Servercore Protection

Servercore Protection is enabled by default for the following products:

• Dedicated servers;
• Cloud servers;
• Managed Kubernetes;
• Managed Databases.

DDoS mitigation

Types of attacks mitigated by Servercore Protection

Protection is provided at the network and transport (L3, L4) layers and protects services against the following attack types:

• UDP-based reflection attacks (DNS, NTP, memcache, etc.);
• attacks using fragmented IP traffic;
• TCP SYN/RST/PSH flood;
• various types of UDP flood;
• various types of ICMP flood.

Types of attacks not mitigated by Servercore Protection

Servercore Protection does not protect against application-layer (L7) DDoS attacks, as well as attacks that require the analysis of traffic in both directions for detection:

• attacks with valid TCP connections;
• attacks with valid HTTP and HTTPS requests;
• attacks on bottlenecks or vulnerabilities of the attacked service.

How it works

Servercore Protection is automatically enabled for all IP addresses in the Servercore autonomous system. Customer IP addresses that are routed through the Servercore network are also protected.

Servercore Protection analyzes incoming traffic only, without restrictions.

Filters that block unwanted traffic are dynamically configured on border routers based on the type of detected attack. If the level of specific traffic exceeds a set threshold, the filter restricts its transmission across the network. The traffic is not blocked entirely; only the portion related to the DDoS attack is dropped.

Pricing

Servercore Protection is provided free of charge.

Limitations

If an attack has a long-term negative impact on the network infrastructure, incoming traffic may be blocked using Remote Triggered Black Hole (RTBH).

If a decision is made to block, we create a ticket and send it to you. To unblock, reply to the ticket. The block is automatically removed after eight hours.