The system we employ in Romania is more complicated than the one employed in our other PoPs. This article will give an overview of the technologies and methods used to achieve cost effective DDoS mitigation in our first European location.
Layers
Level 1
First all traffic is filtered by Voxility SRL before being routed to our network. This mitigates non diverse attacks as well as large UDP Amplification floods. This is not capable for handling every possible attack and is primarily deployed for amplification filtering. We have 500Gbit of filtering capability at this level for handling the largest of attacks. Rules at this level are not overly granular so we employ another level of automated filtering for most incidents.
Level 2
This layer provides our general 10Gbps protection and we use the best hardware filters on the market ( Riorey ) to achieve this. We have a burstable filtering capability of up to 80Gbps at this level.
Level 3
For HTTP requests on port 80 we utilize a cluster of Nginx servers to mitigate Layer 7 attacks such as RUDY, Slowloris etc.
