Internet is a very important and inseparable part of everyday life. Emails mean communication, web presentations can sell services and stored files mean information. All these elements provide for both business contacts and entertainment.


However, what are you going to do if someone attacks your servers or slows down or entirely stops your business for several weeks, for example? And what if sensitive data on the server are compromised as a result of such an attack?


Denial of Service (DoS attacks) and Distributed Denial of Service (DDoS attacks) are one of the today's threats. It is relatively simple and inexpensive to organize them while efficient protection is technically complicated and usually also costly. (D)DoS attacks can target virtually anyone; their severity and frequency are constantly growing.


Do not let these attacks on your infrastructure harm your reputation, the trust of your clients and your profits. In cooperation with Coolhousing, a trustworthy operator participating in the FENIX project, your infrastructure will be safe.


Benefits of Placing Your Server in DC Coolhousing

  • proactive monitoring and behavioral analysis of data streams,
  • permanent protection, service fee independent of the number of attacks,
  • no additional charge for harmful data transfers,
  • data stream event detection and real-time detection of various attack types,
  • state-of-the-art technology to analyse data streams and suppress various types of attacks,
  • the secure FENIX network will ensure legitimate traffic even in the most critical situations,
  • detailed and clear statistics analysing data stream from the client section.

The attack mitigation and Anti-DoS/DDoS protection service utilizes top RadWare DefensePro elements, membership in the FENIX secure network project and many years of experience of the Coolhousing admins. Do not experiment - place yourselves in the hands of professionals with many years of experience!


Anti-DDoS BASIC
Lowering attractiveness for attackers, grey zone Yes
Participation in the FENIX secure network Yes
8×5 support No
24×7 support No
Unlimited count of mitigation attacks in range level #1 Yes
Unlimited count of mitigation attacks in range level #2 No
Unlimited count of mitigation attacks in range level #3 No
Protection against overloading of connections (Connection limit) No
Service fee independent of the number of attacks Yes
No charge for harmful data transfers Yes
Event detection and sending of notifications No
Notification of authorized contacts via email No
Notification of authorized contacts via phone (SMS) No
Monthly summary report No
Price per IPv4/IPv6 for free
Anti-DDoS STANDARD
Lowering attractiveness for attackers, grey zone Yes
Participation in the FENIX secure network Yes
8×5 support Yes
24×7 support No
Unlimited count of mitigation attacks in range level #1 Yes
Unlimited count of mitigation attacks in range level #2 Yes
Unlimited count of mitigation attacks in range level #3 No
Protection against overloading of connections (Connection limit) No
Service fee independent of the number of attacks Yes
No charge for harmful data transfers Yes
Event detection and sending of notifications Yes
Notification of authorized contacts via email Yes
Notification of authorized contacts via phone (SMS) No
Monthly summary report Yes
Price per IPv4/IPv6 € 37 /month
€ 18,50 /month
Anti-DDoS BUSINESS
Lowering attractiveness for attackers, grey zone Yes
Participation in the FENIX secure network Yes
8×5 support Yes
24×7 support Yes
Unlimited count of mitigation attacks in range level #1 Yes
Unlimited count of mitigation attacks in range level #2 Yes
Unlimited count of mitigation attacks in range level #3 Yes
Protection against overloading of connections (Connection limit) Yes
Service fee independent of the number of attacks Yes
No charge for harmful data transfers Yes
Event detection and sending of notifications Yes
Notification of authorized contacts via email Yes
Notification of authorized contacts via phone (SMS) Yes
Monthly summary report Yes
Price per IPv4/IPv6 on demand

Grey zone

By deploying RadWare DefensePro we have created a so-called "grey zone" in our data center, which is in fact a security perimeter into which potential attackers cannot see. They do not know what lies within the perimeter, which on its own lowers the risk that your server will become a target.



FENIX Project

The FENIX project originated at the Czech peering node NIX.CZ in 2013 as a response to intensive DoS attacks which targeted major Czech media, banks and mobile operators in March of that year. The aim of the project is to ensure availability of Internet services for at least the most important service and content providers participating in this activity in case of a DoS attack. With Coolhousing, you too can join the Czech internet elite.


