DDoS Protection

Traffic protection messaging for networks that need cleaner incident response.

A service page for mitigation workflow, clean-traffic routing, attack reporting, protected prefixes, and escalation expectations.

L3/L4 Network layer
L7 App layer notes
BGP/GRE Common delivery
Abuse Evidence flow

Overview

Explain protection without overclaiming

The copy avoids unverified capacity, uptime, or response-time promises. Add exact mitigation capacity, scrubbing locations, and SLA language only after you verify what the network can deliver.

  • Mitigation workflow
    Describe how traffic is detected, redirected, filtered, and returned, including any BGP or GRE details.
  • Protected assets
    Clarify which prefixes, DNS services, applications, or edge endpoints are eligible for protection.
  • Evidence handling
    Guide reporters to include timestamps, source and destination IPs, logs, packet samples, and contact details.

Before enabling protection

  1. Protected prefixes and services
  2. Normal traffic profile and peak bandwidth
  3. Current upstream or tunnel design
  4. Attack examples or recent incident summary
  5. Preferred escalation contacts

Common capabilities to document

  • Always-on or on-demand model
  • Clean-traffic delivery method
  • Filter-change workflow
  • Incident notification path
  • Post-attack review process

Useful for

  • DNS and authoritative services
  • Game and real-time platforms
  • Hosting providers
  • Web applications
  • Infrastructure that cannot tolerate noisy attacks

Next Step

Ask about protection

Include protected prefixes, normal traffic levels, current topology, and any recent attack evidence.

Contact Security