What projects need DDoS protection?

Если сайт — центральное звено маркетинга компании и через него проходят большие потоки трафика, то базовая защита от DDoS атак обязательна. С проблемами сталкиваются разные интернет-сервисы, у которых есть недобросовестные конкуренты. Особенно страдают веб-приложения, у которых монетизация напрямую зависит от работы платформы, и онлайн-трансляции мероприятий, где на кону репутация организаторов.Другие мишени DDoS:Платежные системы.Государственные ресурсы.Медиа.Медицинские сервисы.Интернет-магазины.IoT оборудование.Биржи криптовалют.Корпоративные сайты. Даже если вашего проекта нет в списке, это не гарантирует полную безопасность, поскольку более 60% компаний ежемесячно страдают от DDoS.

Is DDoS being used to steal data?

That's not exactly true. The purpose of the attack is to take out the hardware to prevent the normal operation of the service. Often, however, it is needed as a distraction while hackers try to hack your database, which is stored on the server.

Does the filter affect application performance?

Your users will not notice the change - the speed remains the same. Comprehensive protection, on the contrary, becomes a help for the server. Filters reduce the load on it, so applications run faster.

От каких атак защащает наш сервис?

Чаще всего DDoS бывают двух типов:На уровнях L3, L4 (инфраструктура) — к ним относится работа с разными типами сетевых и транспортных протоколов, в частности IP, SYN и UDP-флуд. Они действуют как перегрузка и их легко обнаружить даже с помощью самой простой системы.На уровнях L6, L7 (приложения) — их сложнее распознать, поскольку они не настолько массированные и направлены на отдельные части приложения. Для отражения этого типа атак мы используем WAF. Мы обеспечиваем безопасность для сервера как при стандартном флуде, так и при «интеллектуальных» атаках, когда запускают продвинутых ботов. Существуют более сложные кибератаки, которые включаются в рейтинг OWASP TOP 10. Это самые опасные алгоритмы, которые могут с помощью специальных запросов вытягивать данные из вашей базы, проникать на сервер с полным доступом, используя ваш IP, и использовать другие уязвимости в корыстных целях. Наш комплекс включает решения по борьбе с подобными вмешательствами.

Соответствует ли сервис 152-ФЗ?

Yes, all of our services and cloud solutions meet the requirements of the law on personal data. The equipment is located in data centers in Moscow and St. Petersburg.

Main page | Security | Protection of Internet resources and web applications

CLOUD DDOS PROTECTION

waf + anti-ddos

Cost-effective multi-layered protection for websites and apps

Over the past year, Russian companies have experienced a strong surge in DDoS attack. Several independent sources estimate that from 2021 to 2022 their number increased eightfold. Projects range from large IT services and applications to small company websites and online event broadcasts. To keep your users' data safe and your server running smoothly, use multiple layers of protection.

Protection from the OWASP Top Ten security risks

Bot activity prevention (DNS/JS checks, BOT signatures, browser behavior analysis)

Passive Vulnerability Scanner

Protection against client-side attacks (CSP, CSRF injection)

Credential stuffing protection

Brute force prevention

Hidden site directory search prevention (DirBuster)

AntiDDoS

linx protect benefits

resource effectiveness

The Linx staff takes care of implementation, operation, and support of the product, allowing your IT team to focus on key business objectives

reduction of it infrastructure load

The product runs in the cloud and doesn’t consume the resources of your physical IT infrastructure. The protection mechanisms make it possible to identify and block bots without affecting legitimate users

up-to-date protection policies

Our own honeypot network allows you to collect data about new attack vectors in the darknet and create up-to-date signatures and security policies

99.9% accuracy

Minimum false positives when analyzing incoming traffic thanks to the continuous analytical work of the Linx team

24/7 monitoring

Prompt incident response 24/7

easy start

Enable protection by simply redirecting traffic to Linx Protect with a DNS record

The goal of a DDoS attack is to take your equipment offline. It could be competitors who want to disable your platform, damage your reputation or sales, or it could be hackers looking for vulnerabilities. Regardless of the objectives, the technology is the same:

Malicious requests are sent to the server.
Its power is failing.
It goes down.

Each provider has its own algorithms, but protection is always based on traffic filtering. The system sends requests to intermediate addresses, runs it through special equipment and internal services to clean it up. Malicious requests are discarded, and purified traffic is sent to the server.

Для усиления безопасности Linx Cloud использует несколько технологий — пассивный сканер уязвимости, облачные сервисы, которые позволяют запускать мощные алгоритмы проверки, файервол веб приложений WAF для анализа трафика и т.д. В совокупности они позволяют поддерживать высокий уровень защиты от большинства видов атак.

architecture of linx protect

PRICING

basic

3,544 rubles per day

1 domains (web applications)
AntiDDoS - 10 mbps
WAF - 100 RPS
Traffic filtering at levels 3-5 of OSI model
OWASP signatures
Full WAF maintenance, monitoring and incident response
Vulnerability and incident consultations

standard

4,428 rubles per day

3 domains (web applications)
AntiDDoS - 30 mbps
WAF - 200 RPS
Traffic filtering at levels 3-5 of OSI model
OWASP signatures
Full WAF maintenance, monitoring and incident response
Vulnerability and incident consultations

business

6,500 rubles per day

10 domains (web applications)
AntiDDoS - 100 mbps
WAF - 400 RPS
Traffic filtering at levels 3-5 of OSI model
OWASP signatures
Full WAF maintenance, monitoring and incident response
Vulnerability and incident consultations

individual

A data protection and disaster recovery solution tailored to your particular needs

Licenses and certificates

Frequently asked questions

If the site is the centerpiece of a company's marketing and large flows of traffic pass through it, then basic protection against DDoS attacks is a must. Various Internet services that have unscrupulous competitors face problems. Web applications, whose monetization is directly dependent on platform performance, and online broadcasting of events, where the reputation of the organizers is at stake, are particularly affected.

Other DDoS targets:

Payment systems.
Government resources.
Media.
Medical services.
Online stores.
IoT equipment.
Cryptocurrency exchanges.
Corporate websites.

Even if your project is not on the list, it does not guarantee complete security, since more than 60% of companies suffer from DDoS every month.

Вы можете заказать услугу в личном кабинете. При необходимости тариф легко меняется в интерфейсе — цена зависит от мощности требуемой защиты. С технической точки зрения, вам нужно добавить DNS-запись, которая будет направлять трафик.

Most often DDoS are of two types:

At the L3, L4 (infrastructure) levels - these include working with different types of network and transport protocols, in particular IP, SYN and UDP flooding. They act as an overload and are easy to detect even withthe simplest system.
At the L6, L7 (application) levels - they are more difficult to detect because they are not so massive and target individual parts of the application. To repel this type of attack we use WAF.

We provide security for the server both for standard flooding and for "intelligent" attacks, where advanced bots are launched. There are more sophisticated cyberattacks, which are included in the OWASP TOP 10 rating. These are the most dangerous algorithms that can use special queries to extract data from your database, infiltrate the server with full access using your IP and use other vulnerabilities for selfish purposes. Our suite includes solutions to combat such intrusions.

Get a quote

You may also be interested in

Linx NGFW

CLOUD DDOS PROTECTION