Web DDoS Protection

Web DDoS Protection

Smarter, Faster, Safer

As an integral part of Link11’s Web Security Suite, Web DDoS protection operates on an always-on
principle. It’s completely automated and responds to potential online threats around the clock.

Global MPLS network
with 43 PoPs

Multi-terabit
global network

Guaranteed protection
bandwidths of up to
1 Tbps

How the Link11
DDoS Web technology works

DDoS-Web-technology-works

Instances

instances

TLS termination

Our technology also effectively protects Link11 customers from HTTP-based attacks (Layer 7).

For this, a separate domain-specific x.509 certificate must be uploaded within the web DDoS protection and the special TLS termination must be switched on. This allows all TLS connections to be analyzed and decrypted. Traffic is then checked for DDoS attacks, re-encrypted and finally forwarded to the Origin server.

DDoS detection and protection measures

01
Monitoring:

The technology checks the response times and HTTP 50x error messages reported by the backend and automatically launches defense algorithms if anomalies are detected.

02
Scoring system:

The defense mechanism works internally, using a scoring system that evaluates the anomalies and, once a certain threshold is reached, starts blocking IP addresses with conspicuously high scores.

03
Dynamic:

The points allocation and the resulting implementation of the blockade work dynamically.