Introducing UltraAPI: Bash bots and secure APIs.

Learn More
Search
Close this search box.
SUPPORT
Under Attack
Speak to Sales
Vercara >
Resources >
Blog >
UltraDDoS Protect — 5 Years of Continuous Improvement

BLOG

UltraDDoS Protect — 5 Years of Continuous Improvement

What constitutes advancement or engineering investment in a cloud-based DDoS mitigation platform?  Is it simply more capacity? Does it boil down to adding more locations? Integration of Artificial Intelligence and Machine Learning for purposes beyond just jumping on a popular trend? There is certainly operationalization of relevant threat intelligence. Enhanced visibility of traffic, detection thresholds, attack characteristics, and mitigation methods. Easy exportation of said data to Security Information Event Management (SIEM), Threat Intelligence Platform (TIP), and more. Isolating the DDoS mitigation and application security platform from other performance-dependent services like CDN or DNS resolution. Offering increasingly flexible deployment models for protection of both customer network resources and cloud-based assets and providing more scalable methods for the return of clean traffic. 

Yes, all of these areas of improvement can demonstrate continued engineering investment and improvement of a cloud-based DDoS mitigation platform. Some improvements have much greater impact than others; and some measures mean more than others to customers who have widely varied requirements, priorities, and risk profiles. UltraDDoS Protect was launched in 2011 though Vercara has been mitigating DDoS attacks far longer. Over the past 5 years, Vercara has expanded, invested, and differentiated the UltraDDoS Protect platform in many diverse and important ways. Let’s take a close look at some of the ways Vercara’s DDoS mitigation service has evolved and improved.

Quantity and quality of connectivity.

Over the past 5 years, Vercara’s UltraDDoS Protect has expanded from 10Tbps to 15Tbps—a 50% increase in capacity. With the largest publicly acknowledged DDoS attack at 3.4Tbps, the capacity to mitigate multiple multiterabit attacks simultaneously is crucial to ensuring platform availability and customer protection.

 UltraDDoS Protect is a dedicated platform for DDoS mitigation and application security. Our DDoS mitigation service isolates the purposely redirected attack traffic from other performance-dependent services like CDN, managed DNS services, or other hosting. This allows for very aggressive Service Level Agreements (SLAs), no fate-sharing with those other services, and no attack mitigation decisions contingent on impact to other services.

Vercara leverages a mix of tier 1 service providers and tier 2 service providers facilitating quality of connectivity for DDoS and malicious traffic ingest as well as low latency to customer eyeball networks. Some providers are specific to certain regions where they are very well-peered, and some providers are consistent across the UltraDDoS Protect footprint of 15 points of presence (PoPs) for predictable performance and routing behavior. Isolation of DDoS and application security traffic from other performance-dependent services, anycast routing, selection of high-quality bandwidth providers, and diversity of tier 1 providers in every node provide protection from blackholing of customer traffic. It also eliminates the concern of impact to adjacent customers that would be present in single carrier solutions. Vercara has improved both the mix of providers and the consistency of common providers across all nodes. 

Flexibility of access and peering.

Vercara application security PoPs have been moving to a consistent footprint in extremely well-peered, high connectivity 3rd party colocations globally. This has improved access to low latency peering as well as enabling more direct cross-connect opportunities for higher bandwidth customers. Virtual Private LAN Service (VPLS) options for return of clean traffic have grown substantially to >600 pre-lit facilities for customers whose bandwidth requirements or preferences vs. Generic Route Encapsulation (GRE) dictate more flexibility for connectivity and clean traffic return. This expansion of flexibility options includes standardization of Border Gateway Protocol (BGP) diversity, route automation, and mitigation triggering capabilities. The idea is to wrap the solution around the customer’s current cloud and on-premise architectures instead of forcing the customer to upload content or change configurations to leverage the solution. Options and flexibility are key guiding principles.

Meaningful application of Machine Learning and threat intelligence.

