Don’t wait, be active
in your defence
Choose the perfect plan for your needs
Plans & Pricing
The initial protection can be setup in less than 24h*
Contact us for quote
Basic
Remotely Triggered Black Hole
- Wanguard installation
- Hardware recommendation
- Remote OS setup & tuning
- Network update & tuning
- Quagga setup
- Wanguard attack thresholds setup
- Wanguard training
- Wanfilter with routing
- ExaBGP with Flowspec setup
- Extra training and customizations
Standard
Simple Filtering
- Wanguard installation
- Hardware recommendation
- Remote OS setup & tuning
- Network update & tuning
- Quagga setup
- Wanguard attack thresholds setup
- Wanguard training
- Wanfilter with routing
- ExaBGP with Flowspec setup
- Extra training and customizations
Optimal
Filtering with Flowspec
- Wanguard installation
- Hardware recommendation
- Remote OS setup & tuning
- Network update & tuning
- Quagga setup
- Wanguard attack thresholds setup
- Wanguard training
- Wanfilter with routing
- ExaBGP with Flowspec setup
- Extra training and customizations
Advanced
RTBH & Flowspec Filtering
- Wanguard installation
- Hardware recommendation
- Remote OS setup & tuning
- Network update & tuning
- Quagga setup
- Wanguard attack thresholds setup
- Wanguard training
- Wanfilter with routing
- ExaBGP with Flowspec setup
- Extra training and customizations
*Depending on customed preparation and response time.
Plans overview
Learn about possible scenarios and decide which of our plans will fit your needs.
Remotely Triggered Black Hole
Most popular protection against DDoS attacks is black hole routing (RTBH). This method is suitable when big volumetric attack is hitting Your network. Then the only way to survive and still have internet connectivity is to block the IP that is being attacked before it reaches Your network.Network will be protected, but the downside is that the attacked IP has no communication with outside world.
- Attack starts, traffic begins to rise above your bandwidth limit.
- Wanguard detects the attack and sends a BGP Update to the blackhole traffic.
- Router sends this BGP Update to ISP1 and ISP2 and the traffic gets blocked before hitting our router.
- Traffic returns to normal baseline.
Simple Filtering
This is the first form of filter/firewall that is supported by customer BGP router driven by Wanguard to create rules that block malicious traffic. The volume of attack must be within bandwidth available from ISP.
- Attack starts, traffic is within our bandwith limits.
- Wanguard detects the attack and send BGP Update to divert traffic for filtering.
- Filter is cleaning traffic with hardware or software firewall.
- Cleaned traffic is routed back to network/servers.
Filtering with Flowspec
The most comprehensive filtering solution with very fine granular options of dropping or limiting malicious traffic. Hardware filtering for offloading traffic from network, to flow spec filtering on router and software firewall and SYN proxy for ultimate protection against Layer 7 attacks.
- Attack starts, traffic is within our bandwith limits.
- Wanguard detects the attack and send BGP Update to filter/drop malicious traffic on the router with Flowspec rules.
- Normal traffic flows to our network, bad one (with DDoS signatures) is filtred and send to trash (null route)
RTBH & Flowspec Filtering
This option ensures survival of network during volumetric attacks as well as Layer 7 protection. Ultimate protection for every one where network outage is not an option.
- If attack is saturating our Uplinks to ISP1 and ISP2, we need to black hole it (RTBH) (Scanario 1).
- If attack is outside Flowspec abilities or other protection is needed then it needs to be diverted for traffic filtering to Wanguard Filter (Scenario 2).
- If attack is within our bandwith limits we can use Flowspec abilities to filter it on our router (Scenario 3).
Standard
Simple Filtering
In order to place your order please fill the form below. We’ll contact you within 24h in order to gather all the information needed to start the work.