JustVM DDoS Protection

Our DDoS filtering protects from floods over 1 TGbps

Protection is just $3.00 / IP / month

DDoS mitigation is a set of network management techniques and/or tools, for resisting or mitigating the impact of distributed denial-of-service (DDoS) attacks on networks attached to the Internet, by protecting the target, and relay networks. DDoS attacks are a constant threat to businesses and organizations, by delaying service performance, or by shutting down a website entirely.

The consequences of DDoS attacks differ depending on the type of entity affected. For businesses, the ramifications of such attacks often involve lost sales and customer dissatisfaction. Media outlets and social groups, on the other hand, face the muzzling of their voices when targeted by DDoS attacks. For governments, these attacks can impede their ability to communicate with the public and their employees. For gamers, the effect of DDoS attacks is the loss of competitiveness to their adversaries.

1. Detection – in order to stop a distributed attack, a website needs to be able to distinguish an attack from a high volume of normal traffic. If a product release or other announcement has a website swamped with legitimate new visitors, the last thing the site wants to do is throttle them or otherwise stop them from viewing the content of the website. IP reputation, common attack patterns, and previous data assist in proper detection.

2. Response – in this step, the DDoS protection network responds to an incoming identified threat by intelligently dropping malicious bot traffic, and absorbing the rest of the traffic. Using WAF page rules for application layer (L7) attacks, or another filtration process to handle lower level (L3/L4) attacks such as memcached or NTP amplification, a network is able to mitigate the attempt at disruption.

3. Routing – By intelligently routing traffic, an effective DDoS mitigation solution will break the remaining traffic into manageable chunks preventing denial-of-service.

4. Adaptation – A good network analyzes traffic for patterns such as repeating offending IP blocks, particular attacks coming from certain countries, or particular protocols being used improperly. By adapting to attack patterns, a protection service can harden itself against future attacks.

A good practice is to use a Web Application Firewall (WAF) against attacks, such as SQL injection or cross-site request forgery, that attempt to exploit a vulnerability in your application itself. Additionally, due to the unique nature of these attacks, you should be able to easily create customized mitigations against illegitimate requests which could have characteristics like disguising as good traffic or coming from bad IPs, unexpected geographies, etc. At times it might also be helpful in mitigating attacks as they happen to get experienced support to study traffic patterns and create customized protections.

What types of floods do we protect against?

  • TCP RST & FIN Flood
  • ICMP Flood
  • Invalid Protocol Flood
  • Non-reflective DNS
  • TCP SYN Flood
  • UDP Fragments
Some protection methods may require a support ticket to be enabled.

Frequently Asked Questions

Questions and answers about JustVM DDoS protection.

Have questions?

We’ll help answer all of them.
Is there a Service Level Agreement?
Yes, we have a 99.9% uptime guarantee. It does not cover downtime due to application layer floods. Please see our TOS for more information.
How long does it take to activate my DDoS protected IP address?
DDoS protected IPs are automatically issued upon placement of an order. Activation of your account normally takes anywhere from 5 minutes to a few hours.
How much DDoS protection is provided?
We provide over 1000 million packets per second of filtering for volumetric floods. This amount of protection is not dedicated to you but is a pooled resource shared in each location by all DDoS-protected customers
Where can I order a DDoS protected IP address?
While in the checkout process, or on the product upgrade page, simply enter how many protected IP addresses you want