An international supplier of cloud and edge solutions, G-Core Labs, has announced the kickoff of a new stand-alone solution to help shield against SYN Flood DDoS attacks. Developed with Intel partnership, the XDP-based solution puts end to the need for a committed DDoS protection server role.
Providing customers with better protection
G-Core Labs and Intel have advanced a stand-alone solution based on 3rd generation Intel Xeon Scalable processors. This latest type of solution gets rid of the requirement for a dedicated DDoS protection server and smoothly distributes volumetric attacks across CDN servers, reducing the performance requirements for every individual CDN node. Andrew Faber, Head of cybersecurity at G-Core Labs said;

« Our long-term cooperation with Intel in the development of the solution guarantees many things for the future. First of all, it’s the flexibility of development for the customer and faster technical support. Secondly, it’s the possibility of further joint testing and upgrading a solution on the latest Intel processors available to us at the earliest possible stage, to provide the best protection to the customers.»
G-Core has tested this method of protection both in test labs and with its customer, online gaming giant, Wargaming. Wargaming puts a signature to every UDP packet from the end-user to the game server to battle DDoS attacks. G-Core Labs assisted Wargaming to ‘discharge’ such controls from their network by running this countermeasure on its’ servers, just so ‘clean’ traffic reaches customers. When an attack happens, all the traffic with invalid signatures is dropped on G-Core Labs’ servers, and only validated traffic gets to the secured server.
According to G-Core Labs, such trials of the XDP-based solutions versus SYN Flood attacks have demonstrated successfully for G-Core and its customers, in such scenarios when the DDoS protection suite will be performed on every CDN node. An SYN Flood is a type of DDoS (Distributed Denial of Service) attack that is formed to make an online network or system out of reach by causing a swamp of TCP (Transmission Control Protocol) services with the server. This attack sends short shatters of SYN messages into the ports leaving connections open and available. This results in the exhaustion of server resources and causes users to be blocked from entering or using the network.