Option One: Cloud Service Through DNS Redirection

When you’re hit by a DDoS attack, it’s easy to redirect your traffic through the SiteProtect cloud. This is done most frequently via a quick DNS change.

  • The simplest way to reroute traffic
  • No special requirements
  • Best for protecting a smaller number of hosts and websites that come under attack

How It Works

When you’re under attack or anticipate one:

  • Switch the DNS records for any threatened hosts to your Neustar provided IP addresses
  • Your traffic flows through the SiteProtect cloud, where bad traffic is filtered by the Neustar Security Operations Center (NSOC) senior-level DDoS mitigation professionals; good traffic proceeds to your infrastructure
  • Once the attack subsides, just switch your DNS records back to your original IPs

Bottom Line:

DNS Redirection is quick, easy and effective with customized mitigation and support from our frontline experts. And you’re back up and running in no time. 


Option Two: Cloud Service Through BGP Redirection

If your infrastructure is more complex, Border Gateway Protocol (BGP) Redirect can be a smart way to channel traffic through the SiteProtect cloud.

  • We will only scrub traffic on the inbound route, with outbound traffic generated by the client’s network going back to the Internet via a normal routing decision
  • For affected /24 prefixes, you’ll withdraw BGP announcements from your routers
  • From the SiteProtect network, our Security Operations Center will initiate BGP announcements for the affected prefixes

How It Works

For affected /24 prefixes, you’ll withdraw BGP announcements from your routers.

From the SiteProtect network, our Security Operations Center will initiate BGP announcements for the affected prefixes.

Bottom Line:

Within minutes, SiteProtect will start to absorb the attack. Security Operations will oversee mitigation. Our network will send clean traffic to your infrastructure via GRE tunnels.

Want to learn about Hybrid DDoS Protection? Learn More