More traditional protocol-specific countermeasures, rate-based thresholding, or filtering using regular expressions continue to be effective as tools within robust purpose-built, high capacity, cloud-based DDoS mitigation platforms such as UltraDDoS Protect. However, Machine Learning-assisted threat intelligence based on visibility into DDoS attack sources, source frequency, and source persistence are increasingly important enhancements Vercara is leveraging to help combat emerging threats (encrypted attacks, carpet bombs, DNS water torture, heavy automated network scanning, other low level application layer DDoS attacks, etc.) in the current DDoS threat landscape of stealth and evasion.  ML-enabled threat intel-based mitigation methodology is highly complementary to current Vercara mitigation methods and indispensable as a means of detection moving forward.  Vercara will continue to integrate more threat intelligence and ML-assisted detection and mitigation methodologies as part of the continuous improvement of UltraDDoS Protect.

Visibility and accessibility of data.

A lot of focus has been placed on traffic and mitigation detail visibility for the portal. UltraDDoS Protect has transitioned to a GraphQL-based API across both DDoS mitigation and application security solutions. This transition is designed to enable easier programmatic extraction of data by customers into other systems such as SIEMs and TIPs. More granular mitigation details have been exposed including dropped traffic by countermeasure and blocked IP addresses by countermeasure. Detection thresholds can be viewed by protocol and abuse type. Protected network prefixes and assets can be easily reviewed in the portal. Individualized customer mitigation process and escalation lists can be reviewed as part of the customer runbook. BGP (Border Gateway Protocol) and GRE (Generic Routing Encapsulation) up/down status can be verified via the portal now. Executive Reporting has been developed to provide high level, value-based visibility for non-operational stakeholders in the customer organization to better aggregate data that demonstrates the benefits provided and downtime avoided through use of UltraDDoS Protect. Executive Reports are available as both recurring deliverables and ad hoc reports.

Flexible Protection of Customer Assets Where They Are – Hybrid Defense.

As customers continue to migrate assets to the cloud and customer environments are increasingly split between their own datacenters and cloud-based environments, Vercara has emphasized flexible and always-on protection for these hybrid customer deployments. Proxy-based DDoS protection leveraged through DNS changes are not restricted to http/s but include all protocols. Proxy protocol is supported in addition to X-Forwarded-For (XFF) header to preserve original source IP addresses for use with many applications. Vercara supports portal-based uploading of SSL certificates and alerting of expiration. Proxy-based traffic can also leverage on demand or always on IP or geographic-based blocking in addition to DDoS mitigation.

Continuous improvement.

Vercara has demonstrated a commitment to continually improve its DDoS mitigation platform, UltraDDoS Protect over the last 5 years. High capacity per PoP; network isolation from other performance-dependent services; heavy leveraging of ML-assisted threat intelligence for faster, better mitigations; traffic/mitigation/detection threshold visibility; many flexible automation options; and development of executive as well as API-based reporting have all made UltraDDoS Protect a robust, dependable platform offering the capabilities our customers have demanded; and we aren’t done yet!

To learn more about UltraDDoS Protect and how it can protect your organization, please visit our product page.

Last Updated: May 8, 2024

Related posts.

April 11, 2024

What Is Hacktivism and How It Damages Organizations 

In the evolving landscape of cybersecurity, one threat that continues to loom large is Distributed Denial of Service (DDoS) attacks....

View Full Article
February 8, 2024

2023 DDoS Statistics and Trends

In the world of cyber security, data is an incredibly powerful tool. The right data can help you detect attacks,...

View Full Article
February 7, 2024

The Growing Threat of DDoS Attacks on Major Sporting Events

No matter where you live in the world, our love of sports is something that ties us all together. Cricket,...

View Full Article
View all content.
Logo Vercara
Securing the online experience.

Cloud infrastructure and cybersecurity services for DNS, DDoS and web applications.

Follow Vercara
Facebook-f Linkedin-in Twitter
Vercara
2201 Cooperative Way
Suite 350 Herndon, VA 20171

Cybersecurity Insights

Directly to your inbox once a month.

Solutions

Industries

General

© 2024 Vercara, LLC
  • Solutions Overview
  • Why Vercara
  • Plans
  • Partners
  • Resources
  • Company
View Vercara Plans
Vercara: A Leader in Securing Online Experiences
Get the Solution Sheet
Webinar: WAAP is Here to Stay: Combining API Protection and Cloud Application Security
Register
Weekly Updates on the Cyber Threat Landscape
View the Report
Cybersecurity Insights That Are Ahead of the Curve
View the White Paper