Hybrid DDoS protection

Seamless integration of automatic on-premise and cloud-based mitigation

Why Hybrid Protection is Necessary

Modern attackers are now combining traditional volumetric attacks designed to overwhelm network bandwidth with stealthy application-layer attacks designed to slowly exhaust network resources over time. This blended approach to DDoS is growing in popularity because it is highly effective and difficult to defend. To combat today’s full spectrum of DDoS attacks, security experts recommend a hybrid solution that integrates cloud-based mitigation and on-premise protection.

Edge capacity was always the limiting factor for stopping a DDoS attack with locally deployed Hardware or Virtual solutions. A multi-layer hybrid DDoS defense solution overcomes this limitation by adding an on-demand cloud-based scrubbing service for volumetric attacks that otherwise overwhelm the network. This best of both worlds approach combines the speed and sophistication of on-premise protection with the large capacity of cloud scrubbing, but without the downside of adding latency or extreme cost of relying solely on cloud scrubbing for all attacks.

Why a Single-Vendor Hybrid Solution is Superior

A single vendor solution pays off from day one, with ease of installation, training and no need to integrate and troubleshoot tools from multiple vendors in order to achieve an automatic, scalable solution. Unlike multi-vendor approaches, RioRey provides the same level of detailed control and visibility of your traffic both locally and in the rCloud scrubbing center. No more blind spots. And should anything go wrong, we’re accountable from end to end. You’ll never find yourself between vendors.


How It Works

As your primary line of defense, RioRey’s on-premise filtering is placed at the network’s edge for “always on” protection against 25 classes of DDoS attacks. Our on-premise equipment quickly and automatically detects and mitigates attack traffic. This is the best mode of protection for most DDoS attacks.

Only in the case of a high volumetric attack will traffic be rerouted to RioRey’s rCloud scrubbing center before it reaches your network. At the scrubbing center, attack traffic is mitigated and legitimate traffic is redirected back to your network. When the DDoS attack has subsided, mitigation operations will revert back to on-premise protection.  

 
Traffic routed to cleaning center using BGP announcements. Good traffic returned via GRE tunnels.
 

 

 
Normal
0




false
false
false

EN-US
JA
X-NONE

 
 
 
 
 
 
 
 
 
 


 
 
 
 
 
 
 
 
 
 
 


 <w:LatentStyles DefLockedState="false" DefUnhid…

Traffic routed to cleaning center using BGP announcements. Good traffic returned via GRE tunnels or via direct connect.

 

Central Management and Reporting in rWeb

rWeb is RioRey’s premier management and reporting system that provides browser-based management for all RioRey on-premise protection. In addition, the management and reporting capabilities provided by the customer portal at the scrubbing center will be consistent with the operator’s experience with rWeb on the customer’s premise.

&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Scrubbing Center Portal

                                                                Scrubbing Center Portal

rWeb gives network operators complete visibility into the traffic passing through their network and a comprehensive range of tools to quickly analyze attack traffic. This makes the decision-making process of transferring traffic between on-premise and cloud-based scrubbing straightforward. In addition, rWeb has a robust API that makes all functions available for integration into external systems and provides almost unlimited reporting flexibility.

RioRey’s layered approach to DDoS attacks enables businesses to deploy and manage best-practices defense with a single solution that integrates on-site and in-cloud DDoS protection.