Canadian NOC Network
To guarantee high speed, high quality bandwidth and low latency time, the NOC has its own global fibre optic network. The network is managed using DWDM devices and is 100G coherent technology, offering redundant 10GB connections to each Webcore Labs servers and to the worldwide web. Routing infrastructure is essentially based on Cisco products. To guarantee the maximum redundancy and availability of our servers internet connections, all links are at least doubled at every routing point. Two Cisco routers (each with two network cards) make up the physical connection to each server. The fibre optic cables are at least doubled, and sometimes tripled.
All hosting services include protection against all types of DDoS attacks. Includes 160 Gbps anti-DDoS infrastructure and is thus capable of mitigating up to 160 Gbps attack, 24x7. Mitigation is completely automated to protect servers and services from attacks, with a mitigation solution based on VAC technology - an exclusive combination of techniques to:
- Analyze all packets at high speed in real time
- Vacuum the server's incoming traffic
- Mitigate i.e. singling out all the illegitimate IP packets, while allowing legitimate ones to pass through
To detect the attack, we use the netflow sent by the routers and analyzed by the Arbor Peakflow boxes. Each router sends a summary of 1/2000 of the traffic that is actually passing through it. The Arbor Peakflow boxes analyze this and compare it to the attack signatures. If the comparison is positive, mitigation is activated within seconds. Given that it is necessary for certain thresholds to be triggered, and that only 1/2000 of the actual traffic is analyzed, setting up the mitigation can take between 15 and 120 seconds.
The principle of DDoS attacks is overloading the services. Sometimes the provider's entire network is incapable of handling the load. Thanks to the 3 Tbps network, the infrastructure can absorb a huge quantity of traffic during attacks, which is far superior to the other services available.
Multipoint vacuuming: a real advantage
When the attack is on a global scale, the mitigation services, replicated in 3 datacenters on 2 continents, are simultaneously activated so as to group together their collective power and absorb the flow. The total capacity of mitigation is 480 Gbps (3 x 160 Gbps).
Block the attack, let legitimate traffic through.
Mitigation is a term employed to design the means and measures in place that reduce the negative effects of a DDoS attack. Mitigation consists of filtering illegitmate traffic and hoovering it up with the VAC, while letting legitmate packets pass.
The VAC consists of multiple devices, each with a specific function to block one or more types of attack (DDoS, Flood, etc.). Depending on the attack, one or more defense strategies may be put in place on each VAC device.
Components of the VAC