This website uses cookies in order to improve its ease of use. You accept this by continuing to use of the website. You can find more information on cookies and their deactivation here.

DDoS Protection
by Link11

The patent pending Link11 Protection Cloud is a unique piece of technology. Via a two-step protection method attacks are blocked and filtered so you can keep your focus on everything that keeps your business running. One of the toughest authorities worldwide - the German Federal Office for Information Security (BSI) - officially confirmed the effectiveness of the DDoS protection solution and identified Link11 as a qualified DDoS-mitigation-provider.

Under ddos attack?

The Link11 Security Operation Center (LSOC) will assist you when you are under attack. You can reach our emergency support 24/7 via phone or e-mail. 24/7 DDoS Emergency Hotline: +49 (0) 69264929799

DDoS Protection Cloud

DDoS Protection Cloud

With more than 11 years of experience in hosting and internet security Link11 has developed the most sophisticated DDoS Protection service available worldwide.

No extra Hardware needed

Secure Investment

No extra Hardware needed

Keep your focus on what is important. Further investment in extra hardware and staff training is obsolete. Link11 DDoS Protection runs completely in the cloud and is under constant development.

Intelligent Architecture

360° Protection

Intelligent Architecture

The self-learning technology reliably blocks every form of modern attacks. Depending on your connection Link11 offers protection against DDoS attacks on Layer 3, 4-7 and is ready within minutes.

Future-proof Protection


Future-proof Protection

Similar to your growth and need to expand your infrastructure your protection grows with you. Special packages fitted to your needs simplify your overview of ordered services.

Intelligent Threat Detection

Fingerprint Technology

Every user leaves a digital fingerprint in the internet. This print can be created out of hundreds of traceable attributes. The Fingerprint Identification developed by Link11 analyzes the behavior of browsers and computers and creates an anonymous digital DNA that is temporarily saved for further reference within the database of the cloud protection. This assures that customers can safely reach their destination.

Powerful Protection

Self-learning AI Shield

Every attack mitigated by Link11 is saved within a sequence database. The Self-learning AI that is part of the DDoS protection analyzes every attack sequence and compares these with existing data. Every company that is connected to Link11 benefits from this technology because it is capable of reacting even faster when similar incidents occur.

Instant Protection

Real-time Mitigation in Case of an Attack

In case of an attack emergency the Link11 Security Operation Center will inform you immediately and begin with the protection procedures in real-time. When a company decides to integrate the always-on variant via BGP, Link11 offers 24/7 support and reacts automatically when an attack occurs.

Strategically placed

Global Filter Locations

A large filter network of worldwide and handpicked scrubbing locations in Frankfurt, Zurich, Amsterdam, London, Miami, Los Angeles, Singapore and soon Hong Kong, guarantees global protection, performance and availability in case of a DDoS attack. Attacks reaching bandwidths of hundreds of Gbps are no threat to the Link11 Protection Cloud.

Worldwide filter locations

Protected with Lightning Speed

Easy Integration

There is no need for a complicated integration of expensive hardware in the existing infrastructure. The Link11 DDoS Protection Cloud offers a complete protection via the cloud. There are various options to integrate a protection that fit your needs.

DDoS Protection for Webservices

Web DDoS Protection

DNS Forwarding can already be realized with one existing IP address. All you have to do is to edit the DNS A-Record entries and within a short period the whole data transfer is routed over the Link11 filter center and the DDoS Protection is immediately activated. This way, applications based on a domain name can be protected against DDoS attacks over layers 3-7 in real-time.

DDoS protection for Webservices

Control and Visibility right from your Desk

Link11 WebGUI

Link11 offers its customers a web-based, graphical user interface to monitor the server functions. The interface provides insight into the real-time traffic analysis, shows blocked DDoS attacks, server availability and provides metrics on current server response times. Graphical Timelines can be displayed and analyzed as desired. In addition, the nature of the attacks and the respective places of origin are clearly presented. In addition to user management (with individual read or write rights), the WebGUI makes it possible, for example, to block entire countries with the geo-blocking function.

