Our company has recently reached 3.5 million registered users and 200,000 hosted websites. Daily DDoS attacks on our platform resulted in unnecessary and prolonged downtime for the thousands of sites on our network. These attacks included network level (layer 3 & 4) attacks ranging from 2Gbps to 10Gbps with various attack vectors such as UDP attacks but most commonly SYN floods which exploit the TCP three-way handshake to consume the server’s connection resources. The more challenging attacks were the diverse application level (Layer 7) attacks. These attacks seem as if they are originating from legitimate sources, try to mimic human behavior and consume the backend computing resources of the website.
We were seeing daily DDOS attacks, sometimes multiple DDOS attacks in parallel on various client websites. Since our company is a global hosted community platform and social network, everyone was affected at the same time. We needed to make sure that no attack on any one website could bring other websites down. We have gone through paid evaluations of several DDoS Mitigation services, but all of them failed to block DDOS attacks automatically without serious side effects, as blocking legitimate visitors
Once we decided to evaluate Incapsula's Cloud-Based DoS protection, Incapsula's team quickly helped us to setup a few of our websites on the service.
Once we joined Incapsula, they immediately identified that our network was under various types of attacks at almost any given time, both network and application level attacks.
While the network based attacks were absorbed by Incapsula’s backbone, the application layer attacks were very diverse. Incapsula relied very heavily on their bot detection and progressive DDoS challenge technology, to block 100% of attackers transparently, without incurring any noticeable effect to almost all of the real users.
Maintaining the best possible customer experience was a key consideration for us. It was very apparent why other DDoS protection services that involve delays, CAPCHAs and other side effect on visitors' would not work for us. Also, a DDoS solution that isn't fully automated, would keep our team constantly busy to enable/disable the protection service.
Incapsula’s ability to allow human and legitimate bot traffic to access the website with no interruption, while filtering network and application level DDoS traffic, allowed us to put our DDoS problems behind and focus on what we do best, which is building a great platform for the online gamers community.
Incapsula is now a critical component of our security infrastructure. All traffic to our network and hosted websites passes through Incapsula for screening. Malicious traffic and DDOS attacks are blocked automatically.
We take advantage of Incapsula's DDoS Protection key benefits, to secure our online properties:
Our network was finally clear from the endless onslaught of crippling UDP & SYN flood attacks that we had been experiencing. Using Incapsula's dashboard, we were able to see exactly when each attack was happening, and continue delivering service to millions of users during the attack. We also saw a sharp drop in unwanted bot activity, which resulted in a 20% drop in load on our servers. A key feature we were looking for is a very low false positive rate during mitigation. Incapsula proved to have a near zero false positive rate, and legitimate users had no trouble accessing our websites during prolonged DDOS attacks.