Mitigation
Mitigation refers to the methods and techniques put in place by OVH to contain and reduce the negative impacts of DDoS attacks on an infrastructure or service. To do this, we provide VAC technology, which relies on a unique combination of techniques that perform three tasks.
Analysis
An attack is detected using real-time analysis of the netflow sent by the routers, which analyse 1/2000 of the traffic that goes through them. The VAC analyses the reports, and compares them to the characteristics of DDoS attacks. If a similarity is detected, mitigation is then triggered automatically.
The analysis of characteristics is measured by packets per second, or in bytes over several protocols, including:
- DNS
- ICMP
- IP fragmentation, Null and Private
- TCP Null, RST, SYN, ACK
- UDP
Vacuuming
Vacuuming is one of the main features that makes the OVH anti-DDoS solution stand out. Channelling a DDoS attack requires a high capacity to bear the load. With its 15 Tbit/s network, OVH infrastructures can absorb a very high volume of traffic during DDoS attacks. Another specific feature of the OVH VAC is the fact that it is replicated in 10 datacentres across three continents. The VAC is activated simultaneously in all of these datacentres, so that all regions can combine their power and absorb the traffic. They have a combined capacity of more than 4 Tbit/s.
Mitigation
Mitigation refers to the methods and techniques put in place in order to reduce the negative effects on a server or service targeted by a DDoS attack. Mitigation consists of filtering traffic, so that only legitimate traffic reaches the server.
The VAC, a technology designed by OVH, carries out several filtering tasks which each have their own specific purpose. The VAC diverts the traffic to analyse it, and only lets legitimate traffic reach the server.
