Preventier™ is the unique, proactive DDoS prevention program created by Rackspace to ensure unmatched network
protection and performance for our customers. No other hosting provider has combined three such disparate
technologies to create such an all-encompassing protection system for their network. From network-wide packet
scanning through granular traffic analysis right down to server-level anomaly detection, Preventier's three
layers of detection identify and filter hostile traffic 24x7x365.Preventier Quick Overview:
- Robust intrusion detection system
- Granular traffic analysis
- Real-time alerts
- Personalized anomaly detection
- Non-intrusive — no upgrades or re-architecting required
TIER 1: Network-Level Traffic Monitoring & Analysis
Preventier starts by monitoring all traffic entering Rackspace's network. Its sophisticated Intrusion Detection technology, capable of handling over 30 million packets per second, examines each and every incoming packet for signs of malicious activity. Meanwhile, Cisco NetFlow statistics perform granular traffic analysis of source and destination IP addresses, protocol information, flow information, and traffic volume. Preventier reports this information to Rackspace's Network Operations Center (NOC) experts, who use it to make routing decisions for best performance and to provide information on the attack type, source, protocol, and duration to any affected customers.
TIER 2: Server-level Anomaly Detection
Preventier also searches for anomalies on a per-server basis. It does this by analyzing your server's traffic patterns to learn about "normal" network behavior and combining the results with port usage information to create a profile of your server's usual traffic. Preventier then monitors the traffic on your server, constantly comparing it to this profile and looking for unusual behavior. If Preventier detects an anomaly, the malicious traffic is immediately filtered and blocked.
TIER 3: Traffic Filtering & Re-Routing
Finally, if malicious activity is detected, Preventier acts quickly, routing suspicious traffic through a "sanitation engine", which uses multiple DDoS detection methods to filter out and divert malicious traffic. All legitimate traffic is then forwarded to the intended destination servers, which are able to serve clients entirely unaffected by the ongoing DDoS attack.
Want to know more about Preventier? Read through this PDF.
