MarketplaceCommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorMarketplaceSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesMarketplaceCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorMarketplaceSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250

Anti-Distributed Denial-of-Service (Anti-DDoS)

Many publicly accessible corporate websites are subject to hacker attacks. A common scenario is when a website is overloaded by a flood of requests from different IP addresses within a short period of time. This is what is known as a distributed denial-of-service attack (DDoS). The sheer amount of requests brings the website to its knees, rendering the service unavailable. For owners, this is a highly unpleasant scenario.

Website hosts can protect themselves from these kind of attacks with a software-based security feature: Anti-DDoS automatically detects DDoS attacks by checking incoming requests for malicious intent. In the event of an attack, it redirects spurious requests and ensures that the service remains online without sapping any additonal resources.

An open laptop in a dark server room

The Anti-DDoS service protects elastic IP addresses (EIPs) against DDoS attacks at the network and application levels, immediately sending an alert when an attack is detected. In addition, Anti-DDoS optimizes bandwidth use and ensures a stable operation of users' services.

Anti-DDoS monitors service traffic from the web to the EIPs in order to detect attacks traffic in real time. It then purges the attack traffic according to previously defined defense policies by the user, so that services return to normal. The service also generates monitoring reports that provide users with a clear assessment of their network security.


Reasons for Anti-DDoS in the Open Telekom Cloud

Blue shield in front of gray server icon.

Highest Security

Anti-DDoS is a free add-on component that complements the range of hardware security functions in Deutsche Telekom's data centers. The Open Telekom Cloud's comprehensive and platform-wide runtime monitoring ensures that DDoS attacks are automatically detected and defended against.

Green padlock in front of documents.

Effective Protection

Using the Anti-DDoS service, users can define threshold values which can be used e.g. to specifically defend against challenge collapsar (CC) attacks. The Open Telekom Cloud provides reports with detailed information on the attacks, so that users have access to a comprehensive overview at any time.

Merged blue server elements.

Seamless Integration

Your compatible resources are automatically armed with Anti-DDoS and therefore protected against the most common network and transport layer DDoS attacks.


Key features of Anti-DDoS

Grafic shows Anti-DDoS key feature: DDoS attack protection without customer service disruptions.

DDoS attack protection without customer service disruptions

The Anti-DDoS service protects against attacks on the third (network), fourth (transport) and seventh (application) layer.

Third and fourth layer DDoS attacks are a type of volumetric DDoS attack and rely on extremely high volumes of data (floods) to slow down web server performance, consume bandwidth, and ultimately hinder access for legitimate users. Including attacks such as synchronized (SYN) floods, these are the most common attack vectors used to overload the capacity of application servers, but are able to be detected and redirected via signatures.

Seventh layer DDoS attacks aim to overload specific elements of an application server's infrastructure. These attacks are particularly complex, inconspicuous, and difficult to detect as they are similar in appearance to legitimate website traffic. With attacks like HTTP GET flood, attackers try to send a huge flood of requests to the server in order to overload its resources.

 
Shield icon on blue circle.

Network and transport layer attack protection

Server protection from attacks such as SYN floods, SYN-ACK floods, FIN floods, RST floods, UDP floods, ICMP floods, and state-exhaustion attacks.

Padlock on light blue circle.

Application layer threat prevention

Server protection from attacks such as HTTP GET/POST floods, CC attacks, or HTTP slow header/POST und HTTPS floods.

Laptop icon with graphs in a green circle.

View attack trends and traffic reports

Check traffic status and attack trends at any time from the management console.

 
Magnifying glass on a green circle.

IP reputation service

The included IP reputation service supports millions of IP addresses and monitors both inbound and outbound traffic. This allows requests from botnets to be quickly and easily detected and filtered. The Anti-DDoS service ensures that only unwanted traffic is filtered out for both UDP and TCP cleaning.

 
 

Protect Your Data

Websites are vulnerable to DDoS attacks, which can ultimately cause them to crash. However, Anti-DDoS can defend against multi-layer (4 through 7) attacks, helping to improve a customer's browsing experience. Additional use of the Web Application Firewall (WAF) can also avert attacks such as SQL Injection or Cross Site Scripting (XSS).

Advantages

  • Stable services: Protects against DDoS attacks at the transmission and application layer, ensuring website stability.
  • Reliable connections: Protects against reflection and amplification attacks, making connections highly reliable.
  • Completely free: With just one click you get complete protection.

Possible scenarios

Websites | Portals | E-Commerce

Anti-DDoS protects services such as ECS, RDS and OBS.
 
 

FAQ: Frequently Asked Questions

Which services does Anti-DDoS protect?

Anti-DDoS supports the elastic IP addresses used by elastic cloud servers, elastic load balancing instances, and bare metal servers in the Public Cloud.

How do I use Anti-DDoS?

Anti-DDoS protection is automatically enabled for the elastic IP addresses you purchased. If protection is not yet enabled for an IP address you own, you can activate it directly in the Anti-DDoS console. For a detailed guide, please follow the instructions in the Help Center.

Which types of attacks does Anti-DDoS protect me from?

Anti-DDoS helps users handle traffic attacks with ease. It can accurately detect connection exhaustion and attacks on slow connections and can help users defend against the following attacks:

  • Web server attacks
    e.g. SYN-Flood, HTTP-Flood, Challenge Collapsar (CC) and attacks on slow connections
  • Volumetric attacks
    e.g. User Datagram Protocol (UDP) flood, SYN flood, Transmission Control Protocol (TCP) and Fragment attacks
  • HTTPS server attacks
    e.g. SSL DoS and DDoS attacks
  • DNS server attacks
    e.g. attacks which target the vulnerabilities in the Domain Name Server (DNS) protocol stack, DNS reflection attacks, DNS flood attacks, and DNS cache miss attacks

A detailed overview of all functions can be found in the Help Center.

 
 

Find out more


Do you have any questions?

Are you interested in Anti-DDoS or do you have any questions regarding Anti-DDoS? I will be happy to answer your questions in a free consultation!

T-Systems International GmbH
Tino Fehnle

Photo of Tino Fehnle.
 
Your phone number seems to be incorrect. Please note it must contain at least four digits. Zeros at the beginning are not considered.
Your phone number seems to be incorrect. Please note that it must have a maximum of 26 characters.
Your phone number appears to be incorrect. Please note that only numbers from 0 to 9 can be used.

* required fields

 

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant Cloudia

Our AI-powered search helps with your cloud needs.