DDoS mitigation

A DDoS detection and mitigation system is deployed in both the Cape Town and Samrand data centres. DDoS attack traffic is diverted to a filter/scrubbing server that can distinguish between valid and malicious traffic. Malicious traffic is scrubbed off while valid traffic is re-injected into the network. The victim IP is not affected during the DDoS attack. DDoS detection and mitigation are fully automated and traffic diversion occurs automatically.

Small DDoS attacks are scrubbed locally in the data centre by the mitigation system. For larger attacks, traffic is diverted to an international DDoS mitigation provider which then sends the clear traffic on to South Africa.

DDoS mitigation and gaming platforms

Gaming platforms require a degree of specialised DDoS mitigation that xneelo cannot currently offer. DDoS mitigation is about filtering out malicious traffic, without impacting regular visitors. Achieving this is simpler when dealing with commonly used protocols such as HTTP, as it is easier to distinguish valid vs malicious traffic. Gaming platforms, however, rely on custom communication protocols which make standard DDoS mitigation less effective and thus require more specialised solutions.

Why would a gaming platform experience latency?

DDoS detection and mitigation are fully automated and traffic diversion occurs automatically for all customers making use of our network. This method of first detecting and then mitigating does not work for gaming platforms because it causes latency that makes games unplayable. Since the xneelo DDoS system is designed to protect against general volumetric attacks, the time between detection and mitigation is not ideal for mitigating latency-sensitive applications such as first-person shooter games.