Connecting to Kaspersky DDoS Protection

To protect against DDoS attacks, traffic of the Protected resource must be redirected through the Kaspersky DDoS Protection System.

Kaspersky DDoS Protection operating scenario

There are several options for setting up a connection, and the connection can be established in two different modes:

Always on – traffic is continually passing through the System, and filtering is automatically enabled when a DDoS attack is detected. One of the advantages of this operating mode is its simple support capabilities. However, you also have to consider the potential impact on resources caused by the new routes of traffic over the Internet.

On demand – traffic is redirected to the System when a DDoS attack is detected, and is then returned to its original route after the attack ends. To detect DDoS attacks, the Sensor component must be installed at the Customer's site. A notification about the start of an attack is provided by phone, and traffic switchover to the redirected route remains within the area of responsibility of the Customer.

The process of connecting to the System looks as follows:

1. The Customer chooses an appropriate connection scheme and maintenance mode.
2. Connection instructions are provided by Kaspersky DDoS Protection Technical Support.
3. After the Customer completes the appropriate configuration, Kaspersky DDoS Protection Technical Support conducts the necessary tests.
4. A test switchover is scheduled.
5. After the test switchover* is successfully completed, the Customer may conduct load tests if desired.

The purpose of a test switchover is to verify that traffic is flowing correctly. This particular test is conducted without filtering and must not include simultaneous load tests. Otherwise, troubleshooting would be difficult if problems arise during the test switchover.

Page top