Health monitor based distributed denial of service attack mitigation
First Claim
Patent Images
1. A system for mitigating a DDoS event, the system comprising:
- an application delivery controller comprising;
a hardware processor; and
a memory coupled to the hardware processor, the memory storing instructions executable by the hardware processor, the hardware processor of the application delivery controller being configured to;
send a request to a health monitor concerning a state of a network, the health monitor determining a presence of a network data traffic in a collapsible virtual data circuit that normally conveys the network data traffic and collapses in response to the DDoS event associated with the network by stopping a flow of the network data traffic;
determine that the health monitor has failed, the failure being evidenced by a lack of a response to the request from the health monitor to the application delivery controller, the lack of the response to the request being an indication of a collapse of the collapsible virtual data circuit; and
based on the indication of the collapse of the collapsible virtual data circuit, redirect network data traffic associated with the collapsible virtual data circuit.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided are methods and systems for mitigating a DDoS event. The method may comprise receiving an indication of a collapse of a collapsible virtual data circuit associated with network data traffic. In response to the received indication of the collapse, the collapse may be attributed to the DDoS event. Furthermore, the method may comprise redirecting the network data traffic to one or more DDoS mitigation services. The method may further comprise mitigating the DDoS event by the one or more DDoS mitigation services.
192 Citations
20 Claims
-
1. A system for mitigating a DDoS event, the system comprising:
an application delivery controller comprising; a hardware processor; and a memory coupled to the hardware processor, the memory storing instructions executable by the hardware processor, the hardware processor of the application delivery controller being configured to; send a request to a health monitor concerning a state of a network, the health monitor determining a presence of a network data traffic in a collapsible virtual data circuit that normally conveys the network data traffic and collapses in response to the DDoS event associated with the network by stopping a flow of the network data traffic; determine that the health monitor has failed, the failure being evidenced by a lack of a response to the request from the health monitor to the application delivery controller, the lack of the response to the request being an indication of a collapse of the collapsible virtual data circuit; and based on the indication of the collapse of the collapsible virtual data circuit, redirect network data traffic associated with the collapsible virtual data circuit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A method for mitigating a DDoS event, the method comprising:
-
sending, by an application delivery controller, a request to a health monitor concerning a state of a network, the health monitor determining a presence of a network data traffic in a collapsible virtual data circuit that normally conveys the network data traffic and collapses in response to the DDoS event associated with the network by stopping a flow of the network data traffic; determining, by the application delivery controller, that the health monitor has failed, the failure being evidenced by a lack of a response to the request from the health monitor to the application delivery controller, the lack of the response to the request being an indication of a collapse of the collapsible virtual data circuit; and based on the indication of the collapse of a collapsible virtual data circuit, redirecting network data traffic associated with the collapsible virtual data circuit. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for mitigating a DDoS event, the system comprising:
an application delivery controller comprising; a hardware processor; and a memory coupled to the hardware processor, the memory storing instructions executable by the hardware processor, the hardware processor of the application delivery controller being configured to; send a request to a health monitor regarding a state of a network resource, the health monitor determining a presence of a network data traffic in a collapsible virtual data circuit that normally conveys the network data traffic and collapses in response to the DDoS event associated with the network resource by stopping flow of the network data traffic; determine that the health monitor has failed, the failure being evidenced by a lack of a response to the request from the health monitor to the application delivery controller, the lack of the response to the request being an indication of a collapse of the collapsible virtual data circuit; and based on the indication of the collapse of the collapsible virtual data circuit, redirect network data traffic associated with the collapsible virtual data circuit, wherein the redirecting the network data traffic associated with the collapsible virtual data circuit includes; redirecting the network data traffic to one or more DDoS mitigation services; analyzing the network data traffic by the one or more DDoS mitigation services to detect DDoS data packages; and filtering the DDoS data packages by the one or more DDoS mitigation services to provide filtered network data traffic.
Specification