the specific /24 routes under attack via Border Gateway Patrol (BGP) towards Micron21. You withdraw routes manually to enable protection.
On demand manual service offers:
In always on mode you receive all the features and functions of our demand protection platform with the added benefit of traffic always being routed via Micron21 global network: essentially an IP transit service.
This service eliminates the need for routing traffic and waiting for BGP to update globally when an attack is detected. It provides real-time superior protection for every packet entering your network via Micron21.
Our always on service can be used in combination with existing upstream suppliers to provide your network with a blended service. For instance, use Micron21 for clean international capacity or known targeted IP ranges within your network, while still maintaining existing local transit providers for domestic traffic.
Switch the DNS record of the application you want to protect to a Virtual IP (VIP) address provided by Micron21. All inbound application traffic will then be routed to Micron21 global scrubbing centres where it will be analysed and surgically inspected. Any Layer 7 attack traffic will be eliminated, and legitimate traffic will be passed on to your infrastructure, ensuring non-stop availability for your critical applications.