When configuring a proxy with TCP/UDP Generic Services, what kind of DDoS protection is given to this proxy?
- Can it be protected against
- Volume-based attacks?
- Protocol-based attacks?
- Application Layer attacks?
- Silverline DDoS
Silverline TCP/UDP Generic services are protected against Layer 3 - 4 attacks, which include volumetric and protocol-based attacks.
- Volume-based attacks - Includes UDP floods, amplification and reflection vectors, ICMP floods and other spoofed-packet floods. The main goal of these type of attacks is to saturate the bandwidth available on the target site. Usually these attacks are measured in bits per second (bps)
- Protocol-based attacks - includes SYN floods, IP fragments, ACK floods, Slowloris, and more. The main goal of these type of attacks is to exhaust the server resources. Usually these attacks are measured in packets per second (pps).
Application-based attacks on Silverline TCP Generic proxies can't be mitigated due to the lack of visibility on the incoming requests, especially for encrypted traffic.In order for Silverline to analyze and mitigate an application-based attack, it is necessary to be able to decrypt traffic in order to create a signature to match the malicious requests.
For these types of attacks, however, Silverline can offer a rate-limiting countermeasure which does not differentiate between legitimate and malicious traffic.