In the first few days, we noticed that TCP-SYN and TCP-ACK attacks were not being properly blocked. That’s supposed to be the basics of an AntiDDoS service, right? We tried working with GTT to solve the problem, but they didn’t seem to have the interest or capability to fix anything.
As the days went by, we realized that it didn’t matter what type of attack it was, none of them were being mitigated correctly. Whether it was a large attack of several Gbps or a small one below 100 Mbps, none of them were mitigated.
We analyzed the traffic graphs and captures to see what was reaching our network after supposedly being “cleaned” by Corero. Their service simply didn’t live up to expectations. It was evident that the traffic was clearly a DDoS attack, with a clearly identifiable pattern, yet it was not being mitigated.
We apologize for any inconvenience this situation may have caused and appreciate your understanding. If you have any questions or concerns, please don’t hesitate to contact us.
In the graphs, the green color represents the DDoS traffic that has not been mitigated and has reached our network.
As you can see, only 30% of the attack was successfully mitigated.
