We have multiple locations for DDoS Mitigation, which allows clients to have lowest latency and prefences as well. Depending on the size and type of the attack, locations can be changed or combined to handle large or complex attacks.
DDoS Implementation is as Follows
Client will provide us domain name and IP address of their server (backend) along with SSL (if applicable).
Physivert will do a setup on their clusters and provide a Proxy IP (frontend) to the client.
Physivert will also provide a list of IPs or IP ranges to the client in order to white list them in the firewalls.
Client will change the record of the domain from there DNS (or blockdos DNS) to Physivert Proxy IP.
All the traffic will start coming to our protected proxies.
Attack traffic will be filtered at the router level or at proxy level (which ever applicable).
Proxy will then take the client request along with X-forwarded-for header to backend server and gives back client with the info requested.
Attack or Bad traffic will be discarded or the bad IP may be sent back to router to add in temporary block list.
It is recommended to block all the traffic at firewall and allow only certain IPs. Additional security will be provided if the backend IP address gets changed. Advance mitigation includes balancing the traffic between multiple IPs. Or restricting it for some specific countries only.
