All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DDoS protected offers
So looks like more and more people are (understandably) jumping on the DDoS protection bandwagon. Many offers are posted of services including "DDoS protection", but not so many are clear on filtering capabilities on such an important product.
My main concerns are:
Providers listing DDoS protection when they simply mean auto-nullrouting. Well, they protect their own network, not the product being sold and under my point of view, this shouldn't be allowed at all.
Providers selling some kind of DDoS protected services but not listing capabilities. While 1 gbps or even less is something, it isn't really useful in the real world. Even some old, established providers are doing this.
You list the amount of included RAM or bandwidth on your offers, yeah? If DDoS protection is part of the product, you should list how much you can tank too.
I don't want to point fingers, but I think this is something which needs to be addressed.
Comments
why not right? some extra information is always nice
but what prevents one from lying about the ddos tank capacity? as a legit customer you cannot really confirm it.
They would get caught sooner than later. Anyway, worst part to me are providers offering "DDoS protection" when they simply nullroute. And there have been a few lately.
Most of the popular hosts like BuyVM, Prometeus, RamNode have a maximum protection capacity of up to 10 Gbps whereas OVH or its resellers have protection capacity of up to480+ Gbps with 3 VACs(1 each in Roubaix, Strasbourg & Beauharnois) all interconnected to each other.Ginernet's capacity is also up to 1 Gbps whereas all other companies usually have up to 1 Gbps to 10 Gbps protection as well.
Voxility also claim DDOS protection of up to 400 Gbps but their facility is almost always saturated, not properly optimized & hence fails to mitigate/block a few 100 Mbps attacks.
That is a valid form of ddos protection. For example, if another customer on the same node as I am (or even cabinet/data center in large situations) gets targeted, I know that my VPS isn't going to go down for very long simply because they got attacked.
Sometimes it isn't a reassurance that your services wont go down if you are targeted, but that yours won't go down when someone else is targeted. Granted, this isn't what people are typically after, but a valid point to be made none the less.
Should the type and effectiveness of ddos protection be identified in the sales literature? Absolutely. I totally want to see more information about a providers network before I buy from them.
Are you sure? (I don't know for sure but I supposed it was 1M PPS/1 gbps). I could be wrong so please don't take my word on this.
No. Voxility does tank very big attacks in Europe.
Selling "DDoS protection" with a service and then nullrouting on a small flood is at the very least, misleading.
Your VPS wouldn't go down for more than a few minutes if a different customer on the node is targeted, any reasonable provider will apply nullroutes fast or even automatically so I don't think that's something to worry as a customer (not much, at least).
I think that most people will now start being cheap and provide/resell "DDoS Protected Services" from OVH because they include it for free.
Idk why but i would still prefer the protection from Voxility, SecureDragon, X4B over that.
Obviously me too. OVH isn't reliable to host any kind of user-generated content. Well, or anything at all.
I am sorry, it was a typo yes their capacity is 1 Gbps.
I've had many servers from them & found their DDOS protection to be literally useless.And it is not only me whoever I asked about Voxility's DDOS protection said the same. And that is mostly due to the reason that their DDOS infrastructure is often saturated.
Our DC is OVH. So i didn't experienced problems yet and i think i'm not going to experience problems about DDoS attacks.
IMO, they are as reliable as any good hosting provider in the world.Most people who usually complain about OVH are those who expect "Fully Managed" server for 10 Euros or premium support with their Kimsufis. Take a professional server from them & you would see the difference.
What is the harm in doing that if OVH's DDOS protection is good despite being free?
And actually it is not free, as they are charging 0.50 Euros extra per vps and 1 to 3 Euros per dedicated server to cover the costs of their DDOS protection.
I disagree with your reasoning. Automatic mitigation of an incoming (or outgoing) dos attack on the host node is a form of dos protection for the companies clients.
Should hosting providers have someone on staff that would identify a dos and null route it if they see it, yes. Does this constitute dos mitigation? Yes. Protection? No. Automated systems respond much faster than a human can, resulting in down times of seconds rather than minutes or hours for other customers.
Is it what you want? No. Are you upset because you don't get what you want? Yes. Is this a problem? Yes.
You want something else. You want additional advanced dos mitigation techniques. Many of these techniques require deep packet inspection and/or extra on hand/demand bandwidth, both of which cost a significant amount of money. Will you get that for LEB prices? Typically no.
Should providers say what they are offering? What their dos capabilities are? Of course. I totally agree with you.
Your statement that offering automatic null routing as dos protection "is misleading" is wrong. What you want hasn't existed until a few years ago. Industry standard for dos protection/mitigation has been null routing for way longer than deep packet inspection has really been an option. Why do so few people have it? Because its brand new and not the standard in most data centers.
I would personally not like to see tons of reselling hosts that all use OVH just because they include DDoS protection
its nice to have different choices and variations instead of many providers using 1 datacenter, it is good to have more options.
That is my main concern.
I think that @Nyr means that customers shouldn't be nullrouted if they become a victim of a random DDoS attack while the host stated at sign-up that protection is included as a feature.
If the hosts idea of Protecting a client against DDoS is nullrouting the IP then they should state Nullroute as a feature and not DDoS Protection because those are 2 different things.
I agree with you, what I usually expect from an OVH reseller is value added stuff.For example I expect them to have faster response times or light management with their VPS. OVH already offer VMware & OpenVZ so may resellers should use XEN or KVM? If they are not doing any of these then what different they are offering from OVH that I should get a server from them instead of OVH? This is what all vps providers leasing servers from OVH should realize themselves as well.
And another problem is none of other DCs have DDOS protection capacity as big as that of OVH.Also other DCs chrge a lot even for a few Gbps DDOS protection. So this is where DDOS protected vps provders don't have many choices.
Then you have found the first guy relatively happy with Voxility's DDoS protection
DDoS attacks wouldn't be a concern for me at OVH. More like they suspending entire shared servers after abuse from one customer and things like that.
My experience (and other's experience too) with them, differs. Their DDoS protection is an awesome perk and extremely cheap too, yeah.
>
Yeah, that's exactly what I meant
Hmm. I see what you are saying. I haven't ever thought of it like that.
I may be convinced to change my opinion on the naming conventions used in the advertisements.
Hehe, probably because there's quite some attacks coming from OVH. Had one last week.