The grey zone and FENIX membership are a standard part of all housing services offered by Coolhousing.


Protection of level #1

Basic level of protection, which follows from observance of network standards and analysis of data stream. If you have connection to our network, Coolhousing will provide you basic protection against the most common types of DdoS attacks such as TCP SYN Flood, ICMP Flood, UDP Flood.


DoS Shield is also includes, which provides protection against DoS scripts (DoS tools) and other global security rules.


Protection of level #2

Very advanced level of protection, based on behavioral analysis of flow in real time, providing full protection against the ten leading DdoS attacks. The solution includes antiscanning protection before vertical and horizontal scanning of network (ping-sweep) and selfdistributed malware.


Servers are also protected before brute-force attacks (so called Server cracking protection) and HTTP Mitigator protects web servers against attacks of HTTP flood type.


The protection of level #2 is possible to define exactly according to customer´s needs and his server/service. The reason is that the protection was really effective and was the right benefits for customer.


DoS - Top 10

Protection of level #3

The most highest level of protection againts attacks of DNS flood type (BDoS DNS) and especially the detailed security rules define according to customer´s needs and his services, applications and operating system.


The solution includes Intrusion Prevention System (IPS) – system which works on the basis of regularly updated signatures defined according to customers´s services, for detection and prevention of intersection monitoring network and activities of operating system to undesirable activity.



The high level offers expanded SYN Flood protection and especially protection against flooding of connections (so called Connection limit).


DoS, DDoS, and BDoS Attacks

The difference between DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks rests merely in the number of machines the attack originates from. In classic DoS attacks only one machine is involved while in DDoS at least two machines participate. Current DDoS attacks consist of tens or hundreds of thousands of stations in a single attack.


Denial of Service means preventing availability of services. This may involve exploiting a weak spot in an application when, after a certain string has been sent, the server stops communicating. It can also originate by exploiting an application bug, reaching system, network adapter or application limits, or a shortage of system resources, such as CPU, memory, hard drive space or IO operations. DoS occurs every time the attack causes server unavailability.


Taking the system out of service may not be the true intention of the attacker, though. We also recognize Brain Denial-of-Service (BDoS) attacks. An administrator dealing with server overload will usually pay less attention to the rest of the system, which does not show any abnormal behaviour. His brain capacity focuses on the problem at hand. The attacker may take advantage of this and accomplish his true goal in the part of the infrastructure neglected by the administrator, such as stealing sensitive information by breaching the server protection using another, less obvious type of attack.


Preventing Attacks

The Anti-DDoS service uses devices from the Radware DefensePro family. These are network devices providing reliable real-time prevention of DoS/DDoS/BDoS attacks, ensuring security and protection of the network and applications.

They can quickly and accurately distinguish between three behaviour categories: legitimate (normal) traffic, harmful (attack) traffic, and unusual traffic emerging from normal traffic. The service provides two types of protection.


  • The data stream behavioural analysis function lowers the DoS/DDoS/BDoS risk by detecting signs of malicious behaviour in real time, with no need for human intervention.
  • The DoS shield function prevents known DoS/DDoS/BDoS attacks.

The Anti-DDoS service does not substitute a firewall or handle incorrectly configured devices or applications and weak password points! Based on analysis, the service recognizes general attack symptoms, removing them from the data stream and thus contributing substantially to lowering the risk of protection breach or clogging by malicious traffic.


Cool Summer Experiences with Coolhousing datacenter


Coolhousing, Trusted operator - FENIX
Coolhousing, Basic DDoS protection included

Scrubbing Center

Coolhousing Scrubbing Center

A scrubbing center or a cleansing station is a network point that analyzes network traffic in real time. Coolhousing datacenter’s scrubbing center can quickly and accurately differentiate between legitimate (ordinary) traffic, malicious (attacking) traffic and unusual traffic originating from ordinary traffic.


Have a question?

Contact us

Customer
support

By using this site you agree to the use of cookies for analytics and personalised content. More...
Agree