Configuring Always-On Asymmetric, Always-On Symmetric and On-Demand Symmetric schemes
Switch via BGP, which involves forwarding announcements of the IP addresses of an autonomous system to the Internet through the Kaspersky DDoS Protection System.
Routing is a method suitable for any resources that have non-HTTP(S) services, and involves setting up GRE tunnels or physical junctions between Scrubbing Centers and the site of the Protected resource, and configuring BGP peering. This is appropriate if the Customer has their own AS and PI addresses, and the Customer's PI network is routed through Scrubbing Centers.
Always-On Asymmetric scheme
If the Customer has their own AS and PI addresses, the Customer's PI network is routed through Scrubbing Centers. Only inbound traffic of the Protected Resources passes through the Scrubbing Centers.
Always-On Symmetric scheme
If the Customer has their own AS and PI addresses, the Customer's PI network is routed through Scrubbing Centers. Inbound and outbound traffic of the Protected Resources passes through the Scrubbing Centers
In comparison with the Always-On Asymmetric scheme, this connection scheme allows to analyze and filter DDoS attacks more efficiently.
On-Demand Symmetric scheme
A symmetrical traffic flow scheme is set up through the Scrubbing Centers. When an attack is detected and a notification from KDP Technical Support is received, the Customer independently redirects traffic to the Scrubbing Centers by sending announcement of BGP routes through the Scrubbing Centers.
