DDoS attacks are the most dangerous cyber threat to every organization in the world ” Distributed Denial of Service Attack(DDoS) is that hackers use two or more computers on the network as a "zombie" to launch a "denial of service" attack on a specific target，So that the target computer's network or system resources exhausted, and the service temporarily interrupted or stopped.
Customers we serve：CTG Anti-DDoS Service provides bandwidth and service protection for those customers who purchase CTG GIS products.
There two Anti-DDoS options, namely Black-Hole and Clean-Pipe.
Black-Hole service: When DDoS attacks the user server, CTG changes the next hop of attacked target IP address to an empty address (or black-hole server) to block traffic and protect customer network. Service Coverage：all overseas CN2 (AS4809) and ChinaNet (AS4134) customers Service Implementation：① BGP community ② GTG Portal
Clean-Pipe service: CTG provides real-time traffic monitoring of IP addresses customer need to be protected. When an attack occurs, CTG uses the deployed dedicated mitigation platforms to re-route attack traffic, cleaning, and re-injection the cleaned traffic to customer.
• Total 10 mitigation platforms deployed in APAC, Europe and America.
• High-capacity architecture with multi-hundred gigabit support capacities.
• Through resource sharing between CTG and CT HQ mitigation platforms, CTG and HQ “YunDi” team work together to provide attack defense using “near-source mitigation”.
• The way of traffic re-injection: The cleaned traffic will be re-injection through CTG CN2 network to customer, not using GRE tunneling.
• Service Coverage: To those customers who access to overseas CN2 (AS4809) network.
• CTG Anti-DDoS Service is TCP/IP (ISO Layer 3 & Layer 4) mitigation service.
• Currently CTG Anti-DDoS Service can only provide mitigation for IPV4 addresses.
For Black-hole Service
• No need to deploy special equipment and special routes.
• Through BGP community or CTG Portal, customer could block victim IP address in seconds.
• There are two options for this service: all direction Black-hole and only China direction Black-hole.
For Clean-pipe Service
• CTG uses “near-source mitigation” way and could be able to defense DDoS attack globally.
• Flexible service offering to reduce investment and operating costs
• Proactive, 24 x 7 real-time monitoring of anomalies with detection and mitigation measures to maintain Clean-pipe service