Detect and mitigate DDoS threats quickly and effectively. Verisign’s cloud-based monitoring and superior attack mitigation capabilities provide a scalable solution to combat today’s increasingly complex DDoS attacks.Request a Quote
Billions of times each day, Verisign helps companies and consumers all over the world engage in communications and commerce with confidence with their cloud based security. In fact, Verisign has maintained 100 percent operational accuracy and stability of its DNS infrastructure for .com and .net for more than 17 years.
How have we done this? Through our custom built technology platform and globally connected, highly scalable network.
Verisign’s proprietary DDoS mitigation technology, Athena, is a globally distributed DDoS mitigation system that provides comprehensive protection against network- and application-layer attacks, and specializes in mitigating Layer-7 and Secure Sockets Layer (SSL)-based attacks.
Custom built to defend critical Internet infrastructure such as .com, .net, and the A and J Root servers, Athena provides advanced mitigation capabilities and rapid protection against zero day attacks.
Our Athena technology provides:
Athena supports application-level attack mitigation techniques such as decryption, inspection and filtering of SSL/HTTPS requests and immediate termination of suspicious SSL/HTTPS requests.
Using a patent-pending technology, Athena mitigates TCP SYN floods transparently without blocking legitimate clients. Advanced techniques such as Cross-packet inspection and selective session state maintenance is applied to ensure attackers cannot bypass standard signatures
Athena allows Verisign to use real-time engineering and response-based mitigation to quickly address attacks that are extremely complex or too new, and create new signatures to address previously unobserved attack vectors—often within minutes.
Athena implements a unique load-balancing scheme with built-in monitoring of various components to ensure resiliency, and allows the platform to handle failures of components without a failure of the platform or system.
Athena is designed to meet the needs of one of the world’s largest domain name infrastructures, and can handle black and white lists with millions of entries. This massive scalability ensures that trusted visitors can continue to enjoy an organization’s services without filtering or inspection.
In addition to Athena, Verisign layers dedicated COTs and edge network layer filtering into its mitigation platform to ensure protection from a large range of attacks. This layered approach provides us the option to pick and choose the most effective countermeasures from the range of options.
For more than 17 years, Verisign has been building networks to survive the largest DDoS attacks on the Internet, using mitigation techniques that have successfully protected consumers and enterprises alike from catastrophic consequences.
Today, we see that attackers are even more skillful, and can change the attack profile in real time, making it even harder for enterprises to go it alone in building DDoS defenses – and the reason why many are turning to a cloud-based DDoS mitigation solution like ours.
Purpose built and globally connected, Verisign’s highly scalable network provides fast and effective DDoS mitigation. And allows us to work seamlessly with customers that are multi-homed with one or more ISPs or cloud providers.
What Our Network Provides:
Our network is designed to handle and optimally route large volumes of traffic. Our 17 global Internet sites and 5 dedicated and globally distributed DDoS mitigation centers boasts >1.2 Tbps in total peering capacity.
Verisign’s DDoS services rely on a fully redundant backbone, purpose built on multiple diverse 10 Gbps optical infrastructure, interconnecting regional and global scrubbing centers that leverages some of the largest and best connected Internet exchange points (IXPs) in the world.
Verisign’s network is architected to provide optimal convergence times when advertising customer IP address space; the faster the attack traffic gets to our network, the faster we can scrub the malicious attack flows and send the clean traffic back to a customer’s network.
Verisign’s network directly connects with over 700 networks at 1,600 points of interconnection, minimizing unnecessary latency and offering optimal network performance when customer services are actively under mitigation.
Our network is MPLS enabled which allows traffic surges to be dynamically rerouted and prioritized based on current Internet traffic conditions. This gives us the ability to use our entire infrastructure as needed in real-time response to attack scenarios.
For return of clean traffic, our global backbone of 17 sites enables customers to interconnect in locations that are most convenient to them, with multiple options such as direct connects or GRE.