DDoS Protection

Generic DDOS protection is active by default for every server at no additional cost.

What is a DDOS attack?

Distributed Denial-of-service (DDOS) is a type of cyber attack when multiple compromised servers are leveraged to attack a targeted system in order to disrupt its normal traffic, service or network by overwhelming the targeted system or its surrounding infrastructure with a flood of Internet traffic.

What are the most common DDOS attacks?

There are two most popular DDOS attack methods to disturb a server: SYN flood and Amplified.

SYN flood is a form of DDOS attack when an attacker sends a succession of SYN requests to the targeted system, in order to consume enough server resources to make the system unresponsive to legitimate traffic.

DNS amplification is a form of DDOS attack when an attacker exploits DNS server vulnerabilities, in order to send relatively small queries and elicit exponentially larger payloads, which are then directed to the targeted system.

What is generic DDOS protection?

Generic DDOS protection is an automated protection system that monitors each and every server on a network level. It is enabled by default and comes with no additional cost to the user.

The traffic of every server is being scrubbed from NTP, SSDP, CharGen, DNS and several others well-known DDOS attack vectors. In addition to this, Cherry Servers network is being monitored 24/7 by seasoned network engineers, who are ready to react manually with any means necessary to preserve seamless network operations.

Are there any additional DDOS protection layers?

Cherry Servers

In addition to the Generic DDOS Protection, you may add a DDOS Protected Floating IP that has an additional application layer DDOS scrubbing protection in real-time. Layer 7 attacks vary from elementary-easy to extremely sophisticated, which can make it very hard to differentiate legitimate traffic from malicious activity. Due to to the underlying machine learning technology, DDOS scrubbing protection can detect ever-changing traffic anomalies and prevent your application from being overwhelmed.

Third Parties

You can use a third-party DDOS protection service and integrate it with Cherry Servers. For instance, if you use CloudFlare DDOS protection service for website screening, we can filter out incoming traffic to your server from everywhere except CloudFlare for an additional fee.

How do we protect the world from DDoS attacks?

We automatically drop requests that are coming from IP addresses which are listed in Spamhaus and some other advisory "drop all traffic" lists. You server traffic can also be temporarily suspended due to an unusually high amount of outgoing packets per second.