DDoS Protection
Stop people from stopping you
Unmetered, highly available DDoS mitigation. Scrubbing centers in Brazil and the U.S.
Routing is not mitigating
Providers that don't have enough capacity will often change routes when you're suffering an attack. Instead of routing, Maxihost will mitigate, meaning no increase in latency for you.
No attack is too big
With 2 Tbps of capacity, Maxihost's scrubbing centers are equipped to handle any distributed attack, no matter its shape or form.
Included and extensible
All Maxihost servers offer mitigation of DDoS attacks at no extra cost, so you'll always be protected. Upgrade to more robust plans at anytime.
How it Works
Maxihost's security approach is comprised of two methods that you can choose from, Inline and Out-of-Path, each with its own set of benefits to prevent disruptions caused by bad traffic, while allowing good traffic through.
Out-of-Path
Maxihost defaults to an Out-of-Path topology so that the network infrastructure is scalable without relying on the mitigation appliance and, more importantly, so that the mitigation appliance doesn't become a single point of failure. When an IP is in Out-of-Path mode, the appliance only starts working when needed.
Inline
Available on the Anti-DDoS Pro Package, IPs can be set to Inline in order to be protected all times, regardless of whether an attack is actually happening. In Inline mode, all traffic from that IP passes through to the closest availableMaxihost scrubbing center. Protection starts instantly when an attack is identified.
No matter the attack, we can handle it.
Network level
- TCP Flood
- UDP Flood
- ICMP Flood
Reflective/Amplified
- DNS Flood
- NTP Flood
- SNMP Flood
- SSDP Flood
Fragmented Packet
- Overlapping
- Missing
- Too Many
Application Layer
- Repetitive GET
- Slowloris
- SlowRead
Specially Crafted Packet
- Stack
- Protocol
- Buffer
Managed Defense Mechanisms
Maxihost DDoS Protection service is fully managed. On top of traditional management features such as IP blocking, ACLs, null routes, blackholes, and unused ports disabling, it goes further with complete protection of layers 3, 4, and 7.
