Physivert has established peering connections with multiple core Internet Service Providers to provide multi-gigabit attack protection. Each peer is closely monitored and continously evaluated in order to deliver the fastest response time to customer's evaluated in order to deliver the fastest response time to customer's critical andlatency-sensitive applications.
At Physivert border, traffic is filtered for bandwidth flood using wire-speed Access Control Lists. Physivert also keeps tracking lists of bogon IPs and infected hosts which are also filtered at this layer.
Deep Packet Inspection
At this level, protocol state such as TCP three-way handshake is verified. SYN ddos flood and other similar ddos attack attempts that do not conform to protocol standard are also filtered out.
To mitigate spoofed attacks, Physivert uses challenge-response algorithms like TCP SYN cookie and TCP SYN Authentication to distinguish between spoofed and legi timate traffic.
Adaptive Filtering
Physivert enforces both Statistical Analysis and Anomaly Recognition filtering for zero day attacks. Using tatistical Analysis, unusual number of packets or high traffic rate from zombie clients can be identified and filtered.
Using Anomaly recognition, auto-learning of normal baselines for protocol and source networks flows can be used to identify and filter malicious activities.
Flexible-Content Filtering
Physivert prevent DDoS Mitigation system continously monitors application traffic for unusual pattern and behavior. Using its propretary pattern recognition and analysis system, Physivert deters morphing HTTP flood attacks by adapting flexible-content filters to counter evasive intents rapidly.
Application Level Filtering
Physivert deep packet inspection engine provides comprehensive application-layer intelligence, allowing Physivert to understand what applications are running on the client's network to efficiently select and deter application traffic violations.
With increasing number of attacks from larger-sized clients (or zombies) using valid established connections to overwhelm the system resources, Physivert anti-zombie system mitigates such HTTP attacks by using a challenge response authentication process to differentiate between legitimate browsers and zombie programs that access the attacked site.
To further mitigate application specific level attacks - HTTP attacks, Physivert can enforce intelligent HTTP Malformed filtering to ensure the validity of HTTP transactions, and limit the number of connections or request to specific objects.
Rate-Limiting
Rate-limiting will be applied to further limit exploitation of system and bandwidth resources against baseline statistic.
