Using a scrubbing centre as a network traffic diversion strategy during a DDoS attack is one of the most effective ways to mitigate an attack’s effects on your network. Malicious traffic is rerouted from your network to a scrubbing centre, giving you the opportunities to filter traffic while reducing your network load.
FastNetMon is a vendor-neutral tool that works with all existing network equipment vendors, DDoS Mitigation systems, and scrubbing centres. It’s easy to set up on your network with a minimal configuration that combines DDoS detection and mitigation capabilities with scrubbing centre automation.
For network owners operating in the cloud, you can set up FastNetMon for the cloud (Google Cloud, AWS, etc.) with just one click.
Furthermore, FastNetMon supports a variety of methods to redirect attack traffic to external scrubbing centres for scrubbing:
FastNetMon’s 2-second detection response helps inform your engineers about an attack almost instantaneously so that you can affect an immediate response – limiting damage and restoring operations ASAP.
How does FastNetMon DDoS Network Traffic Diversion Work?
FastNetMon is the ideal tool to automate and speed up shifting traffic from regular routes to the scrubbing centre during attack mitigation. Under these conditions, it’s critical to decide what actions to take with as little delay as possible. In many situations, requiring human interaction in this process introduces additional lag-time between detection and mitigation protocols. Every second that your network does not respond to the attack translates to extra dollars lost.
As network security professionals know, BGP traffic diversion can suffer from delays in these situations, mainly because it has to announce propagation across the network components. It’s this delay that FastNetMon eliminates by helping you to take action in time to shift traffic and stop an attack in its tracks.
FastNetMon can automatically switch a network of any size to DDoS scrubbing centres. The most popular and recommended redirection method is to switch network traffic based on advertising a /24 IP block to the scrubbing centre but keep the parent prefix for this /24 prefix with your normal ISP.
Due to BGP protocol selection logic every networks across the planet will select this path over /24 to the scrubbing centre instead of normal path.
However, IPv6 network boundaries might be different. In this case, you can set up the length of the covering network size using FastNetMon for specific /48 announces.
If you use FastNetMon for BGP BlackHole or Flowspec, it will capture a particular host’s traffic in your network. After detecting the attack, FastNetMon will determine which network contains that host. Based on that information, FastNetMon triggers an announcement and redirects the affected host’s traffic to a scrubbing centre. In turn, the scrubbing centre should start performing its scrubbing activity based on getting the announcement.
Simultaneously, FastNetMon can run a script or broadcast the announcement to your routers. This will remove the affected host with the attacked prefix on your network and send malicious traffic from your network to the scrubbing centre.
Why is FastNetMon a Better Option for DDoS Scrubbing Diversion?
FastNetMon limits the effect a DDoS attack has on your network operations and infrastructure by:
Using FastNetMons, your network DDoS Detection tool with a scrubbing facility, attack traffic is filtered on arrival – removing unwanted traffic from your network and reducing attack detection latency. If you’re on the cloud, FastNetMon can localize the affected router and reduce the network load with a cloud-based centre.
The result is to minimize the negative impact an attack can have on your network performance and reduce associated costs. Legitimate traffic can also be returned to you after it has been filtered and cleaned.
It’s possible to integrate FastNetMon with other DDoS Protection services used to defend your network. That being said, FastNetMon is a full-service DDoS mitigation tool featuring BGP BlackHole, scrubbing diversion, and FlowSpec on top of integration with other vendors.
This empowers you to build a scalable and reliable network protected from DDoS and the effects it can have on your business.