G-Core Labs and Intel have developed an XDP-based solution providing mitigation of DDoS attacks with low impact on overall latency.
Luxembourg - June 29th, 2022 - G-Core Labs, an international provider of cloud and edge solutions, has announced the launch of a new stand-alone solution (eBPF) to help protect against SYN Flood DDoS attacks. Developed in partnership with Intel, the XDP-based solution removes the need for a dedicated DDoS protection server role.
A SYN Flood is a type of DDoS (Denial of Service) attack designed to make an online network or system inaccessible by causing a flood of TCP (Transmission Control Protocol) services with the server. This type of attack sends short bursts of SYN messages into the ports leaving connections open and available. This can exhaust server resources and result in users being blocked from entering or using the network.
To provide its customers with better protection against such attacks, G-Core Labs, in cooperation with Intel, has developed a stand-alone solution based on 3rd generation Intel Xeon Scalable processors. This new type of solution removes the need for a dedicated DDoS protection server and evenly distributes volumetric attacks across CDN servers, decreasing the performance requirements for every individual CDN node.
"Our long-term cooperation with Intel in the development of the solution, guarantees many things for the future", says Andrew Faber, head of cybersecurity at G-Core Labs. "First of all, it's the flexibility of development for the customer and faster technical support. Secondly, it's the possibility of further joint testing and upgrading a solution on the latest Intel processors available to us at the earliest possible stage, to provide the best protection to the customers."
G-Core has trialled this method of protection both in test labs and alongside its customer, online gaming giant Wargaming. To fight DDoS attacks, Wargaming adds a signature to every UDP packet from the end-user to the game server. G-Core Labs helped Wargaming to ‘offload' such checks from their network by running this countermeasure on its servers, so only 'clean' traffic reaches customers. When an attack comes, all the traffic with invalid signatures is dropped on G-Core Labs' servers, and only validated traffic reaches the protected server.
Such testing of the XDP-based solutions against SYN Flood attacks has proven successful for G-Core and its customers, in shared scenarios when the DDoS protection suite will be executed on every CDN node. This perfectly suits G-Core's long-term goals and its continued partnership with intel means flexibility of development for its customer and faster technical support. This case also sets an encouraging precedent for further joint testing that will ensure the G-Core solution can always provide the best protection to its customers.
This article was sponsored by G-Core Labs