Flood Shield

Distributed Cloud-based DDoS Mitigation Solution

Flood Shield is a comprehensive cloud-based DDoS protection service that delivers fast, simple, and effective DDoS protection to ensure the stability of your origin against distributed denial of service attacks (such as SYN Flood, ACK Flood, UDP Flood, HTTP Flood, etc.) in real-time. Simultaneously it also provides an acceleration service to legitimate users to optimize the overall customer experience. This solution functions as a shield to ensure the stability and reliability of online services and infrastructures.

Flood Shield is deployed on CDNetworks’ huge global infrastructure with data centers in the USA, Europe, Asia, and mainland China. With over 20 global DDoS scrubbing centers and 15Tbps of total capacity, it is designed to protect websites, web apps, and network infrastructures against even the most sophisticated and large-scale volumetric attacks.



Mitigation Capacity

20+ Global DDoS Scrubbing Center
15+ Tbps of Mitigation Capacity

DDoS Attack Mitigation

Layer 3/4 and Layer 7 DDoS mitigation, including SYN Flood, ACK Flood, ICMP Flood, UDP Flood, HTTP Flood, SlowLoris attack, etc.

Customized Policies

Customize access policies and rate limiting in advance to avoid attacks and abuse of resources.

Preset Protection

Three preset DDoS attack protection modes are available and easy to switch when responding to different types of attacks.

Alert and Monitoring

Comprehensive monitoring and alerting services to rapidly notify about any website abnormalities, including L3/4 and L7 DDoS attack alerting.

Multiple Protocols

HTTP/HTTPS and TCP/UDP protocols are supported to meet different business types.

Mitigation Visibility

Flood Shield provides visibility into all your DDoS attacks and cyber-attacks and threats with comprehensive and intuitive security dashboards. The dashboards display a summary of information about Layer 3/4 and Layer 7 attacks that have been detected by CDNetworks Flood Shield. The information data is automatically updated in near real-time when significant attacks happen which includes  DDoS attack bandwidth, attack IP list, attack map, attack types and count, etc. You can use the data to better understand attack trends and traffic patterns, and come up with the right strategies to quickly optimize your network security to combat threats in the future.
Mitigation Visibility
Flexible Pricing

Flexible Pricing

We provide flexible pricing models that are designed in accordance with your risk profile, allowing you to pay in the most effective way that suits your business’s needs. There are unlimited mitigation and elastic mitigation plans that you can choose based on your budget.

Cloaked Origin IP

We help increase your server security by completely hiding your origin server’s real IP address. As a result, the attackers are unable to identify your origin IP to directly attack your origin server. In addition, we also provide you with our global PoPs’ IP to add to the whitelist to block any unnecessary requests, further increasing the security level.

Cloak Origin IP Address
Machine Learning

Big Data Analysis & Machine Learning

CDNetworks content delivery networks (CDN) serves thousands of large global enterprises and processes TB-scale log data daily, including massive access data and attack/defense samples. The platform’s big data and machine learning capabilities help detect network attack trends in real-time and automatically activates defense in advance. It also intelligently analyzes and identifies attacks, to model the normal behaviors of legitimate traffic including IP addresses, HTTP headers, cookies, and JavaScript snippets, etc.

Comprehensive Multi-Layered Security

CDNetworks provides a comprehensive multi-layered security solution that covers DDoS protection, Web Application Firewall (WAF), API security and gateway, Bot management and specific attack deflection modules, to protect your service and applications. By using our single portal for multiple products, you can save significantly on maintenance costs while simplifying operations for your team.

Multi-layer Protection

Our Global Scrubbing Center Network

With over 20 global DDoS scrubbing centers and 15Tbps of total capacity, Flood Shield is designed to protect websites and network infrastructures against even the most sophisticated and large-scale volumetric attacks.


Global Servers


Global CDN PoPs


Covered Countries & Regions


Scrubbing Capacity


Scrubbing Centers

How our DDoS Protection Services Work 

Flood Shield DDoS deflection technology is deployed on CDNetworks’ distributed Points-of-Presence (PoPs). It is a cloud-based “always-on” mitigation service with virtually unlimited capacity. It does not require sophisticated deployments and changes to customers’ networks and provides transparent scaling automation.

Flood Shield is provided either via a simple DNS change, typically to protect websites, HTTP/S traffic and entire network infrastructures, including multiple domains, servers, and protocols. With the customer traffic routed through CDNetworks’ PoPs, DDoS attacks hit the CDNetworks infrastructure rather than the customers’ servers and networks. CDNetworks’ PoPs detect and deflect both application-layer attacks (L7) and all known types of network-layer attacks (L3/L4).