Zare.co.uk Хостинг

1 читатель, 8 топиков

Why we moved to Corero

After months of testing and hundreds of packet captures, our new Corero SmartWall solution is now live network wide in both our London and Bristol locations.

Why Corero?
During our testing phase, we tried many different DDoS mitigation appliances and Corero came out on top each time. Here is what we looked for during the process.
  • Raw filtering capacity — Corero provides line-speed filtering with 20Gbps of capacity per SmartWall block, allowing 80Gbps in just a 1U space through their modular design.
  • Inspection techniques — We found many DDoS appliances could not detect the sort of attack patterns that we face daily without deep packet inspection. Corero provides a layer by layer filtering system at almost line rate speeds and thus allowing us to detect and mitigate even the smallest of attacks very easily.
  • Support & Management — This is where Corero really shined and ultimately a huge factor in us choosing their product. Their support from day one was excellent in terms of response times, knowledge and going out of their way to make sure we were 100% happy.

Why the switch?
The reason for switching to our own in house mitigation platform came about after experiencing problems with mitigation / network performance whilst using Voxility previously.
Using Corero puts us in the driving seat and allows us to work on new custom filters for customers in short timeframes, and also allows us to work alongside a company that’s business is providing network security solutions day in, day out to further safeguard our own customers against new and emerging threats.

Why is this solution any better than before?
Previously when using Voxility for DDoS protection we were governed by their off ramp mitigation method, which involved a flow sensor monitoring their network for potential attack traffic patterns, then in the event one was detected it would inject a /32 route for the target of the attack into the network to redirect the traffic to the closest filtering unit. After this was done the filter would then tunnel the “clean” traffic downstream to a switch / router as close to the end destination as possible. This would take potentially up to 15-20 seconds to happen during an attack, depending on the size. Or not at all with smaller UDP floods, specifically targeting game, or voice servers. This is where our new solution excels!
With our new Corero protection solution deployed in line within our network it offers the fastest possible time to mitigate attack traffic, because the attack traffic enters the Smartwall TDS unit first before the rest of the network. There is no need for off-ramp traffic re-direction, or prefix prepending meaning no latency increases whatsoever! Just a smooth steady flow of clean traffic direct to your server.


New Feature - Firewall Attack Log

We have been working hard to integrate Corero and Splunk into the Zare Manager so that clients can view important information about inbound DDoS attacks on their servers. You will now be able to see an array of different information via your manager, this includes target IP, target port, attack type (UDP, TCP, ICMP, DNS and NTP amps, HTTP flood, SYN pps and attack size per protocol), total attack size, total pps and the time the attack started.
Below is a screenshot of some sample information.

You can view 1 hour, 1 day and 1 week samples of the attack data that we store. You will also be notified by email every time an attack pattern is detected on your server (once per hour, per unique target IP).
All data is available via our API or webhooks.

Rapid Expansion in London Continues

Our London location continues to be a popular choice amongst our customers and thus we are continuing rapid deployments to keep up with demand.
Standard Rack Deployment

Due to higher footprint costs in London, we opted for an extremely high density approach, having only 8 and 12 node SuperMicro Microcloud chassis, this allows us to get up to 144 dedicated servers per rack. Below is a breakdown of what a standard rack would include and its power usage.
Based on 800mm 42U rack with 144 x E3-12XXv5 CPU’s and 90% SSD based deployments

Pros & Cons
  • Extremely high density, saving on space and running costs.
  • Dual PSU’s allowing us to use A+B feeds and save on power usage
  • Shared fans to save on power usage
  • Passive coolers to save on power usage
  • Easy access to sleds to allow for quick hardware replacements
  • Central IPMI managment port which can be daisychained, meaning only 1 switch port is required to enable IPMI on 144 servers.
  • In the event of chassis failure, blades can be hot-swapped to another chassis in minutes
  • Shared resources like power supplies, fans and backplanes can mean that the whole chassis would go down in the event of failure.
  • Cost — initial capital expenses are high, however lower running costs offset this in the long run.
  • Because of the high density, the nodes can only take VLP memory whichis considerably more expensive than normal UDIMMS and is only manufactured by Crucial at a viable price point.

Below is a picture of 3 x 3U 12 nodes that were deployed in London today for new setups

Dedicated Servers and KVM Cloud Servers - DDoS Filtering

High Performance KVM Cloud Servers
  • 1 Core Processor / 512Mb DDR4 Memory / 10GB SSD Disk / 1TB Transfer / DDoS Protection / 1 IP
  • 1 Core Processor / 1024Mb DDR4 Memory / 20GB SSD Disk / 3TB Transfer / DDoS Protection / 1 IP
  • 2 Core Processor / 2048Mb DDR4 Memory / 30GB SSD Disk / 3TB Transfer / DDoS Protection / 1 IP
  • 2 Core Processor / 4096Mb DDR4 Memory / 50GB SSD Disk / 4TB Transfer / DDoS Protection / 1 IP

DDoS Filtering PoPs
  • London — Telehouse/Level3
  • Frankfurt — Equinix FR5/Interxion/NewTelco
  • Bucharest — Voxility IRD/NXData-1/NXData-2
  • Washington — Equinix DC2
  • Miami — Terremark, «NAP of the Americas»
  • Los Angeles — Equinix LA1

  • Intel Core i3-4170 / 8GB DDR3 / 120GB SSD/1TB HDD / 1Gbps
  • Intel Core i5-4460 / 16GB DDR3 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Core i7-2600k / 32GB DDR3 / 2 x 120GB SSD / 1Gbps
  • Intel Core i7-4790 / 32GB DDR3 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Xeon E3-1240V3 / 32GB DDR3 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Xeon E3-1270V3 / 32GB DDR3 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Core i7-6700K / 32GB DDR4 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Xeon E5-1650v3 / 16GB DDR4 ECC / 240GB SSD / 1Gbps
  • Intel Core i7-6700K / 64GB DDR4 / 240GB SSD/1TB HDD / 1Gbps
  • Intel Xeon E5-1650v3 / 64GB DDR4 ECC / 240GB SSD / 1Gbps
  • Intel Xeon E5-1650v3 / 64GB DDR4 ECC / 240GB SSD / 1Gbps
  • Intel Xeon E5-1650v3 / 64GB DDR4 ECC / 240GB SSD/1TB HDD / 1Gbps