This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Overview

    Service Overview

    DDoS Protection is a service that detects and defends against DDoS (Distributed Denial of Service) attacks that generate large amounts of traffic intensively and cause service disruptions. Through continuous monitoring, it detects and blocks external traffic attacks to protect the servers inside the Samsung Cloud Platform. When a DDoS attack occurs, by blocking the attack traffic, it minimizes the traffic load entering the internal servers of the Samsung Cloud Platform, ensuring the continuity of web services.

    Features

    • Rapid Attack Detection: Detects DDoS attacks in real time when a large amount of traffic is incoming. Continuously updates DDoS defense items to effectively respond to the latest attack techniques.
    • Effective Attack Defense: When a DDoS attack occurs, it detects in real time and blocks attack traffic to ensure service availability, supporting regular users to access the website normally.
    • Stable web service operation: Based on large‑scale network operation experience, we can effectively respond to external security threats. Additionally, we provide monthly reports to check the details of events.

    Diagram

    Diagram
    Figure. DDoS Protection concept diagram
    The public DDoS Protection service does not provide monitoring (Security Center).

    Provided Features

    We provide the following features.

    • Intrusion Detection and Analysis
      • 24x365 event monitoring (However, the public DDoS Protection service does not provide this content.)
      • DDoS attack automatic detection
    • Intrusion Response
      • Provide learning-based detection and blocking for various L3/L4 level DDoS attacks
    • Monitoring Information Provision
      • Alarm on event detection
      • Monthly report provision

    Components

    • DDoS Protection provides services based on public IP configured within the VPC.
    • We provide services targeting servers that can be accessed via the Internet, and blocking is possible based on attacker IP.

    Constraints

    When providing DDoS Protection service, a minimum one-month learning period is required to set the protection threshold, and we analyze the learned thresholds to provide optimal policy settings.

    Provision status by region

    DDoS Protection is available in the following environments.

    RegionGeneral (Enter)Public
    Korea West (kr-west1)ProvidedNot provided
    Korea East (kr-east1)Not providedNot provided
    South Korea 1 (kr-south1)Not providedNot provided
    South Korea 2(kr-south2)Not providedNot provided
    South Korea 3 (kr-south3)Not providedProvided
    Table. DDoS Protection regional provision status

    Preliminary Service

    • DDoS Protection service list that must be pre-configured before creating the service. For details, refer to the guide provided for each service and prepare in advance.
    • When creating a VPC’s Internet Gateway, you must select SIGW (Secure Internet Gateway) in the category to be able to use DDoS Protection.
    Caution
    • When creating a VPC’s Internet Gateway, if you select Internet Gateway in the ‘Category’, you cannot use the DDoS Protection service.
    • if changed to Secure Internet Gateway, you need to change the public IP you are using.
    Service CategoryServiceDetailed Description
    NetworkingVPCA service that provides an independent virtual network in a cloud environment
    Table. DDoS Protection Preliminary Service