WAN defense mitigation service
First Claim
1. A method for mitigating a network attack in a network including a plurality of mitigation devices, comprising:
- receiving traffic, intended for a customer device that is subject of a network attack, by at least one of the mitigation devices based on an anycast address associated with the mitigation devices, each of the mitigation devices being addressable via the anycast address;
processing the received traffic to remove malicious traffic and leave legitimate traffic; and
forwarding the legitimate traffic to the customer device.
5 Assignments
0 Petitions
Accused Products
Abstract
A mitigation service may be used to mitigate a network attack in a network including a group of mitigation devices. Datagrams, intended for a customer that is subject of a network attack, may be received by at least one of the mitigation devices based on an anycast address associated with the mitigation devices. Each of the mitigation devices is addressable via the anycast address. The received datagrams may be processed to remove malicious datagrams and leave legitimate datagrams. The legitimate datagrams may be forwarded to the customer via a tunnel configured between an address associated with the customer and the anycast address associated with the mitigation devices.
72 Citations
27 Claims
-
1. A method for mitigating a network attack in a network including a plurality of mitigation devices, comprising:
-
receiving traffic, intended for a customer device that is subject of a network attack, by at least one of the mitigation devices based on an anycast address associated with the mitigation devices, each of the mitigation devices being addressable via the anycast address;
processing the received traffic to remove malicious traffic and leave legitimate traffic; and
forwarding the legitimate traffic to the customer device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for mitigating a network attack in a network including a plurality of mitigation devices, comprising:
-
receiving traffic, intended for a customer device that is subject of a network attack, by at least one of the mitigation devices;
processing the received traffic to remove malicious traffic and leave legitimate traffic; and
forwarding the legitimate traffic to the customer device via a tunnel. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for mitigating a network attack in a network including a plurality of mitigation devices, comprising:
-
receiving datagrams, intended for a customer that is subject of a network attack, by at least one of the mitigation devices based on an anycast address associated with the mitigation devices, each of the mitigation devices being addressable via the anycast address;
removing malicious datagrams from the received datagrams to leave legitimate datagrams; and
forwarding the legitimate datagrams to the customer via a tunnel configured between an address associated with the customer and the anycast address associated with the mitigation devices.
-
-
22. A network, comprising:
a plurality of distributed mitigation centers, each of the mitigation centers comprising;
a plurality of mitigation devices, each of the mitigation devices being addressable by a same anycast address, at least one of the mitigation devices being configured to;
receive traffic, intended for a customer that is subject of a network attack, based on the anycast address, process the traffic to remove malicious traffic and leave legitimate traffic, and forward the legitimate traffic to the customer via a tunnel. - View Dependent Claims (23, 24, 25, 26, 27)
Specification