100% protection from all types of DDoS attacks. Our company is specialized on DDoS protection offering it as the main service. We have fulltime specialists researching DDoS attacks and developing protection techniques.
in Frankfurt (Germany) , Washington (US) and Moscow (Russia)
without connection inspection (stateless) - processing IP packets on ACL/FlowSpec level without TCP connection check (blocking TCP/UDP amplifications)
with connection inspection (stateful) - each incoming TCP connection is processed and analyzed
Our company is specialized on DDoS protection offering it as the main service. We have fulltime specialists researching DDoS attacks and developing protection techniques.
The proposed solution is intended to minimize Client’s financial and reputational risks caused by DDoS attacks against its network infrastructure, online services and websites by solving the following tasks
Ensuring availability of Client’s resources during DDoS attacks
Minimizing negative effects of DDoS attacks
Early notification of the Client about ongoing attacks
We establish a GRE/IPIP/MPLS tunnel or physical connection between you and our connection point
We set up a BGP session which you use to announce your IP prefixes
We accept your BGP announcement, filter all the traffic and deliver only legitimate traffic to the client’s router. Thus you divert incoming traffic through Safe Value
Client redirects his DNS record (himself or with our help) to the protected IP
We proxy traffic from the visitors of client’s website, redirecting to his server only clean traffic saving real visitors’ IPs in HTTP header
The prices are lower than most of the companies offer on market.
Attack types filtered
Save Value DDoS protection system is capable of filtering the following types of attacks:
- TCP flood (including SYN ACK reflecton flood, TCP ACK flood, TCP fragmented attack)
- SYN flood (including Spoofed SYN flood)
- UDP flood (including DNS/NTP/SSDP amplification, UDP fragment flood)
- HTTP flood (POST/GET bot attack, SlowLoris) – with HTTP protection option
- ICMP flood (including Smurf attack, Ping of Death)
- Other protocol flood (GRE flood etc.)
- Bandwidth exhaustion (volumetric flood)
Have any questions?
If you have any questions, need more information or just want to tell us your opinion, please don’t hesitate to contact us by completing this form. One of our technician will contact you.
Points-of-presence in Europe, US and Russia provide minimal latency for all clients and stop the attack near its source.
US: 21715 Filigree Ct, Ashburn, VA 20147 (Equinix DC-5) / Address for ping: was.safevalue.pro
EU: Frankfurt Germany, Kleyerstraße 90 (Equinix FR-5) / Address for ping: fra.safevalue.pro
Russia: Moscow, Butlerova st., 7 (MMTS-9) / Address for ping: msk.safevalue.pro
All the questions (such as bandwidth extension or special requirements) are solved quickly and easily, do not require long coordination and signing.
All traffic passing towards client’s server is cleaned in three places:
- Edge routers. This layer of protection makes our clients resistant to 100+ Gbit attacks
- Hardware filters. Extremely high packet processing speeds are reached
- Stateful filters + BanHammer. The most complex and smart attacks are blocked, including bot attacks
BanHammer is our system for filtering HTTP flood precisely tuned on dozens of thousands of real attacks on our clients’ websites. Despite the name, there are no bans - we use intelligent filtering methods based on behavioral and signature analysis. It made it possible to reduce number of false positives to minimal values as well as maximize percent of filtered flood.
Traffic from the clients to the server on the Internet almost always goes on the cheapest links which don’t provide optimal speed and latency. When one connects Safe Value protection, traffic from the filtering point nearest to client is directed to his server using optimal low-latency routes inside Safe Value network (SpeedRoute). It often helps to reduce latency by 3-8 ms.
Our infrastructure is built catastrophe-resilient, so even a cataclysm leading to outage of one point-of-presence will not lead connection loss. How it is achieved? Due to our Global Session system, all our filtering points all over the world «know» that client has connected to the server and in case of unavailability of one of the points traffic will be automatically redirected to another point nearest to the client.
Our FlowSense system constantly monitors all data flows coming to client’s server/website, searches anomalies and automatically determines ongoing attack type. As a result, automatic adjustment of filtering parameters happens using BGP FlowSpec (RFC 5575) and API of our filtering systems.
Client’s website will load faster with Safe Value protection because large files will be automatically cached in RAM of our caching servers and delivered to the clients momentarily! RAM works dozens of times faster then SSD disk, so each website can be speeded up this way.
HyperCache is absolutely transparent for client’s website visitors and does not require client to change anything on the website. It does not cache anything unnecessary and is highly tunable for client’s needs.
Our technical support is highly regarded by our clients. If the client has a question or a problem, it’s usually solved instantly in chat mode even at night.