DDoS Protection by Link11

The patent pending Link11 Protection Cloud is a unique piece of technology. Via a two-step protection method attacks are blocked and filtered so you can keep your focus on everything that keeps your business running.

Try DDoS Portection Now

Under DDoS Attack?

The Link11 Security Operation Center (LSOC) will assist you when you are under attack. You can reach our emergency support 24/7 via phone or mail.

24/7 DDoS Emergency Hotline: +44 (0)2038688711

01 ddos mitigation neg

DDoS Protection Cloud

With more than 11 years of experience in hosting and internet security Link11 has developed the most sophisticated DDoS Protection service available worldwide.
11 low investment
Secure Investment

No extra Hardware needed

Keep your focus on what is important. Further investment in extra hardware and staff training is obsolete. Link11 DDoS Protection runs completely in the cloud and is under constant development.

12 intelligent architecture
360° Protection

Intelligent Architecture

The self-learning technology reliably blocks every form of modern attacks. Depending on your connection Link11 offers protection against DDoS attacks on Layer 3, 4-7 and is ready within minutes.

13 scalability

Future-ready Protection

Similar to your growth and need to expand your infrastructure your protection grows with you. Special packages fitted to your needs simplify your overview of ordered services.

Fingerprint Identification

Intelligent Threat Detection

Everybody leaves a digital fingerprint in the internet. This print can be created out of hundreds of traceable attributes. The Fingerprint Identification developed by Link11 analyzes the behavior of browsers and computers and creates an anonymous digital DNA that is temporarily saved for further reference within the database of the cloud protection. This assures that customers can safely reach their destination.

Self-learning AI Shield

Powerful Protection

Every attack mitigated by Link11 is saved within a sequence database. The Self-learning AI that is part of the DDoS protection analyzes every attack sequence and compares these with existing data. Every company that is connected to Link11 benefits from this technology because it is capable of reacting even faster when similar incidents occur.

Instant Protection

Immediate Response & Protection
in Case of an Attack

In case of emergency and attack the Link11 Security Operation Center will inform you immediately and begin with the protection procedures. When a company decides to integrate the always-on variant via BGP, Link11 offers 24/7 support and reacts automatically when an attack occurs.

Strategically placed

Handpicked Filter Locations

A large filter network consisting of locations in Frankfurt, Amsterdam, London, Miami, Los Angeles, New York and soon Zurich and Hong Kong as well, guarantees performance and availability in case of a DDoS attack. Attacks reaching bandwidths of hundreds of Gbps are no threat to the Link11 Protection Cloud.

l11 map filterlocations en 1200px

Protected with Lightning Speed

Easily integrated

There is no need for complicated integration of expensive hardware in the existing infrastructure. The Link11 DDoS Protection Cloud offers the complete protection via the cloud. There are various options to integrate a protection that fits.

DDoS Protection for Webservices

DNS Forwarding

DNS Forwarding can already be realized with an existing IP address. All you have to do is to edit the DNS A-Record entries and within a short period the whole data transfer is routed over the Link11 filter center and the DDoS Protection is immediately activated. This way, applications based on a domain name can be protected against DDoS attacks over layers 3-7.

l11 protection dns en 800px
WebGUI Link11

Link11 WebGUI

Powerful Control & Visibility
right from your Desk

Link11 offers its customers a web-based, graphical user interface to monitor the server functions. The interface provides insight into the real-time traffic analysis, shows blocked DDoS attacks, server availability and provides metrics on current server response times. Graphical Timelines can be displayed and analyzed as desired. In addition, the nature of the attacks and the respective places of origin are clearly presented. In addition to user management (with individual read or write rights), the WebGUI makes it possible, for example, to block entire countries with the geo-blocking function.

Diagnostic Dashboard

The Diagnostic Dashboard offers general DDoS information and hints on current threats. In addition, a DDoS warning system and DDoS traffic indicator offer a quick overview on the current security status. In the settings area, the granularity of the intelligent DDoS prevention can be set and customized blocking can be used to adjust settings for authorized and unauthorized access.

Customizable Controls

The customizable controls can be used to set up permanent authorized access for systems that deviate too far from that of a normal user. For example, desirable Dashboard view of the Link11 Dashboard automated scripts such as crawlers can be identified, ensuring compatibility with standard search engines, desirable advertising bots and administrators.


Reporting makes it possible to generate individual and routine reports in a management overview. The reports can be transmitted on a regular and automatic basis. Any settings made by administrators in the user interface can be traced and edited ad hoc.

Alert Function

An alert function is able to send SMS alerts about current threats. The prevention list states the reason for each prevented connection, the origin and the duration of the connection. The prevented connections can also be authorized to access the server on their next attempt.

DDoS Protection for IT Infrastructures


Large corporate networks with acces to a whole IP network range or larger can be protected via the Border Gate Protocol (BGP). The BGP Protection can be installed as a hot standby or permanent variant. The regular data flow is preserved until an attack occurs. In case of an attack the traffic is re-routed over the Link11 scrubbing network and analyzed instantly. The filtered data packets are routed via a tunnel connection to the company infrastructure. The Link11 customers can decide if the traffic is re-routed completely or just partly.

l11 protection bgp en 800px

Link11 Monitoring

Constant Overview
of your Network Status

The Link11 Monitoring System permanently monitors the status of your network and reports potential DDoS hazards. In addition, it controls the availability of the applications and reports further possible malfunctions. The monitoring system can be integrated as a remote service or as a local installation.

Diagnose Dashboard

The Link11 Remote Monitoring system automatically oversees the Link11 DDoS Protection servers connected via DNS Forwarding in real-time. It analyzes the applications, the server behavior as well as the incoming and outgoing traffic and checks the response times. This way impending attack scenarios can be identified and defended efficiently.

Remote Monitoring System

The local Monitoring System is installed by placing a monitoring server in the local network. The Monitoring System analyzes the flow data exiting the router and sounds an alarm when attack patterns are identified. The system is constantly observed by the Link11 Security Operation Center (LSOC). To realize the constant communication between the Monitoring System and the LSOC, the Monitoring System has an out of band connection.

DDoS Protection for Hosting Service Providers

Direct Connect

By connecting the data center (or the shared internet access platform) with the Link11 network all customers using this connection can be protected against volume and protocol attacks when desired. The customers receive an IP address within the network range (≥ /24) that is solely included in the Link11 connection. When this IP address is attacked the traffic is immediately and automatically routed over the Link11 DDoS scrubbing center. All other IP addresses within the protected range still receive their traffic over the regular Link11 IP Access without having to go through the DDoS filtering process. This way they are not affected by the incoming DDoS attack.

Hybrid DDoS Protection

Combination of Link11 Cloud DDoS Protection
and Hardware Aplliance

A large number of businesses have prepared their infrastructure insufficiently against high traffic and DDoS attack by integrating a hardware appliance in their systems. But nowadays the capacity of this hardware is not enough to deal with large and sophisticated DDoS attacks.

Link11 has developed a hybrid solution that offers protection against combined attacks on application and network layer.

The hybrid solution protects on both sides: The hardware installed in the business infrastructure protects against application attacks. The external scrubbing center from Link11 protects against the bandwidth-heavy and volumetric attacks. This means that the Link11 Protection Cloud is the ideal addition to your existing hardware. The appliance oversees traffic and blocks DDoS attacks on Layer 3-7. When the amount of DDoS packages on network layer exceed a certain value, Link11 is alarmed, offers counter-measures immediately and takes over the mitigation via BGP.