Cloud Security relates to a broad array of control-based technologies and strategies used to protect information, data, applications, and infrastructure in the cloud. Flashbox has developed a singular web application delivery and security protection platform underpinned by AWS’s global infrastructure for our Cloud Protection solution. Our customers are able to rapidly deploy a service that includes proxy servers, content acceleration (CDN), DNS, WAF, load balancing, and DDoS protection.
Furthermore, when your site is hit by a DDoS attack, our Cloud Protection service redirects traffic in either one of two ways: DNS redirect (for application layer protection) and BGP redirect (for network/transport layer protection).
We switch the DNS A records for any host that is under DDoS attack, re-directing them through our mitigation cloud service where we can clean the traffic, block bad traffic and allow legitimate traffic to still get through to your site, maintaining availability and preventing downtime. Once the DDoS attack is over, we simply switch your DNS A records back to your customized IPs.
BGP can also be used to redirect traffic during a DDoS attack, sending a site’s traffic to our scrubbing centers to filter out the bad traffic and let through the real stuff. Our capability for high-capacity packet processing is also utilized in BGP re-directs to mitigate the most sophisticated and largest DDoS attacks in real time. If you have a complex Internet infrastructure with numerous hosts and IPs that need robust defense, you may need BGP routing.
Through strategic partnerships, Flashbox provides managed cloud-based protection against transport and network layer DDoS attacks with BGP peering/GRE tunnels/direct connects at POPs around the globe with our total capacity exceeding 5TBP.
Certain types of business, such as financial institutions and service providers, typically need to have their appliances on-premises for a range of reasons, such as compliance requirements or perhaps because they want to manage the appliances themselves. Appliances come in a range of form factors and pricing; and can be licensed with mitigation capabilities ranging from 500MBP to 40GBP.
On-premises solutions offer automated DDoS defense and mitigation from all kinds of DDoS threat, from fast-moving high volume floods to very short duration threats, including IoT-based attacks like Mirai or Specter, to attack techniques related to Permanent Denial of Service (PDoS) or Ransom Denial-of-Service (RDoS). On-premises protection typically offers an added level of granularity to the analytics process, which is required for defeating certain kinds of multi-layer attack in particular. It also offers real-time, zero latency/delay mitigation through a layer of human intervention that cloud-based DDoS scrubbing doesn’t usually provide.
Flashbox can help you design, plan and procure these solutions from the industry’s top vendors, such as Arbor, Radware and F5. Our team of DDoS experts will also properly configure these devices for optimal performance and effectiveness in protecting your organization against DDoS attacks.
For clients that require on-premises appliances for compliance reasons and/or have stricter security requirements, but would still like to leverage a high capacity, global infrastructure specifically designed for protection against volumetric attacks, Flashbox can deliver a hybrid deployment. We will help you design, plan and procure a hybrid solution with on-premises appliances and the most up-to-date cloud-based protection from best-of-breed vendors, such as Arbor, Radware, F5 and others.
Attacks today frequently blend attack vectors that are run simultaneously in order to discern – and exploit - the vulnerabilities in your infrastructure, whether that’s your network bandwidth or your applications security. Different types of attack are best handled using different methods. Through deploying a hybrid approach, you can protect your business against all kinds of attack without leaving your data or applications vulnerable to downtime, data breach or other kinds of attack. Hybrid mitigation offers comprehensive protection for the application, the data center and your network infrastructure.
If you’ve already invested in appliances from the best-of-breed vendors in DDoS, and web application protection, but you want to focus your team on your core business, we can become an extension of your security team to help manage those same appliances. Our team of experts will not only make sure that your appliances are properly configured for optimal performance; we will also monitor your devices and network 365/24/7 both on-premises and in the cloud.
Flashbox’s managed services offer several benefits across the lifespan of an attack:
- Before an Attack Strikes: We can provide highly knowledgeable implementation and provisioning to prepare your business for when a DDoS attack strikes, making your response quicker and more effective.
- During a DDoS Attack: Our team of experts will detect an attack and monitor your preferred DDoS solution to ensure mitigation is running as planned, helping put a stop to DDoS attacks before they impact your business.
- Following an Attack: We will carefully analyze what happened and how it occurred, working with you to make strategy decisions to understand and prepare for the successful mitigation of future such attacks.
- Regular Maintenance: We not only set up your appliances for proper configuration, but we also offer general management of your on-premise appliance ensuring it is up to date, running as planned and is armed with the latest threat intelligence services.