Following are answers to some of the questions you may have about our DDoS protection. We use “Voxility” for L3 DoS protection.
Q: What is the protection mode or when is traffic routing done?
A: We re-route the traffic based on triggers we set.
Q: Is the Voxility protection always-on (inline) or automated diversion/on-demand scrubbing?
A: It’s automated diversion
Q: How is traffic routed (BGP announcement behind scrubbing, GRE/IPIP tunnel, or other)?
A: It’s BGP
Q: What is the typical time to activate mitigation after detection (seconds)?
A: Within 10 seconds
Q: Do you mitigate IP fragmentation floods and fragmented UDP at line rate?
A: Yes if traffic reaches the thresholds
Q: Do you mitigate UDP reflection/amplification (including DNS amplification) and abnormal source-port 53 patterns?
A: Yes if traffic reaches the thresholds
Q: What are the max sustained/peak PPS and Gbps you can scrub per protected IP/customer without service degradation?
A: No limits
Q: Are there any caps (Gbps/PPS) per IP/server/customer or any additional charges during mitigation?
A: No
Q: Under what conditions would you null-route/blackhole an IP due to an attack (duration/size thresholds)?
A: Normally we are not using blackhole advertising
