In this article, you will learn,

• how the anti-DDoS service included in the Open Telekom Cloud works.
• what methods are used in the fight against DDoS attacks.
• how to activate and configure anti-DDoS
• the advantages of Cloud Eye (CES) - the free-of-charge, high-performance monitoring service

There’s no doubt that cyber criminality has now reached unprecedented levels. Hackers today have a vast arsenal of criminal techniques at their disposal, making companies of all sizes a target. So-called Distributed Denial of Service attacks (DDoS), where hackers try to overwhelm servers to put them out of service, are particularly dreaded. During the widespread DDoS attacks, servers are brought to their knees by countless requests within a short space of time from various IP addresses.

Despite the common misconception, cloud platforms are actually well protected when it comes to cyber security. Why? Because they are backed by the necessary experience and resources to successfully repel a cyber-attack. Open Telekom Cloud already includes anti-DDoS features, making it more than capable of handling an attack!

Open Telekom Cloud offers multi-layered protection from attacks by cybercriminals:

1. The hackers’ first obstacle lies within Telekom’s data centre itself. Integrated defence mechanisms raise the alarm during mass attacks and initiate targeted countermeasures.
2. The user can configure Open Telekom Cloud’s second anti-DDoS measure themselves to meet their individual needs

The best thing about Open Telekom Cloud’s extensive anti-DDoS measures is they are all included in our package and therefore completely free-of-charge for all users. Our customers can enjoy a service that up to now no other Infrastructure-as-a-Service provider offers!

If a customer’s service is a victim of a DDoS attack, Open Telekom Cloud’s anti-DDoS service springs into action. Our service does the following:

• identifies the DDoS attack within three seconds.
• informs you as soon as an attack is identified (by SMS or email).
• ensures the server remains online without needing further resources.
• allows you to configure individual defence parameters for attacks under 2 gigabits/second.
• filters out unwanted traffic.
• allows you to use third-party solutions for DDoS attacks over 2 gigabits/second. These function as a ‘black hole’ and help you get rid of unwanted traffic quickly and easily.
• provides detailed reports about the attacks so you can understand them in detail.

Open Telekom Cloud’s anti-DDoS service works automatically as soon as you have activated anti-DDoS defences for an IP address. It is simple to set up:

1. Log on to the console.
2. Select ‘Security’ > ‘Anti-DDoS’. You can administer the anti-DDoS service in this window.
3. Click on ‘Anti-DDoS’, then ‘Instance List’ and choose the IP address for which you want to activate the anti-DDoS service.
4. Under ‘Enable Defense’, you can now configure your chosen parameters. For example, if traffic increases above a certain threshold, appropriate defence mechanisms are automatically deployed.

Further information and step-by-step instructions for the anti-DDoS service can be found here.

When using Open Telekom Cloud, Cloud Eye (CES), the free-of-charge monitoring service, provides you with a supplementary alarm system. Find specific patterns from targeted evaluations of past attacks so you can define rules that match them. Cloud Eye (CES) is the high-performance monitoring service and is the second most important weapon in a successful fight against DDoS attacks. The Cloud Eye monitoring services are activated as a standard and do not need to be implemented manually. Further information about Cloud Eye can be found here.