Introducing Adaptive Filtering: Enhancing DDoS Mitigation at Path Network

We are thrilled to announce a major breakthrough in our DDoS mitigation technology - the deployment of an innovative feature called adaptive filtering. This enhancement, primarily designed for mitigating UDP-based DDoS attacks, is implemented across all 21 active scrubbing centers in the US, Europe, and APAC regions.

Our Commitment to Improvement

At Path Network, we continuously strive to improve your experience by developing cutting-edge features. Recognizing the challenges some customers face by manually having to configure protection options, we have made significant progress in creating a smart Layer 4 DDoS mitigation solution. Our current auto-mitigation capabilities have demonstrated a high level of effectiveness in countering layer 3/4 simple amplification/reflection attacks. However, this new feature will alleviate additional burden from our customers by addressing the more complex DDoS attacks as well. This feature saves many hours per week for our own team when we work with customers to figure out why an attack wasn't mitigated as effectively as it should have in addition to walking them through how to set up the firewall!

Adaptive Filtering: A Focus on Layer 4 Attacks

While we maintain robust defenses against Layer 3 and Layer 7 attacks, the primary focus of our new adaptive filtering technology is to combat UDP-based DDoS attacks, which commonly fall under Layer 4. This is where the adaptive rate-limiting mechanism comes into play - it represents a significant milestone in our quest for more comprehensive DDoS mitigation.

How Adaptive Rate-Limiting Works

This mechanism works by intelligently analyzing the behavior of servers transmitting traffic through our network. It leverages this information to identify unsolicited conversations that are likely initiated towards illegitimate or unwanted services.

Addressing Challenges: Our Solution

By incorporating support for a wide range of services within our custom-built application filters, we aim to provide comprehensive protection. In certain scenarios, customers may lease servers with unknown services running on them, or specialized protection for specific protocols might not be available. In these situations, our adaptive rate-limiting serves as a powerful complement to our existing fallback mitigation components, including Orchestrator. What sets our system apart from other generic DDoS mitigation practices is its intelligent nature, which ensures that known legitimate conversations are not disrupted during attacks.

Customer Control and Flexibility

Customers retain full control over the global firewall and custom application filters. You can continue to tailor the DDoS filtering to suit each unique use case, ensuring the utmost flexibility in protecting your infrastructure.

Looking Ahead: Continuous Enhancement and Excellence

We are immensely proud of the achievements our development team has made with the deployment of adaptive filtering. This feature has demonstrated outstanding results in blocking UDP-based DDoS attacks. Our commitment to continuously enhancing our services remains unwavering, and we will persist in our pursuit of excellence to provide you with the most robust and reliable DDoS mitigation solution available. As we continue to innovate, we're setting our sights on further enhancements, with TCP-based DDoS attacks next on the list.

Website: https://path.net/
Twitter: https://twitter.com/path_network
Sales: sales@path.net