Managing a DDoS attack
Find out about the step-by-step approach taken by the OVH-designed system to block DDoS attacks
The server is operational
Services can be accessed via the internet. Traffic travels through the backbone of our network, arrives in our data centers, and is then processed by the server, which sends responses to the internet.
Beginning of the DDoS attack
The attack is launched from one or more websites, and arrives in our backbone. Thanks to our very high bandwidth capacity, no links are saturated. The attack then reaches the server, which begins to process it. At the same time, the traffic analysis detects that a DDoS attack has started, and mitigation is triggered.
Attack mitigation with the VAC
Mitigation begins within a few seconds. The server’s incoming traffic is vacuumed up by our VAC solution. The VAC’s hardware has a total capacity of 4 Tbit/s. The attack is then blocked without any limitation on its volume or duration, regardless of which technique it uses. Legitimate traffic is not blocked and reaches the server. This process is also called auto-mitigation, and is completely managed by OVH.
End of the DDoS attack
A DDoS attack is expensive to launch, especially if it turns out to be ineffective. After a certain amount of time, it will come to an end. Our anti-DDoS solution deactivates automatically when the attack is over, and stays ready to mitigate a new attack straight afterwards.