Founded in July 1999 with government support, Shanghai Data Solution Co., Ltd SDS is committed to meeting corporate need for better information services. The SDS is mainly engaged in high quality data communication, value-added network and information system integration businesses. Particularly, we focus on providing companies, financial institutions and government agencies with private data exchange lines, internet access, data center, and network and information security management solutions.
It is designed to timely detect abnormal network flows, including DOS attacks, by maintaining a real time monitoring over data traffic entering a customer’s IDC, and scrub off the abnormal traffic without compromising any normal business operation. In addition to meet clients’ need of maintaining continuous and smooth network service, it shall improve the visibility of the user’s network traffic and present a clear view of the user’s network security status via such service components as time notices and analysis reports.
The target customers of the product include: large and midsize IDC users, particularly those who have to depend business operation on a stable network service and who cannot afford the potentially huge damage on business turnover caused by network attacks, e.g. DDoS attacks. Specifically speaking, they are: financial institutions, online game providers, E-commerce operators and content providers;
Install and connect the threat detectors and scrubbing equipments at the outlets of an IDC and achieve the anti-DDoS protection by guiding the traffic scrubbing via routing.
The Anti-DDoS Traffic Scrubbing system is made up of three parts, i.e. attack threat detecting, attack mitigating and monitoring management.
The detecting system keeps monitoring the illegal attack traffic hidden in the network flows, timely set off attack warning after identifying any attack, and activate the protecting equipments to scrub off the attack traffic;
The attack mitigating system shall use professional traffic purification products to re-route the suspicious traffic from the original network path to the traffic purification product, and then identify and peel off malicious traffics, and then return the legal traffic back into the network and the intended systems, without affecting the forward-path of any other legal traffic;
The monitoring management system is designed to maintain a centralized management over the equipments in the traffic purification system. Its functions include: equipment configuration management, real-time traffic report, alarms report, status information monitoring, as well as timely generating traffic analysis report, attack defense report, and other relevant reports;
Real-time/on-demand traffic scrubbing: The user may choose to initialize the traffic scrubbing service immediately at the time of the attack (real-time service); Or the traffic scrubbing service could be initiated within a designated time after we receive a notice from the user, according to the provisions specified in the SLA signed with the user;
Application-specific traffic scrubbing: It is a traffic purification service targeted at traditional applications like UDP, ICMP, HTTP, TCP, and new applications like SIP and DNS; It can protect the user from various DOS attacks like SYN Flood, ICMP Flood, UDP Flood, DNS Query Flood and (M) Stream Flood;
Dynamic tuning anti-DDoS attack strategies: It is designed to adjust the configuration of anti-DDoS attack strategies according to actual network security management status and the specific needs of users to achieve the best network attack defense model;
Tailored customer report: It can provide the user a regular service report recording the attacks received and relevant analysis to help the user understand what attacks his network equipments had undergone, how the protection was achieved, as well as the relevant results;