G-Core Labs, in cooperation with Intel, has developed an XDP-based solution (eBPF), that provides effective mitigation of DDoS attacks with very little impact on overall latency.
G-Core Labs has announced the launch of a new stand-alone solution to help protect against SYN Flood DDoS attacks. Developed in partnership with Intel, the XDP-based solution removes the need for a dedicated DDoS protection server role.
A SYN Flood is a type of DDoS (Denial of Service) attack that is designed to make an online network or system inaccessible by causing a flood of TCP (Transmission Control Protocol) services with the server. This type of attack sends short bursts of SYN messages into the ports leaving connections open and available. This can exhaust server resources and result in users being blocked from entering or using the network.
To provide its customers with better protection against such attacks, G-Core Labs, in cooperation with Intel, has developed a stand-alone solution based on 3rd generation Intel Xeon Scalable processors. This new type of solution removes the need for a dedicated DDoS protection server and evenly distributes volumetric attacks across CDN servers, decreasing the performance requirements for every individual CDN node.
“Our long-term cooperation with Intel in the development of the solution, guarantees many things for the future,” said Andrew Faber, Head of Cybersecurity at G-Core Labs.
“First of all, it’s the flexibility of development for the customer and faster technical support. Secondly, it’s the possibility of further joint testing and upgrading a solution on the latest Intel processors available to us at the earliest possible stage, to provide the best protection to the customers.”
G-Core has trialed this method of protection both in test labs and alongside its customer, online gaming giant, Wargaming. To fight DDoS attacks, Wargaming adds a signature to every UDP packet from the end-user to the game server. G-Core Labs helped Wargaming to ‘offload’ such checks from their network by running this countermeasure on its servers, so only ‘clean’ traffic reaches customers. When an attack comes, all the traffic with invalid signatures is dropped on G-Core Labs’ servers, and only validated traffic reaches the protected server.
Such testing of the XDP-based solutions against SYN Flood attacks has proven successful for G-Core and its customers, in shared scenarios when the DDoS protection suite will be executed on every CDN node. This perfectly suits G-Core’s long-term goals and its continued partnership with intel means flexibility of development for its customer and faster technical support. This case also sets an encouraging precedent for further joint testing that will ensure the G-Core solution can always provide the best protection to its customers.