DDoS Protection - KnowledgeBase
Service Overview
With its own backbone network and multiple scrubbing centers, Inter.link offers low- and high-end protection for both smallest ISPs and large Enterprises. In contrast to other DDoS service offerings, Inter.link DDoS services are not billed on "Clean Traffic" or "Number of Attacks" - which is neither predictable nor influenceable for most customers - but on easy to determine requirements and features.
With Plus, Premium, and Enterprise tiers (see table below), Inter.link DDoS Protection covers a broad range of requirements. If a customer is already using Inter.link IP Transit, then all tiers can be implemented within less than 24 hours.
With proper route authorisation objects in place, Inter.link can also pull more-specifics to force traffic of multi-homed customers via its network.
Benefits
- Pricing not based on Clean-Bandwidth or Attacks
- Self-service configuration is possible
- Low cost to high-end tiers available
- 24/7 proactive mitigation
Vectors mitigated
- TCP SYN, SYN-ACK, PUSH, RST, and FIN Flood
- UDP, DNS, HTTP, and ICMP Flood
- Session and Fragmentation Attacks
- Protocol Violations, Faulty Applications
DDoS protection tiers
The main difference between the 3 tiers (plus, premium, and enterprise) of DDoS Protection is the maximum number of simultaneously mitigated /24 IP address ranges which are 4/10/20 for the different tiers. The onboarding for this can be expedited.
Another important technical difference is the adaptive mitigation (time for speaking 24/7 with one of our engineers to adjust the mitigation if a DDoS Attack is happening) which is 1/3/unlimited hours according to the chosen tier.
An additional difference is the maximum attack bandwidth which can be mitigated between the 3 different tiers which are 1/2/5 Tbps.
For DDoS Protection pricing logic, visit the Pricing section.
Tier | Plus | Premium | Enterprise |
Requirement | IP Transit/Access | IP Transit/Access | IP Transit/Access |
Features | |||
Protection Layer | Layer3-7 | Layer3-7 | Layer3-7 |
Max. Attack Bandwidth | 1 Tbps | 2 Tbps | 5 Tbps |
Scrubbing Capacity | 100 Gbps | 250 Gbps | 500 Gbps |
Scrubbing Center | 1 Region | 2 Regions | 3 Regions |
Protected Networks (/24 or /48 equivalents) |
4 | 10 | 20 |
Native IPv6 Support | ✔ | ✔ | ✔ |
Best Practice Filter | ✔ | ✔ | ✔ |
Attack Alerting | ✔ | ✔ | ✔ |
Dashboard & Portal | ✔ | ✔ | ✔ |
GRE Tunnel Support | 1 | 2 | |
Custom Filter | ✔ | ✔ | |
White- & Blacklists | ✔ | ✔ | |
FlowSpec Routes | ⦿ paid option | ⦿ paid option | ⦿ paid option |
Portal (Full Write Access) *** | ⦿ paid option | ✔ | |
Pulling of Traffic | ✔ | ||
Enterprise Reports | ✔ | ||
Support | |||
Service Level | Standard | Premium | Premium |
Explanation for Enterprise reports
Reports in the "Plus" tier only including UI-based reporting functionality and e-mail notifications about attacks but no comprehensive PDF reports. The "Premium" tier includes the "Plus" reporting features plus comprehensive PDFs.
In addition, Enterprise reports will include traffic captures for further forensics and attack pattern as well as trafic intelligence based on the Inter.link portal. Currently, due to technical limitations and only for a limited period of time, traffic captures are available in "Premium".