GWx: DDoS Mitigation

Minimize the impact of DDoS attacks.

The attack load is distributed to several GWx systems, similar to how it behaves with side arms of a river. The more systems you use, the greater the compensated attack bandwidth can be. Properties of the dynamic GWx concept:

  • 1st Layer w/ multiple IP addresses in 10+ EU countries
  • 2nd Layer w/ hidden IP addresses
  • Protection of hidden backend servers
  • Selection of powerful systems w/ high bandwidth
  • n * GWx = attack load / n
  • Logging of security-related events and incident response
  • Specifically hardened perimeter gateways
  • Restrictive stateful firewall ruleset
  • Including monitoring infrastructure (Syslog/NetFlow)
    •