Neustar SiteProtect On-Demand

Cloud Service through BGP Redirection


If your infrastructure is more complex, Border Gateway Protocol (BGP) Redirect can be a smart way to channel traffic through the Neustar SiteProtect® cloud.

  • For more complex infrastructures
  • Best for protecting a larger number of hosts and IPs
  • Requires you to have at least a /24 prefix (Class C subnet), plus capability for BGP and GRE tunnels

How It Works

When you’re hit with a DDoS attack, we’ll work closely with you to redirect traffic. We will only scrub traffic on the inbound route, with outbound traffic generated by the client’s network going back to the Internet via a normal routing decision.

For affected /24 prefixes, you’ll withdraw BGP announcements from your routers.

From the SiteProtect network, our Security Operations Center will initiate BGP announcements for the affected prefixes.

Within minutes, SiteProtect will start to absorb the attack. Security Operations will oversee mitigation. Our network will send clean traffic to your infrastructure via GRE tunnels.

BGP Redirection Diagram

Neustar has you covered with the people, processes and technology to protect not just your website but your entire network from attacks.

Download PDF