Personal accountPersonal account
Connect

Technologies

Proxy

Proxy

The technology utilizes a proxy server positioned between users and the destination web server to filter requests, operating at the application layer (L7) of the OSI model.

Kaspersky DDoS Protection utilizes proxy technology to redirect traffic through its filtration nodes, concealing your web resource's original IP address. This proxy node processes all inbound traffic, blocking unauthorized access attempts while effectively reducing the threat of DDoS attacks

Traffic load balancing

Traffic load balancing

Evenly distributes incoming traffic across multiple Scrubbing Centers and proxy servers, optimizing load and increasing overall bandwidth of Scrubbing Centers and the Kaspersky DDoS Protection system

Traffic load balancing is performed in two stages: before filtration when traffic arrives at Scrubbing Centers, and after filtration when traffic reaches the proxy server

Traffic filtration without SSL certificate revealing

Traffic filtration without SSL certificate revealing

SSL certificate — a digital certificate that authenticates a website’s identity and enables encrypted connections. SSL certificate prevents attackers from reading or modifying data transmitted between systems

Our system filters encrypted traffic without exposing SSL certificates, using Sensor that operate entirely within your infrastructure. This innovative approach maintains full inspection quality while eliminating the need to transfer certificates or decrypted traffic outside your network. By keeping certificates private and traffic encrypted, the solution ensures complete compliance with regulatory requirements.

API

API

Application Programming Interface is a set of methods and protocols that enables different systems to communicate and exchange data with each other

Kaspersky DDoS Protection comes with its own API, allowing seamless integration with your corporate information systems. Through this API interface, you can directly manage IP allowlists and denylists, monitor traffic and web resource statistics, analyze geographical request distribution, and access all other functionalities provided by the solution

Caching

Caching

Cache is a program or device memory that stores temporary or frequently used files for quick access
When a user first requests a protected resource, the URL and data are cached on our proxy servers. Subsequent requests for the same resource are served directly from the proxy cache without re-accessing this resource. This approach accelerates page load times while significantly minimizing load on protected web resources
Bot protection

Bot Protection

Bot protection prevents malicious bots from accessing websites while allowing beneficial bots to connect without restrictions.

Our solution analyzes each web request and assigns a bot probability score. Based on configured sensitivity thresholds, suspicious requests undergo CAPTCHA or JS Challenge verification. This system effectively blocks bots while maintaining seamless access for legitimate users

Availability monitoring

Availability monitoring

The system utilizes an external monitoring service that performs automated checks by sending periodic requests to protected web resources. This independent monitoring solution collects response time data and generates detailed graphs for analysis

Machine learning

Machine learning

Machine learning is a subset of artificial intelligence focused on developing algorithms and models that can automatically learn from data, identify patterns, and make decisions without being explicitly programmed for each specific task

We leverage machine learning (ML) technology to analyze and classify network traffic in real-time, instantly detecting anomalies and filtering out malicious activity to ensure comprehensive DDoS protection. Our ML models train on traffic statistics to accurately distinguish normal traffic from anomalies and identify attack types. Unlike traditional solutions, our system continuously adapts to emerging threats — algorithms evolve using real-time data to detect even the most sophisticated attacks

WAF

WAF

A Web Application Firewall (WAF) protects media resources from complex attacks of various types and ensures their uninterrupted operation.

WAF helps defend against various attack types that other technologies might not handle effectively. Among these attacks:

  • SQL injections — attacker injects malicious SQL code into a query to gain unauthorized access to databases
  • Cross-Site Request Forgery (CSRF) — attacker exploits HTTP protocol vulnerabilities to manipulate a user’s browser into performing actions on their behalf
  • Cross-Site Scripting (XSS) — attacker injects malicious scripts into a web page, which execute when a user visits the compromised page

WAF enables fast and effective mitigation of sophisticated attacks. By deploying WAF, you significantly reduce the risks of data breaches or disruptions to your web service