Diagnostic Dashboard

The Diagnostic Dashboard offers general DDoS information and hints on current threats. In addition, a DDoS warning system and DDoS traffic indicator offer a quick overview on the current security status. In the settings area, the granularity of the intelligent DDoS prevention can be set and customized blocking can be used to adjust settings for authorized and unauthorized access.

Customizable Control

The customizable control can be used to set up permanent authorized access for systems that deviate too far from that of a normal user. For example, desirable Dashboard view of the Link11 Dashboard automated scripts such as crawlers can be identified, ensuring compatibility with standard search engines, desirable advertising bots and administrators.


Our reporting makes it possible to generate individual and routine reports in a management overview. The reports can be transmitted on a regular and automatic basis. Any settings made by administrators in the user interface can be traced and edited ad hoc.

Alert Function

An alert-function is able to send SMS alerts about current threats. The prevention list states the reason for each prevented connection, the origin and the duration of the connection. The prevented connections can also be authorized to access the server on their next attempt.

DDoS Protection for IT Infrastructures

Infrastructure DDoS Protection

The DDoS Protection via Border Gateway Protocol can be implemented as standby or permanent solution. It requires a /24 or larger IP network for the rerouting. Within the standby integration, the customer as well as the Link11 Security Operation Center are able to announce the network in the event of an attack. By adding the Link11 Monitoring, the flow data of the local routers are constantly analyzed to ensure that the protection is activated automatically in case of an attack. 

In the event of an attack, the network announcement reroutes the entire traffic via the Link11 DDoS Protection for analysis. It is also possible to announce smaller parts of the network affected by the attack. For example announcing only a /24 network from an existing /16 network to be forwarded to the Link11 protection. After a successfully blocked attack, the network is then rerouted directly back to the customer via a second announcement.

DDoS Protection for IT Infrastructures

Constant Overview of your Network Status

Link11 Monitoring

The Link11 Monitoring System permanently monitors the status of your network and reports potential DDoS hazards. In addition, it controls the availability of the applications and reports further possible malfunctions. The monitoring system can be integrated as a remote service or as a local installation.

Monitoring Dashboard

The Link11 Remote Monitoring system automatically oversees the Link11 DDoS Protection servers connected via DNS Forwarding in real-time. It analyzes the applications, the server behavior as well as the incoming and outgoing traffic and checks the response times. This way impending attack scenarios can be identified and defended efficiently.

Remote Monitoring System

The local Monitoring System is installed by placing a monitoring server in the local network. The Monitoring System analyzes the flow data exiting the router and sounds an alarm when attack patterns are identified. The system is constantly observed by the Link11 Security Operation Center (LSOC). To realize the constant communication between
the Monitoring System and the LSOC, the Monitoring System has an out of band connection.

DDoS Protection for Hosting Service Providers

Direct Connect

By connecting the data center (or the shared internet access platform) with the Link11 network all customers using this connection can be protected against volume and protocol attacks when desired. The customers receive an IP address within the network range (≥ /24) that is solely included in the Link11 connection. When this IP address is attacked the traffic is immediately and automatically routed over the Link11 DDoS scrubbing center. All other IP addresses within the protected range still receive their traffic over the regular Link11 IP Access without having to go through the DDoS filtering process. This way they are not affected by the incoming DDoS attack.

Unprotected Platform
Protected Plattform

Hybrid DDoS Protection

Combination of
Link11 Cloud DDoS Protection and Hardware Aplliance

A large number of businesses have prepared their infrastructure insufficiently against high traffic and DDoS attack by integrating a hardware appliance in their systems. But nowadays the capacity of this hardware is not enough to deal with large and sophisticated DDoS attacks.

Link11 has developed a hybrid solution that offers protection against combined attacks on application and network layer. The hybrid solution protects on both sides: The hardware installed in the business infrastructure protects against application attacks. The external scrubbing center from Link11 protects against the bandwidth-heavy and volumetric attacks. This means that the Link11 Protection Cloud is the ideal addition to your existing hardware. The appliance oversees traffic and blocks DDoS attacks on Layer 3-7. When the amount of DDoS packages on network layer exceed a certain value, Link11 is alarmed, offers counter-measures immediately and takes over the mitigation via BGP.