This website uses cookies to distinguish you from other users of our website. The use of cookies helps us to provide you with a specific service, to facilitate website use, to understand our visitors and to advertise to you. By continuing to browse the site you are giving consent to our use of cookies. Learn more in our Privacy Statement.

Security Services
DDoS Protection

Detect and mitigate DDoS threats quickly and effectively. Verisign’s cloud-based monitoring and superior attack mitigation capabilities provide a scalable solution to combat today’s increasingly complex DDoS attacks.

Request a Quote


Billions of times each day, Verisign helps companies and consumers all over the world engage in communications and commerce with confidence. In fact, Verisign has maintained 100 per cent operational accuracy and stability of its DNS infrastructure for .com and .net for more than 17 years.

How have we done this? Through our custom built technology platform and globally connected, highly scalable network.

Our Cloud-Based DDoS Protection Is More Than Just Capacity And Hardware

Verisign’s proprietary DDoS mitigation technology, Athena, is a globally distributed DDoS mitigation system that provides comprehensive protection against network- and application-layer attacks, and specialises in mitigating Layer-7 and Secure Sockets Layer (SSL)-based attacks.

Custom built to defend critical Internet infrastructure such as .com, .net, and the A and J Root servers, Athena provides advanced mitigation capabilities and rapid protection against zero day attacks.

Our Athena technology provides:

Advanced application level protection

Advanced application level protection:

Athena supports application-level attack mitigation techniques such as decryption, inspection and filtering of SSL/HTTPS requests and immediate termination of suspicious SSL/HTTPS requests.

Advanced packet level inspection & SYN protection

Advanced packet level inspection & SYN protection:

Using a patent-pending technology, Athena mitigates TCP SYN floods transparently without blocking legitimate clients. Advanced techniques such as Cross-packet inspection and selective session state maintenance is applied to ensure attackers cannot bypass standard signatures

Expedited mitigation of zero day attacks

Expedited mitigation of zero day attacks:

Athena allows Verisign to use real-time engineering and response-based mitigation to quickly address attacks that are extremely complex or too new, and create new signatures to address previously unobserved attack vectors—often within minutes.

High availability resilient design

High availability resilient design:

Athena implements a unique load-balancing scheme with built-in monitoring of various components to ensure resiliency, and allows the platform to handle failures of components without a failure of the platform or system.

IP black and white lists support for over 1 million entries

IP black and white lists support for over 1 million entries:

Athena is designed to meet the needs of one of the world’s largest domain name infrastructures, and can handle black and white lists with millions of entries. This massive scalability ensures that trusted visitors can continue to enjoy an organisation’s services without filtering or inspection.

Platform diversity for redundancy and resiliency

Platform diversity for redundancy and resiliency:

In addition to Athena, Verisign layers dedicated COTs and edge network layer filtering into its mitigation platform to ensure protection from a large range of attacks. This layered approach provides us the option to pick and choose the most effective countermeasures from the range of options.

Learn more about our Athena platform

Purpose Built and Globally Connected

For more than 17 years, Verisign has been building networks to survive the largest DDoS attacks on the Internet, using mitigation techniques that have successfully protected consumers and enterprises alike from catastrophic consequences.

Today, we see that attackers are even more skillful, and can change the attack profile in real time, making it even harder for enterprises to go it alone in building DDoS defenses – and the reason why many are turning to a cloud-based DDoS mitigation solution like ours.

Purpose built and globally connected, Verisign’s highly scalable network provides fast and effective DDoS mitigation. And allows us to work seamlessly with customers that are multi-homed with one or more ISPs or cloud providers.

What Our Network Provides:

Massive network scale

Massive network scale:

Our network is designed to handle and optimally route large volumes of traffic. Our 17 global Internet sites and 5 dedicated and globally distributed DDoS mitigation centres boasts >1.2 Tbps in total peering capacity.

High availability and resilient network design

High availability and resilient network design:

Verisign’s DDoS services rely on a fully redundant backbone, purpose built on multiple diverse 10 Gbps optical infrastructure, interconnecting regional and global scrubbing centres that leverages some of the largest and best connected Internet exchange points (IXPs) in the world.

Fast traffic convergence = quicker mitigation

Fast traffic convergence = quicker mitigation:

Verisign’s network is architected to provide optimal convergence times when advertising customer IP address space; the faster the attack traffic gets to our network, the faster we can scrub the malicious attack flows and send the clean traffic back to a customer’s network.

Vast global peering

Vast global peering:

Verisign’s network directly connects with over 700 networks at 1,600 points of interconnection, minimising unnecessary latency and offering optimal network performance when customer services are actively under mitigation.

Global load balancing that ensures network availability and minimizes latency

Global load balancing that ensures network availability and minimises latency:

Our network is MPLS enabled which allows traffic surges to be dynamically rerouted and prioritised based on current Internet traffic conditions. This gives us the ability to use our entire infrastructure as needed in real-time response to attack scenarios.

Flexibile connectivity for return of clean traffic

Flexible connectivity for return of clean traffic:

For return of clean traffic, our global backbone of 17 sites enables customers to interconnect in locations that are most convenient to them, with multiple options such as direct connects or GRE.

Need more info?