Flood Shield

Distributed cloud-based DDoS mitigation to protect websites and network infrastructures

Cloud-based DDoS protection built to safeguard businesses against DDoS attacks

CDNetworks Flood Shield detects and mitigates all types and all layers of DDoS attacks (such as SYN Flood, ACK Flood, UDP Flood, HTTP Flood, etc.) in real time and simultaneously provides acceleration service to legitimate users to optimize user experience. This solution functions as a shield to ensure the stability and reliability of online services and infrastructures. Flood Shield comprises monitor & alert tools, visualization of attacks, investigation tools and more.

Our always-on and inline cloud-based DDoS protection that is built into our huge 15 Tbps+ CDN infrastructure ensures that we are always defending your website. With automatic traffic profiling and detection, we can identify attacks rapidly and deflect them on the edge of the network.

How Can DDoS Attacks be Harmful

DDoS attacks can cause massive harm to a network, application or resource by flooding it with a large volume of traffic. They are usually delivered by malicious actors via a botnet or a group of devices controlled together and infected with malware. With the proliferation of IoT devices, the threat landscape has widened and it has only become easier for attackers to launch DDoS attacks.

As the resources get used up to meet the incoming traffic requests, they get exhausted and lead to a server failure. For businesses that thrive on providing uninterrupted services to their users, these types of cyber attacks can result in a number of negative consequences.

They can affect revenue by interrupting customer-facing applications

When DDoS attacks tie up platform services, they make it impossible to ensure business continuity. This could result in unsatisfied users, customer churn or in more serious cases even render key transactions unavailable.

They can add to business costs for website recovery

In addition to the revenue lost due to customer churn, DDoS attacks can also create additional expenses for business in the form of website and data center recovery costs.

They can bring down mission-critical applications in your organization

It’s not just customer-facing applications that DDoS attacks can bring down. Even business applications that help you with daily operations can be affected. Email automation, CRM tools, payroll processing software and other internal applications key to running your business can be affected by DDoS attacks.

They can invite more attacks while your DDoS defenses are down

DDoS campaigns don’t end when they manage to compromise some servers or services in your organization. The flood of network traffic will continue to overwhelm your other systems until more robust DDoS defenses are put in place. This is a period where your network security infrastructure can be taken advantage of by hackers to target other, more sinister types of attacks.

They can affect brand image or reputation

Sometimes the negative impact of DDoS attacks on your business aren’t monetary. When key public-facing applications are down and websites or apps are slow to load, it can leave a bad impression of your brand among customers. In fact, 57% of companies surveyed by NETSCOUT’s WorldWide Infrastructure Security Report think that DDoS attacks affected them most with damage to their brand more than operating expenses.


Attack Notification and Monitoring

  • Comprehensive monitoring and alerting services
  • Security warning to rapidly notify about any website abnormalities

Attack Mitigation

  • Network-layer, application-layer DDoS mitigation, SYN flood, ACK flood, ICMP flood, UDP flood, HTTP flood, reflection DDoS attacks
  • Four scrubbing centers located worldwide to mitigate these types of attacks

Deployment Methods

  • DNS CNAME configuration for HTTP/HTTPS traffic
  • BGP announcement to protect entire networks, multiple protocols.

Access Control

  • Policies include IP/URL blacklist and whitelist, access control by IP address, URL, domain name
  • Customizable strategy based on IP parameters and access frequency control

Mitigation Capacity

Large-capacity PoPs 600Gbps per PoP toover 2Tbps networ

Mitigation Visibility

  • View DDoS attack and protection informationin real-time
  • Full layer 7 DDoS, and 3 & 4 DDoS dashboard and log
  • Includes website security status, types of mitigation traffic and detailed information of attack events

DDoS Mitigation Highlights

CDNetworks Flood Shield provides a robust DDoS protection service to help defend your business against these cyber attacks. Some of the highlights of our solution include:

Monitoring and Warning of Abnormalities

With its multi-dimensional and all-level monitoring and warning capabilities, Flood Shield helps you detect, prepare for and deploy defense strategies against DDoS attacks. The security PoPs dynamically learn from historical access and behavior patterns and notifies you via email/SMS when any abnormalities are detected.

The platform’s big data analytics capabilities also helps analyze the cloud attack data and patterns in IP, User-Agent and Referrer. It performs security event correlation analysis by comparing similar approaches on other websites and industry data to deploy coordinated and synchronized defense strategies.

Intelligent Firewall and Detection for L4 and L7 DDoS Defence

CDNetworks equips you with the defense strategies for Layer 4 DDoS and Layer 7 DDoS attacks.

Layer 4 DDoS attacks are those such as TCP SYN flood, ACK flood, ICMP flood, UDP flood, NTP amplification and reflection attacks or Layer 7 attacks such as HTTP flood and Low & Slow attacks. For these, Flood Shield uses intelligent firewall and real-time detection to filter abnormal packets and non-compliant packets. It evaluates certain criteria to verify, block or drop packets and validate TCP connections without affecting normal access. This goes beyond what a web application firewall or WAF is capable of, which cannot stop some types of DDoS attacks such as TCP-state exhaustion attacks.

Layer 7 DDoS and application layer attacks are more sophisticated and usually target particular expensive parts of applications. For example, HTTP flood requests to a login page, or a search API, or WordPress pingback attacks fall under this category. For these, Flood Shield uses a cyber threats library, access control tools, log self-learning, and automated browser challenges, to analyze, detect and black malicious request packets in real time. 

Real-time Visualization of Defense

Flood Shield also gives you defense intelligence via real-time visualization. You will get to see displays of website security overview including DDoS attack bandwidth information in real-time. Other insights include the types of mitigation traffic and attack information including intercepted IP address, country, attack type and count. These will help you come up with the right strategies to combat the attacks.

Globally Distributed PoPs and Intelligence

The Flood Shield platform is able to leverage the 1,500 PoPs in our content delivery network across 70 countries to scale up resources to defend against volumetric attacks up to 15Tbps.

The globally distributed PoPs allow for intelligent scheduling and site-wide synchronization, giving you an always-on cloud-based DDoS protection solution that minimizes downtime and economic loss.

The platform’s big data and machine learning capabilities also helps detect network attack trends in real time and automatically activates defense in advance. It also intelligently analyzes and identifies attacks, to model the normal behaviors of legitimate traffic including IP addresses, HTTP headers, cookies and Javascript snippets.

Legitimate Traffic Bandwidth in Real Time
Flood Shield DDoS Real Time Report
Type of Mitigation Traffic
Flood Shield Protocol Status
Play Video