- Category: Blog
- Written by Aamir Kadri
- Hits: 1740
Custom DDoS Filtering at JavaPipe
We have a client with specialized DDoS filtering requirements. Previously, they had tried various DDoS protection companies who kept them onboard with their default filtering. As a result, our client faced downtime and his clients suffered as the server remained offline due to the DDoS attacks.
They tried to resolve this by switching companies, but the result was the same. Attackers could get through most protection types and would manage to bring the server down easily. Whenever our client spoke to their tech support, he was assured that the attacks would be stopped and he would not face further downtime.
Don't know what a DDoS attack is? Read about the definition of Denial of Service attacks.
In spite of this, the attacks kept continuing. Finally the client switched to JavaPipe's remote DDoS protection. With default DDoS filtering, our client started facing attacks again and suffered from downtime. He contacted us and conveyed that the attacks were still getting through. The important thing was that he was in touch with us all the time and we kept fine tuning the DDoS filtering to suit his application type. We took note of the types of attacks that he was facing, our technical department then managed to implement customized rules that successfully mitigated the DDoS attacks.
Once the attacks were mitigated, we followed up with our client and kept fine tuning for performance. The results spoke for themselves, the client was very happy with our performance and our ability to block attacks by custom filtering and tuning. This goes to show that many other companies either employ brute force DDoS filtering, or try default methods of blocking attacks which are not always successful.
Original attack types
- Spoofed TCP and UDP based attacks, Layer 7 packets similar to legit application traffic
Original attack sizes
- UDP amplification attacks with power of 5 to 50Gbps
- Spoofed TCP attacks with power of 4-6Gbps, (packet count reached 6 million packets per second)
- Layer 7 attacks identified over 24,000 unique IP addresses involved in the attack which were most likely from a single botnet
Results before custom DDoS filtering:
- Before adding custom packet DDoS filtering tailored to the client’s needs, there was an 80% attack mitigation ratio, we assume this happened with all the other providers our client used.
Results after custom DDoS filtering
- Mitigation after custom filtering - 100% ratio and 0 downtime.
Customer satisfaction was 100%.
With our custom DDoS filtering rules we were able to completely block the sophisticated DDoS attacks that this client received. No other DDoS protection provider that the client used previously was able to accomplish this. At JavaPipe we work on adjusting every single DDoS filtering rule or add new ones until it's perfectly optimized for the application and attacks of a client.