Our Approach


Infrastructure Protection(Protection Against Layer 3, 4 Attacks)

AppTrana provides complete infrastructure level protection against all type of layer 3 volumetric attacks. Built bottom up on AWS, adhering to AWS DDoS resilient architecture. This inherently protects any application behind AppTrana from infrastructure level DDOS attacks and volumetric attacks

Infrastructure DDoS Protection
Website Protection

Website Protection(Protection Against Layer 7 attacks)

Always-on and Instant protection against Layer 7 attacks targeting specific application. This comes with inbuilt protection against botnets with ability to differentiate against bad bots based on behaviour and block them instantly. Apptrana also has ability to identify pretender bots and block them.

Global Threat Database

Apptrana’s Global Threat Intelligence platform besides getting feeds from global threats combines it with accurate threat intelligence for the application based on risks uncovered from our scanning, past attack history of all our customers and update the defence posture for all ensuring the protection is constantly on, accurate and up-to-date with defence against latest threats.

AppTrana Global Threat Intelligence
Managed DDoS Attack

Managed DDoS

Layer 7 DDoS can be specific, sophisticated and complex and requires a combination rules combined with alerting mechanism allowing our experts to fine tune with custom rules and build defence. AppTrana provides complete managed DDoS protection where sites are 24x7 monitored and rule updates are done by experts in real time based on alerts to ensure availability of the site.

Understanding DDoS Attacks

DDoS attacks are on the rise and strength of these attacks are increasing exponentially every year. With rise of IoT, it has become very easy and cheap to launch DDoS Attacks.

What is DDoS attack?

DDoS attacks is nothing but an attack on your web-application / infra using distributed systems with the intent of saturating the available resources which eventually affects the availability of the website.


What are the risks

DDoS attacks are prevalent, expensive threats that cost a lot more than money.

  • Substantial loss of revenue due to downtime
  • Inflated bandwidth and computing power costs due to the traffic surge
  • Reputation damage
Understanding-DDoS-Attacks

Frequently Asked Questions

Indusface takes multipronged approach to block DDOS Attacks.

Our SaaS infrastructure is infinitely scalable which scales based on various parameters like the size of requests, number of requests, resources used in the WAF machine. This means our edge networks can handle and scale to observe large scale DDOS attacks. Layer 3 and Layer 4 attacks are scrubbed using AWS DDOS shield.

We also have threshold based rules that can be customized based on user preference. This helps in rate-limiting requests so that DDOS attacks that can be imitating legitimate requests. This will help blocking IPs that go above the set threshold limit. These thresholds can be governed from AppTrana portal. By default threshold is set for 3000 requests per IP per 2 minutes.

In addition to this there are rules to block bad bots, malicious IPs, bots/IPs that have been deemed malicious due to their behaviour in the past are blocked. Also we block bots that pretend to be genuine bots like google crawler. This ensures DDOS attacks launched by bad bots/IPs are blocked immediately. 

Apart from this in case of targeted DDOS attacks our team can write surgically accurate rules based on attack pattern to thwart the DDOS attacks.

DDOS by nature are volumetric attacks that are meant to bring down the system and ensure genuine users from accessing your site. As explained in previous section, we provide comprehensive protection for such attacks.

Injection attacks are more pattern based attacks that tries to exploit vulnerabilities in the application, we have highly tuned rules to block such kinds of attack which is constantly updated. Bruteforce attacks by nature can be blocked by IP threshold rule and if there are any specific areas where vulnerability is found or attack pattern is observed then custom rules can be written to block those.

When our customer onboard request to our site, we ask them to accept traffic only from AppTrana’s IP and block any other requests. When DNS change is made and all requests are sent through AppTrana’s data center, our datacenter will become front end for your site and any ping requests will reach us and they would be handled by our scrubbing system. Even if attacker by looking at history gets the IP address of the server. Since already checks are in place any request other than from AppTrana IP at customer end, it will be blocked immediately.

We have list of bad bots and signatures of Bot attack, SQL Injection and Cross Site Scripting the covers the Payloads used for the attacks. Following rules are applied on default to protect against such attacks.

Majority of our rules look for bad behaviour in the requests and if anything malicious is found then we block the particular requests. We have anomaly rules that will block the IP if multiple blocks are seen from a particular IP. In case of DDOS rules tracking is done at IP level and if any of the DDOS rules are triggered then the IP would be blocked.

Learn more about danger of DDoS in the new world of bots and ways to prevent them by downloading the whitepaper.


Download Whitepaper

Related Resources

BLOG

Learn how to a Stop DDoS Attack


BLOG

Best Practices to build DDoS Protection


BLOG

Questions To Ask A DDoS Mitigation Service Provider


BLOG

Reasons why every business need DDoS protection


Ready to get started?

Try AppTrana for Free












14 Days Trial   |   No Credit Card required