Originally Posted by
James
Just so that I understand; is your dedicated server actually hosted with OVH, or is the service just an add-on to your dedicated server on another host?
I would imagine, that if OVH offers this service, it's an add-on package for users who are hosted with them; not for people hosted somewhere else??
The problem occurs for dedicated server users that aren't hosted with them... That would mean their host might not have an available package like this, so they would have to move their dedicated servers somewhere else, and I'm not sure if server admins would be willing to go through that hassle.
A couple of other dedicated hosts offer this I think I bookmarked them. I’ll check it out when I get home tonight.. OVH and the one appelpitje said are the only two i see. But the extravm runs the same setup pretty much as OVH, using OVH same method.
Code:
The Game Firewall (OVH Game) is available for the following locations:
- Montreal, CA (OpenVZ VPS & KVM Game VPS)
- London, UK (KVM Game VPS)
- Gravelines, FR (KVM Game VPS)
- Vint Hill, Virginia (KVM Game VPS)
- Singapore (KVM VPS)
Traffic path while attack is being mitigated:
.. Public Network
... Backbone Routers ↓
.... Network Firewall ↓
.... Pre-Firewall ↓
.... Tilera (Game Firewall) ["Game Anti-DDoS"] ↓
.... Shield / Armor ↓
... Datacenter Routers ↓
.. Your Server
Here is an explanation of what each one does:
Pre-Firewall: The Pre-Firewall (VAC) blocks most common attacks, allowing TCP/UDP/ICMP/GRE and blocking other protocols.
Network Firewall: The Network Firewall allows the client to add custom rules to modify traffic to their IP. This includes allowing/blocking IPs/IP ranges, allowing/blocking traffic protocols (AH,ESP,TCP,UDP,GRE,ICMP), allowing/blocking ports, allowing/blocking SYN/TCPs.
Tilera ["Game Anti-DDoS"]: The Tilera (Game Firewall) allows clients to use customized filters for blocking L7 attacks towards their game or voice servers, such as Teamspeak, Ark, Minecraft, Source/CSGO, GTA, etc. This means only legitimate user traffic to the applications will be allowed to your server. It also limits ICMP, blocks DNS amp, malformed IP/UDP header/incorrect checksum. Note: The Tilera (Game Firewall) may not available in certain locations where game servers aren't offered.
Shield / Armor: The Shield and Armor firewalls are two mitigation layers traffic is sent through and does some of what previous methods do, including blocking most known attacks that work via amplication methods. These are developed by OVH and don't rely on a third partys hardware or software.