This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Overview

    Service Overview

    DDoS Protection is a service that detects and defends against DDoS (Distributed Denial of Service) attacks, which generate large volumes of traffic to cause service disruptions. Continuous monitoring detects and blocks external traffic attacks, protecting the servers within the Samsung Cloud Platform. When a DDoS attack occurs, blocking the attack traffic minimizes the traffic load entering the internal servers of the Samsung Cloud Platform, ensuring the continuity of web services.

    Features

    • Rapid Attack Detection: When a large volume of traffic arrives, it detects DDoS attacks in real time. Continuously updating DDoS defense items enables effective response to the latest attack techniques.
    • Effective Attack Defense: When a DDoS attack occurs, we detect it in real time and block malicious traffic to ensure service availability, supporting regular users to access the website normally.
    • Stable web service operation: Provide 24/7 security monitoring services, and based on extensive network operation experience, effectively respond to external security threats, delivering alerts with attack information when incidents occur. Additionally, monthly reports are provided to review event details.

    Configuration diagram

    Diagram
    Figure. DDoS Protection concept diagram

    Provided features

    We provide the following features.

    • Intrusion Detection and Analysis
      • 24x365 event monitoring
      • Automatic detection of DDoS attacks
    • Intrusion Response
      • Provides learning-based detection and blocking for various DDoS attacks at the L3/L4 level.
    • Monitoring Information Provision
      • Alert on event detection
      • Provide monthly report (alert list and details)

    Component

    • DDoS Protection provides services based on public IPs configured within the VPC.
    • We provide services for servers that can be accessed over the Internet, and blocking can be performed based on attacker IP addresses.

    Constraints

    When providing DDoS Protection service, a minimum one‑month learning period is required to set the protection threshold, and we analyze the learned thresholds to provide optimal policy settings.

    Provision status by region

    DDoS Protection is available in the following environments.

    RegionProvision status
    Korea West (kr-west1)Not provided
    Korea East (kr-east1)Not provided
    South Korea South 1 (kr-south1)Provided
    South Korea South 2 (kr-south2)Provided
    South Korea 3 (kr-south3)Provided
    Table. DDoS Protection regional availability status

    Preceding Service

    • This is a list of services that must be pre-configured before creating a DDoS Protection service. For details, refer to the guides provided for each service and prepare in advance.
    • When creating a VPC Internet Gateway, you must select SIGW (Secure Internet Gateway) in Category to be able to use DDoS Protection.
    Caution
    • When creating an Internet Gateway for a VPC, selecting Internet Gateway in ‘Category’ prevents the use of the DDoS Protection service.
    • If you switch to Secure Internet Gateway, you need to change the public IP you are using.
    Service CategoryServiceDetailed description
    NetworkingVPCA service that provides an isolated virtual network in a cloud environment
    Table. DDoS Protection Pre-Service