Overview
Service Overview
DDoS Protection is a service that detects and defends against DDoS (Distributed Denial of Service) attacks that generate large amounts of traffic intensively and cause service disruptions. Through continuous monitoring, it detects and blocks external traffic attacks to protect the servers inside the Samsung Cloud Platform. When a DDoS attack occurs, by blocking the attack traffic, it minimizes the traffic load entering the internal servers of the Samsung Cloud Platform, ensuring the continuity of web services.
Features
- Rapid Attack Detection: Detects DDoS attacks in real time when a large amount of traffic is incoming. Continuously updates DDoS defense items to effectively respond to the latest attack techniques.
- Effective Attack Defense: When a DDoS attack occurs, it detects in real time and blocks attack traffic to ensure service availability, supporting regular users to access the website normally.
- Stable web service operation: Based on large‑scale network operation experience, we can effectively respond to external security threats. Additionally, we provide monthly reports to check the details of events.
Diagram
Provided Features
We provide the following features.
- Intrusion Detection and Analysis
- 24x365 event monitoring (However, the public DDoS Protection service does not provide this content.)
- DDoS attack automatic detection
- Intrusion Response
- Provide learning-based detection and blocking for various L3/L4 level DDoS attacks
- Monitoring Information Provision
- Alarm on event detection
- Monthly report provision
Components
- DDoS Protection provides services based on public IP configured within the VPC.
- We provide services targeting servers that can be accessed via the Internet, and blocking is possible based on attacker IP.
Constraints
When providing DDoS Protection service, a minimum one-month learning period is required to set the protection threshold, and we analyze the learned thresholds to provide optimal policy settings.
Provision status by region
DDoS Protection is available in the following environments.
| Region | General (Enter) | Public |
|---|---|---|
| Korea West (kr-west1) | Provided | Not provided |
| Korea East (kr-east1) | Not provided | Not provided |
| South Korea 1 (kr-south1) | Not provided | Not provided |
| South Korea 2(kr-south2) | Not provided | Not provided |
| South Korea 3 (kr-south3) | Not provided | Provided |
Preliminary Service
- DDoS Protection service list that must be pre-configured before creating the service. For details, refer to the guide provided for each service and prepare in advance.
- When creating a VPC’s Internet Gateway, you must select SIGW (Secure Internet Gateway) in the category to be able to use DDoS Protection.
- When creating a VPC’s Internet Gateway, if you select Internet Gateway in the ‘Category’, you cannot use the DDoS Protection service.
- if changed to Secure Internet Gateway, you need to change the public IP you are using.
| Service Category | Service | Detailed Description |
|---|---|---|
| Networking | VPC | A service that provides an independent virtual network in a cloud environment |