How we mitigate the risk of a DDoS in France uses a multi-layer approach to defend against DDoS attacks.


Our Traffic Monitoring System

Our gold standard Arbor Peakflow SP traffic monitoring system analyses all incoming traffic to our network, and is configured to detect DDoS attacks within seconds.

Depending on type and size of the detected attack, several mitigation measures are applied:

Traffic management

The core of our defence consists of scrubbing centers. These are distributed across all of our data centers so that attacks can be off-ramped.

This means all good data packets can be forwarded to their appropriate destination while bad packets are dropped.

These scrubbing centers are tuned to detect different attack types, and to keep false positive and false negative rates as low as possible.

We are using appliances from multiple vendors, including RioRey.


Threat Reduction

In the event of larger attacks, we use filters and rate-limiters at our network border to reduce or even block an attack. These filters and rate-limiters are centrally initiated and managed, and then applied automatically to all of our border routers.

Pre-emptive traffic block

The next layer are so-called "Remotely Triggered BlackHoles" where we can advise our upstream providers to drop traffic matching certain patterns to keep our network clean.

This means, attack traffic doesn't even reach our border routers. We only use upstream providers offering such a service.