A new standalone solution to help thwart SYN Flood DDoS attacks has been launched by G-Core Labs, a global provider CDN, cloud and edge hosting solutions. The XDP-based solution, which was created in collaboration with Intel, does not require a separate DDoS protection server role.
A SYN Flood is a sort of DDoS (Denial of Service) attack that aims to overwhelm a server with TCP (Transmission Control Protocol) requests in order to make a network or system online unreachable. Short bursts of SYN messages are sent into the ports during this kind of DDoS attack, keeping connections open and accessible. As a result, users may be prevented from accessing or using the network and server resources may get depleted.
G-Core Labs and Intel have worked together to develop a stand-alone solution based on 3rd generation Intel Xeon Scalable processors to better defend its customers against such threats. By uniformly distributing volumetric attacks among CDN servers, this new kind of solution would eliminate the need for a separate DDoS protection server and lower the performance demands on each individual CDN node.
“Our long-term cooperation with Intel in the development of the solution, guarantees many things for the future,” said Andrew Faber, Head of Cybersecurity at G-Core Labs. “First of all, it’s the flexibility of development for the customer and faster technical support. Secondly, it’s the possibility of further joint testing and upgrading a solution on the latest Intel processors available to us at the earliest possible stage, to provide the best protection to the customers.”
Wargaming
This form of security has been tested by G-Core both with its client, an industry leader in online gaming, Wargaming, and in test labs. Wargaming adds a signature to each UDP packet sent from the end user to the game server in order to defend against DDoS attacks. By deploying this countermeasure on its servers, G-Core Labs assisted Wargaming in ‘offloading’ such checks from their network, ensuring that only ‘clean’ traffic reaches clients. Only valid traffic reaches the protected server during an attack since all communication with invalid signatures is dropped on G-Core Labs’ servers.
For G-Core and its clients, such testing of the XDP-based solutions against SYN Flood attacks has been effective in scenarios where the DDoS protection suite would be implemented on every CDN node. This can be ideal for G-Core’s long-term objectives, and the company would benefit from customer development flexibility and quicker technical assistance thanks to its ongoing cooperation with Intel. The G-Core solution would always be able to offer its customers the optimum protection thanks to this case’s favorable precedent for additional joint testing.
