A Distributed Denial of Service (DDoS) attack is an attempt to bring your IP network down. DDoS response is provided by Fusix in 3 ways:
- Blackholing: all traffic going to the target of the attack (IP Address) is re-routed to a blackhole, thus removing congestion that was created by the attack. However, the target of the attack gets isolated from the Internet. You can use our Team!works Customer Portal to see your IP Addresses that receive most traffic and to initiate the blackholing yourself; or request the Fusix Network Operations Center to assist you.
- Filtering: incoming traffic is filtered to separate the malicious traffic that is discarded, while the legitimate traffic is re-injected, so your services remain online. You can use our Team!works Customer Portal to drop all UDP and/or ICMP traffic, which will be an effective response to a majority of the DDoS attacks. For a more elaborate attack, Fusix will provide an immediate assistance and apply additional filters.
- Automatic filtering: we assist our customers to set up their IP networks for receiving automatic filtering service from known providers, such as NaWas.
Prevention of Internet hijacks
Fusix is a second commercial Internet Service Provider in The Netherlands who has implemented RPKI on its backbone to protect its customers from exchanging traffic with hijacked Internet resources.
RPKI (Resource Public Key Infrastructure) is a public key infrastructure framework designed to secure the Internet’s routing infrastructure, specifically the Border Gateway Protocol. RPKI provides a way to connect Internet number resource information (such as IP Addresses) to a trust anchor. Using RPKI, legitimate holders of IP Addresses are able to control the operation of Internet routing protocols to prevent route hijacking and other attacks.