# DDOS service for Providers



## jclutter (May 4, 2015)

What do providers use to provide DDOS protection to clients as an add on service.


----------



## drmike (May 4, 2015)

DDoS protection companies.   Lots of them out there.  Staminus is one.  CNServers is another (but they don't like Chinese or something like that - maybe it competes with their own hosting sales of dedis)...

Some datacenters offering filtering as an addon as well.

Mainly people subscribe to filtering platforms with lots of gear for scrubbing or they buy overpriced custom hardware themselves = $$,$$$ - $$$,$$$.


----------



## GreenLionNet (May 9, 2015)

There are many DDOS protection service providers and hosting companies implement their technology on servers for protection against DDOS attacks.


----------



## Wintereise (May 10, 2015)

drmike said:


> DDoS protection companies.   Lots of them out there.  Staminus is one.  CNServers is another (but they don't like Chinese or something like that - maybe it competes with their own hosting sales of dedis)...
> 
> Some datacenters offering filtering as an addon as well.
> 
> Mainly people subscribe to filtering platforms with lots of gear for scrubbing or they buy overpriced custom hardware themselves = $$,$$$ - $$$,$$$.


I don't believe they have anything against Chinese people (CNS), it was a simple misunderstanding.


----------



## Francisco (May 10, 2015)

Wintereise said:


> I don't believe they have anything against Chinese people (CNS), it was a simple misunderstanding.


Ehhhh I disagree but hey, what do I know.

- *CNServers* is cheap, west coast only. Nullroutes are undocumented and your details are apparently not private.

- *Staminus* is in 3 locations and provides good filtering levels over GRE + BGP. Support is some of the best with 95%+ of our tickets being answered within 5 minutes and resolution well under 10 minutes. Great control panel, tons of logging. API is OK, though I don't like how authentication is handled.

- *Voxility* provides very high filtering levels. API is very basic but supposedly a new revision is due soon that improves it a lot. Pricing is very high but expected given protection levels. Their billing & sales teams are fantastic to work with and their support is very knowledgeable and quick to reply. All communication is handled via email.

- *Blacklotus* provides filtering and allows you to scale up fairly high last I heard. Their filtering used to be pretty terrible allowing tons of floods to bleed through. They've replaced their entire platform with an Arbor platform, though I've not heard any reviews about them past what Clamhost has mentioned to me.

- *Colocrossing* has filtering onsite in their Buffalo location at high levels. OK priced on full server protection though Jon is a pretty aggressive salesman so you can likely catch him in a good mood/etc and get a better deal. I don't know anyone that has used their filtering though RioRey's have limited PPS protection (30M pps max on their top units). TCP SYN/Layer 7 filtering seems hit/miss given they had to pull lowendtalk behind not only a synproxy (we all saw that pfsense box) but also cloudflare. *They haven't been dropped offline yet so it's likely pretty decent. I haven't used their filtering before so this is just based off my research into RioRey's.*

- *OVH* includes filtering in all servers on their 'OVH' lineup (not the soyoustart lineup). Filtering levels are high, usually 50 - 60gbit before you're getting a null. Filtering seems to be fairly ACL heavy given some of the floods they leak. TCP filtering is hit/miss from what I've heard. *I have no direct experience, I'm simply going off what we hear from customers on our Minerack brand*.

From my own experiences, Staminus provides the best hands-on experience when it came to filtering. Their support really went the distance to explain things to me, but also respected our staff enough to not patronize us when we got into technical discussions about custom filtering.

Francisco


----------



## MannDude (May 10, 2015)

Good write up @Francisco, thanks for the contribution, that should help @jclutter out quite a bit.

From my experience as a customer, it appears that both CNServers and maybe (don't recall 100%) Staminus too had some false positives in blocking. I do recall ticketing in a couple times as members would message me on IRC or Skype to see if I had blocked them from the site. Turns out they were being rejected at the filtering level for one reason or another. It's been a long time since that has happened, and I don't completely recall if this was when you were using CNServers or Staminus.


----------



## William (May 11, 2015)

Pretty much what @Francisco said - Voxility does very high levels of UDP (and so does OVH), Staminus is smaller but has a fairly good API (Rage4 uses Staminus for some things), OVH can be good but don't complain if your floods leak (never tried to get support for that but i doubt it exists). Online.net is also on the cheap side and works well for UDP (no L7 i think though).


----------



## DomainBop (May 11, 2015)

> Online.net is also on the cheap side and works well for UDP (no L7 i think though).


Online's free basic service uses Sevi M6-NG for filtering and their Advanced and Curative offerings use Arbor Peakflow SP.

SeFlow (SeGuard) in Milan and the Serverius datacenter in Dronten NL also offer DDoS protection.  Solar Communications in Zurich offers DDoS protection (their brands include Incloudibly, CoinsHost, Cloudcom, and many others).  MyLoc (Webtropia, ServDiscount) is now offering (very) limited DDoS protection with all of its servers


----------



## Francisco (May 11, 2015)

Hah SeFlow, please.

Francisco


----------

