Network Diagram

FeldHost™ is also a member of the RIPE association. We operate our own autonomous system AS206712 and IP addresses. All network elements are in redundant connections.

DC Tower Data Centre Parameters

DC TOWER is a highly secure building built specifically for servers and other technologies. It has a powerful cooling system, a backup power supply, preferential supplies of fuel, and non-stop security. It is located within a no-fly zone and outside the flood zone. Data in the data center is truly secure and simultaneously available.

How FeldHost™ Cloud Station Works?

Cloud storage is backed by HPE 3PAR 8450 All-Flash storage system, equipped with 24 × 8TB SSD disks, which has up to four controllers. This ensures redundancy at the hardware level.

The computing nodes, on which the virtual machines (VM) are running, are connected through two optical switches on the storage cluster. They share each other’s data storage and can be migrated from one node to the other one during their run, e.g. in case of maintenance, need to distribute load or a failure.

High performance of the virtual machines ensures the equipping with advanced Intel Xeon processors, DDR4 memory, storage cluster SSD SAS drives, and network connectivity through dual 10GbE technology.

FeldHost™ Anti-DDoS System

Prevention of DDoS attacks and protection against their impacts

What are DoS, DDoS and BDoS attacks and why are they dangerous?

The purpose and result of Denial of Service attacks is to disable access to services. This may happen through the utilisation of a weak point in the application, when the server stops communicating after sending off a specific chain. This may also include the misuse of an error, reaching the limit of the system, network card, application or system resources such as CPU, memory, disk space or IO operation. A DoS always happens when the particular server service returns unavailability results from the attack.

The difference between DoS (Denial of Service) and DDoS (Distributed Denial of Service) is only in the number of the attacking machines. In the case of a conventional DOS attack, only one machine is engaged; in the case of DDoS, at least two machines are engaged; in simultaneous DDoS attacks, tens of thousands to hundreds of thousands stations are engaged (incl. e.g. smart appliances).

However, unavailability of the system itself may not be the main objective of the attacker. In attacks of the type, Brain Denial-of-Service (BDoS), this is only pretence. During the course of the attack, the administrator deals with overloading of the server and usually pays less attention to the rest of the system that does not show any anomalous behaviour. This is utilised by the attacker who carries out his real intent in the part of the infrastructure to which the administrator does not pay proper attention. This may be represented by e.g. a theft of sensitive information by breaking through the protection of the server by another, less visible type of attack.

What does the Feld Host™ Anti-DDoS System Consist Of?

Radware DefensePro is network equipment that provides reliable prevention of a DoS/DDoS/BDoS attack, safety and protection of the network as well as applications in real time.

It distinguishes quickly and exactly three behaviour categories – legitimate (normal) operation, harmful (offensive) operation and unusual operation occurring on the basis of ordinary operation. It reacts to abnormalities and symptoms of harmful behaviour without any necessity of an operator's in­tervention.

radware

At the same time, RadWare DefensePro serves as a shield – it creates a so-called „grey zone“. It is a marked out safety perimeter through which and over which the potential attackers do not see. So they do not know what can be expected on the other side of the perimeter. Therefore they prefer to find an easier target for their attack.

Attention!

The DDoS service does not replace any firewall, and does not solve the preset equipment or faulty preset equipment, or any points with weak passwords.

FENIX will hold you

The project FENIX was established within the scope of a Czech peering node NIX.CZ in 2013 as a reaction to intensive DoS attacks to which important Czech media, banks and operators faced in March 2013.

In case of a DoS attack, FENIX provides their members with the availability of at least the most important internet services and contents.

fenix