DDoS Protection

Advanced Feature for Network Security Improvement
Sep 14, 2022

Advanced Feature for Network Security Improvement

Taipei, Taiwan, Sep 14, 2022—The perception of DDoS cyberattacks has gradually changed over time. DDoS cyberattacks were once thought of as small annoyances committed by inexperienced hackers for fun, and they were quite simple to prevent. Sadly, such circumstances are no longer present. At present, DDoS cyberattacks are becoming sophisticated activities that are not only affecting huge businesses but also small businesses. DDoS Attack, also known as a "Distributed Denial-of-Service (DDoS) Attack", is a type of cybercrime where the perpetrator overwhelms a server with internet traffic to prohibit people from accessing liked websites and online services. This attack typically operates by flooding a system with data requests. This can include flooding a database with queries or sending a web server so many requests to display a page that it fails under the load. As a result, the amount of CPU, RAM, and internet bandwidth available is exceeded.

An abrupt slowdown or unavailability of a website or service is the most evident sign of DDoS cyberattacks. The effects might be as trivial as services being disrupted to having whole websites, programs, or even entire businesses shut down. Once it reaches the point where the business can't run properly, it might be difficult to recover from the damage. With all things being considered, all enterprises must set themselves up to defend against DDoS assaults. Hackers target enterprises' networks to obtain access to databases and steal consumer data to user for their advantage. Other hackers blackmail enterprises after breaching their networks by demanding a ransom to undo the damage. The primary motivation of hackers appears to be the pursuit of high-value personal gains that will enable them to live better lives at the expense of others. However, enterprises may ensure successful security by using proper devices equipped with DDoS protection for building their network.

DDoS protection is meant to shield your network from unpredictable cyberattacks which are threatening the harmony of your network. By having DDoS protection, the device will be able to detect the abnormality resulting from the attack and then proceed to block the connection, so your network can function normally again. Taking into consideration the importance of DDoS protection in a device, Intrising proudly announces that our device is equipped with DDoS protection now. In our DDoS protection, we have included our crucial elements. The first is a Firewall with the function of controlling access to a network or system. The second is Intrusion Detection System (IDS) with the main goal is to keeping an eye out for harmful conduct and reporting it. The third is Intrusion Prevention System (IPS), a security tool that keeps an eye out for harmful activity on a network or system and tries to stop it. Fourth is Deep Packet Inspection (DPI) which identifies the protocol and the functions associated with a data packet by looking at the data packet's contents, from the packet header through the payload. With this protection, we are committed to preserving your network security so your business can keep on striving without any concern in mind.

To give you more detailed information regarding our DDoS protection, here are the four core elements and what each of them supports.

Port Security

  • Support limitation and identification of MAC addresses
  • Support sticky learning to convert MAC addresses
  • Support violation mode (restrict/shutdown)
  • Support Port Security limit rate
  • Support aging time

DHCP Snooping

  • Support untrusted DHCP messages filter
  • Support DHCP snooping binding table
  • Support DHCP snooping for a single VLAN and a range of VLANs
  • Support DHCP snooping Trusted/Untrusted per interface
  • Support DHCP snooping database statistics

IP Source Guard

  • Support source IP and MAC Address filter
  • Support IP source binding VLAN interface
  • Support IP verify source interface
  • Support DHCP Binding
  • Support Static Binding
  • Dynamic ARP Inspection
  • Support DAI per Physical Port Interface
  • Support DAI per VLAN
  • Support DAI Trusted/Untrusted per interface
  • Support DAI statistics
  • Support DAI logging & notification
  • Support DAI actions such as intercept, ARP rate limit, and discard
  • Support DHCP snooping binding
  • Support Static Binding through ACL
  • Support DAI Rate Limiting of ARP Packets
    • The rate for an untrusted interface is set to 15 packets per second, whereas trusted interfaces have no limit

Since the DDoS attack comes in numerous forms, DDoS protection must be able to defend against as many forms of attack as possible. This is what makes our DDoS protection prominent because it can handle more than 20 attacks on your network security. We are aware that not all attacks are created equal and that some may combine several distinct types. The attacks used by cybercriminals are continuously evolving, and "blended attacks," which are more dangerous and sophisticated, are on the rise. A variety of conventional and novel forms of attacks are recognized and countered by DDoS Protection.

The following are the types of DDoS attacks that can be defended by our DDoS Protection.

  • Volumetric DDoS Attacks: are made to flood internal networks with a large amount of malicious traffic, including centralized DDoS mitigation scrubbing capabilities. These DDoS assaults try to use up all available bandwidth, either inside the target network or service or between it and the rest of the Internet. Typical volumetric attacks might be: ICMP Flood, IP/ICMP Fragmentation, and UDP Flood.

  • TCP Flood DDoS Attacks: TCP Fragment floods and TCP Flag Abuse Floods are two types of TCP Flood DDoS attacks. Due to the expenditure involved in reconstructing the datagrams, TCP fragment floods are a type of DDoS attack that tries to overload the target's processing of TCP messages. These floods frequently use up a lot of bandwidth. URG, ACK, PSH, RST, SYN, and FIN floods are stateless streams of protocol 6 (TCP) packets that contain unusual message pairings or out-of-state requests. These floods can take many various forms by altering the control bits in the TCP header. TCP flags are bits in a TCP protocol header that define the connection state and guide how to treat a packet.

  • Protocol Attacks: SYN flood, fragmented packet assaults, Ping of Death, Smurf attack, and others are among the attacks. Attacks of this sort use server resources directly or through intermediary communication devices like load balancers and firewalls and their consumption is measured in packets per second (Pps).