17 - Protector: DDoS mitigation at 100G

Martin Žádník

The volume of DDoS attacks grows every year. In 2016 the largest attacks reached 1 Tbps, effectively disconnecting even well provisioned services from the Internet. DDoS attacks are not only aimed at big players but smaller services and organizations are targeted with less intense, but effective enough, attacks as well. Unfortunately, the smaller players often lack budget and expertise to introduce adequate protection. CESNET is addressing this shortcoming by developing its custom DDoS protection device - DDoS Protector. The device consists of an 100 Gbps FPGA network card and a commodity server. The FPGA implements the fast forwarding and filtering data plane while the server implements the control plane that continuously evaluates the network traffic parameters and in case of attacks, it enables FPGA filtering with less than one second delay.

