Skip to main content
General information
Last update:

General information

A DDoS attack is a distributed denial-of-service attack. Sends a large number of requests to the attacked service in order to reduce its performance or disable it completely.

All Selectel products are by default under the Selectel DDoS protection.. Protection is provided at the network and transport (L3, L4) layers. Incoming traffic is analyzed, unwanted traffic flows from the external network are blocked.

To further protect the service, you can pick up other protections (DDoS Guard L3-L4 protection that analyzes inbound and outbound traffic, as well as L7 protection). Type of protection is determined by DDoS attacks from which the service needs to be protected.

All presented DDoS protection services can be activated only for IP addresses that are used in Selectel infrastructure.

Types of protection

Protection should be selected depending on the network layer targeted by the attack — network and transport layer (L3, L4), application layer (L7). Learn more about the types of DDoS attacks at different levels and how to protect against them in Selectel's blog article How to protect your server from DDoS attacks.

Network and transport layer protection (L3, L4)Protection at the site, application level (L7)Protecting a web application from targeted attacks (L7)
The object of the attackBand exhaustion, network infrastructure disruptionExploiting weaknesses in the network protocols on which the Internet is based (the TCP/IP stack, which is responsible for transmitting and routing packets on the Internet)Attacking websites and applications (identifying illegitimate requests to applications) Targeted attacks on web applications (extracting information from database, disk, injecting malicious code)
Reflection methodAnalyzing L3, L4 traffic headers, identifying problems on network equipmentBehavior analysis of TCP/IP clients (applications interacting with the server) and data packets that are transmitted over the network, filtering based on behavioral analysisAnalyze and clean traffic at the level of application protocols HTTP/HTTPS, DNS, etc., taking into account the specifics of the application.Traffic analysis and filtering using continuously learning ML algorithms, as well as signature, behavioral and reputation analysis methods

Select protection

Selectel Protection
(enabled by default)		DDoS Guard L3-L4DDoS Guard site protection and accelerationCurator's defenseWAF Curator
Network layer protection (L3, L4)✓ (incoming traffic only)
Protection at the site, application level (L7)
Protecting a web application from targeted attacks (L7)