DOSArrest employs a layered approach to DDoS mitigation comprised of 3 major layers plus A Web Application Firewall (WAF) layer on all of its globally distributed nodes. All customers' websites use all nodes simultaneously. This allows DOSArrest to chop up any mega attacks into smaller bites and gives customers a performance boost at the same time by caching some or all of their content around the globe DDOS Protection for Network Infrastructure. [link: https://www.youtube.com/watch?v=YhY39vMXbOE&feature=youtu.be]
Feature Summary:
DOSArrest provides three options to configure the Data Center Defender platform
BGP based trigger
In this type of configuration, customers configure a BGP session with DOSarrest, over which they can announce their netblocks anytime. This will cause all visitors to that netblock to enter the DOSarrest network, where the attack traffic will be scrubbed, and clean traffic tunnelled/routed back to the customer network.
Flow-based trigger
Customers who do not have BGP capabilities and/or would like to have automated mitigation in place can export Network Flows (Netflow/Jflow/Sflow) to the DCD platform. The DCD platform will analyze incoming flows, automatically modify routing for affected netblocks and immediately mitigate the attack once it starts to come into the DOSarrest network. Once the attack is over, routing is restored to normal.
Secure stack
For customers who cannot do option 1 or 2, and have a server or stack that needs DDoS protection. Typical customers of this service are organizations who are co-locating their servers or using a public cloud (e.g. AWS or Rackspace).
Users of this service are allocated a Secured DOSarrest IP/IPs, which they configure on their servers. A tunnel is created from the DOSarrest network to the server(s) over which the Secured IP(s) is routed.