Anti-DDoS market landscape
The anti-DDoS market has witnessed significant growth over the past few years, driven by the increasing frequency and sophistication of cyberattacks worldwide. According to a report by Verified Market Research, the DDoS protection and mitigation market size was valued at USD 2.91 billion in 2022 and is projected to reach USD 7.45 billion by 2030, growing at a cumulative annual growth rate of 13.77% from 2023 to 2030.
There are a few key players in the Anti-DDoS arena targeted at offering enterprise grade DDoS protection, for instance, large providers such as Cloudflare, Akamai and Imperva. While larger providers offer a broad spectrum of services, they often adopt a more generalized approach to Anti-DDoS protection, recognizing common and well-documented communication protocols. Although they work great in protecting websites, enterprise applications and networks, they tend to misclassify legitimate traffic in the case of real-time communication applications and online multiplayer games due to the non-standard port and/or packet type settings used for these.
In contrast, i3D.net’s strategic decision to develop its proprietary ultra-low latency Anti-DDoS solution aimed at real-time applications and the gaming market allowed it to focus on scalability and delivering anti-DDoS capabilities to services using single protocol traffic streams with a limited set of ports and byte-matching patterns. This forgoes the use of “scrubbing centers” that backhaul the traffic deep within the provider’s network, adding unnecessary latency to your operations. i3D.net adapted its defense strategies to real-time communication and gaming-specific needs, cleaning the traffic on the edge of their network ensuring no additional latency, a higher level of customization and granular protection against DDoS attacks.
Why it made sense for i3D.net to build an Anti-DDoS solution
A study conducted by Radware found that during the first quarter of 2022, DDoS attacks increased by nearly 75% compared to the same period in the previous year, and according to Akamai Technologies, 37% of all DDoS attacks were targeted towards gaming. With gaming and other real-time applications being a target for DDoS attacks, i3D.net specializes in protecting latency-sensitive applications.
For i3D.net, it all started in the LATAM region, where certain factions/clans would take competition to another level — using DDoS attacks as a tool to hinder gameplay for their competitors, attempting to take game servers down for extended periods of time. At the time, there were very few game-hosting infrastructure providers in the region with the most prominent one being i3D.net. Due to a proven track record in mitigating DDoS attacks, i3D.net was the vendor of choice for Electronic Art’s Battlefield community servers. Using the highly scalable vSRX virtual firewalls of Juniper Networks, i3D.net was able to filter out and block irrelevant traffic before the attacks would even enter the network, making the attempts fruitless, and the digital environment safer for players in the LATAM region.
This success further pushed i3D.net into developing granular protection for gamers and game developers. The dispersion and size of operations of i3D.net’s customers demanded an anti-DDoS solution. With extensive knowledge in the gaming market, it made sense to build one in-house, while co-developing the software features with game studios as the solution was maturing. Deeply integrated with internal tooling and monitoring systems around the world, with full ownership of the full technology stack, from data centers to software and platform, i3D.net can continuously optimize and fine-tune its solution.
Building an anti-DDoS solution to protect its own enterprise-grade infrastructure was as much needed as the protection for online multiplayer games and real-time communication applications, making the final product, i3D.net’s Global Low Latency Anti-DDoS (GLAD), a full-blown DDoS defense of digital ecosystems all around the world.
How i3D.net stands out as an Anti-DDoS solution provider
i3D.net tailors measures in the Anti-DDoS solution to defend online multiplayer video games and other real-time applications such as cloud gaming, live streaming and voice and video communication, leading to rigorous protection against targeted attacks.
Automatic attack detection is one of the base features to protect both customers and their users, based on statistical models with parameters looking into the volume, DDoS attack origin network and repetitiveness of attacks, assigning a threat level to every packet entering i3D.net’s network. In addition to this, pre-determined and custom Access Control Lists (ACLs) allow for a higher level of protection against different attack types, allowing customers to define specific ports, protocols and IP addresses that need to be safeguarded according to specific requirements. As mentioned before, i3D.net’s entire infrastructure and in turn, all customers are by default protected by the Global Low Latency Anti-DDoS solution. But there is an extra layer of protection that customers can utilize. i3D.net’s Anti-DDoS technology dives deeper into protecting the most DDoS-targeted industry — gaming.
Understanding the mechanisms of a DDoS protection
Proprietary anti-DDoS solutions often use Border Gateway Protocol (BGP) FlowSpec to advertise firewall rules, where a router installs, handles and distributes the rules globally from a central place that detects DDoS attacks. Then a firewall rule is deployed toward the target or the source, which is susceptible to spoofing of the source address, ultimately blocking legitimate traffic and users. This method is extremely hard on the routers due to the sheer number of requests coming from multiple source IPs, which could cause excessive processing load on the router, leading to packetloss or even outages for connected services. Another mitigation technique used is remote-triggered blackholing (RTBH). RTBH doesn’t use BGP FlowSpec at all, it is meant to block a specific type of traffic before it enters the protected network, which in turn drops all traffic, legitimate and illegitimate, killing the connection to the server.
Warden: What sets i3D.net’s DDoS protection apart from the rest
i3D.net does things differently, using BGP FlowSpec to redirect all the traffic entering i3D.net’s network to a local server that runs in-house built software — Warden. Using BGP FlowSpec, the rules are distributed automatically throughout the Warden nodes around the world in 60+ Points of Presence, with each node capacity expanded regularly. Each node is built in a dynamic, fail-open way, withdrawing itself from the network together with the FlowSpec routes. If a single node fails, the advertised routes are immediately withdrawn from the routing tables and the traffic entering i3D.net’s network is routed to a fully functional Warden node in proximity. With each of the 60+ Points of Presence being an individual pod, where Warden nodes directly talk to the routers local to that location, i3D.net thwarts any potential impact on the end users.
How does Warden deliver value?
Warden is an always-on DDoS protection feature, which provides advanced traffic filtering capabilities by utilizing a dynamic whitelist provided by the customer. With customer-defined protection profiles (Armors) — expected traffic patterns, ports, protected protocols, packet sizes and headers, Warden looks at the source IPs analyzing the traffic trying to reach customer’s servers in-depth, and either allowing it to move further throughout i3D.net’s network or blocking it at the edge. Because Warden is always functional, it is a matter of setting up the Armors, which are customer-specific, allowing i3D.net to tailor the protection to every customer. Customers can change and update their Armors via API, where the changes are automatically distributed throughout every single Warden node around the world. That being said, customers can have very granular traffic filters, making their digital ecosystems fool-proof.
Ensuring low latency DDoS protection
One of the key advantages of Warden is its ability to operate without introducing latency. By bypassing the operating system (OS) and directly processing and filtering traffic on the network interface card (NIC) itself, Warden offloads the filtering process from the OS, ensuring efficient and high-performance filtering. Warden is designed to be flexible and adaptable. With enormous scaling capabilities and easily added protection features, i3D.net keeps its customers safe from the latest DDoS techniques.
