Anti-DDoS and Anti Spoofing
All incoming network traffic in the Data Center is inspected in real time, to mitigate attacks with known signature, the best known types being DDoS and Spoofing. The first type of attack is aimed at bringing down client systems by massively forwarding traffic to the destination network. The second type of attack is a cloning technique that aims to trick the network into pretending to be a valid and reliable source of information through IP address masking.
Mitigation for attacks is done through an expert solution, where several components work together in the collection, analysis, detection and mitigation of traffic. Any traffic anomalies trigger automated actions: Route the destination network to Black Hole or Clean Pipe:
- Black Hole: Masked destination network, where all traffic is dropped without informing the source that the data did not reach the destination, which is the standard treatment for all clients.
- Clean Pipe: Destination network directed to alternative and secure telecommunications channel, filters the valid part of the traffic (no attack signature) and routes to the data links of Matrix customers, allowing connectivity services to remain available.
All clients contracting the internet access band make use of mitigation systems, according to standard Data Center policies. If the customer wants a specific policy, this will be subject to additional contracting, according to the Commercial Proposal.