Colt IP Guardian is intended to help Colt customers reduce the impact of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. The service is available to customers who have a service bandwidth of at least 10Mbps.
When a customer experiences a DDoS attack, not only does the attack itself jeopardise IT infrastructure, but ISPs are often forced to blackhole (discard) all traffic to the affected address range in order to prevent network degradation from impacting other customers on the network. Subscribing to the IP Guardian service removes this risk by ensuring that effective DDoS protection is in place, removing any threat or blackholing.
True DDoS Protection - The only way to properly protect a network from a DDoS attack is to fight it as close as possible to the source before it floods the customer’s Internet connection, and the only way this can be done is through the service provider. Some firewalls offer DDoS protection; however, this simply protects the internal network and not the Internet Access circuit, which may already have been flooded by the DDoS attack.
Anomaly monitoring - Colt has deployed collectors which receive Netflow telemetry data from the edge network to ensure rapid detection of any abnormal activity.
Resiliency - Colt has deployed the IP Guardian platform at strategic locations throughout its global network to ensure near continuous uptime of the IP Guardian service and the best possible round trip time (RTT) in case traffic needs to be diverted.
Effectiveness - Colt IP Guardian helps to protect the customer’s assets as the mitigation happens upstream.
Productivity - Technology deployed allows the customer to continue using its Internet service whilst under attack, thus minimising the effects of any coordinated attack; for example, lost revenues due to down time.
Colt IP Guardian is a reliable, cost-effective solution designed to help protect customer sites from the effects of a DoS or a DDoS attack. In order to deliver the Colt IP Guardian service, Colt has implemented a state-of-the-art platform based on Arbor Threat Management System (TMS) and Arbor Peakflow monitors. These have been installed at strategic locations within Colt’s Tier 1 network (Frankfurt, London, Madrid, Milan, Paris and New York) and are available to protect customer’s connectivity to the Internet.
The traffic to the customer is constantly monitored while it follows its path in the network. The Arbor Peakflow SP Collectors gather traffic statistics (network telemetry data) from all peering and transit routers which it constantly analyses to construct a network-wide view of possible traffic and network anomalies. An alert is generated if the behaviour is found to be abnormal.
When an attack is detected by Arbor Peakflow SP, traffic is automatically diverted to Arbor TMS, which mitigates the attack based on traffic patterns learned by Arbor Peakflow SP. This means that only the cleaned traffic flows toward the customer, which will be provided with high levels of protection.
It is the tight integration between the Colt network and the Arbor platform that ensures customer traffic only needs to be rerouted when an actual attack is detected. When redirection does occur, the TMS devices traffic is redirected to are located as close to the upstream peering and transit connections as possible, which drastically reduces the additional latency overhead.
C/ Corazón de María No 6
28002 - Madrid
Delegación de Sevilla
Plaza Ruiz de Alda No 11
41004 - Sevilla
Delegación de Málaga
Paseo de Reding No 43
29016 - Málaga