DDoS Attacks areInevitable
When attacks strike, your competitors go dark. You stay online with our multi-layered defense system.
Simulate real attack scenarios
Traffic flows smoothly through our remote protection network
What you should expect
Mitigation on the edge
The majority of large volumetric attacks are mitigated at the edge before it even hits your server. Today, traffic is filtered using modern inline edge appliances, such as the Arbor Edge Defense (AED), and Arbor's Threat Mitigation System (TMS).
Balanced across 12+ global locations
What is 10,000Gbps?
10,000Gbps (10Tbps) is the capacity which is utilized to block volumetric DDoS attacks, while this number sounds great to throw around - the truth is a lot of DDoS attacks won't be mitigated this way. Modern attacks are advanced and new, they're also a lot smaller too but still just as devastating.
The Industry Problem
Most providers rely on a single protection method. When that system fails or encounters an unknown attack vector, their entire network goes down. You've probably experienced this before.
Our Multi-Layer Approach
We've built multiple independent protection systems that work together. If one layer encounters an issue, there are backups to ensure you are not kept offline with seamless state syncing.
How much can Physgun handle?
You'll often see hosting providers purely advertise figures like "700-1000 Gbps Protection!". While these numbers sound impressive, they usually represent only the maximum volume their infrastructure can absorb under ideal conditions. This means if the attack launched at your server is new and advanced, or they don't know about it, you will be affected by the DDoS attack. Some providers are getting good at blocking a large amount of these advanced attack vectors, however the truth is; they'll never be able to keep up with the amount of new attack vectors and exploits being created every day. Every application & game has its own types of vulnerability, and new DDoS/DoS attack vectors appear everyday.
How we're different
Instead of traditionally analyzing traffic and blocking it like most DDoS protection suites, our protection only allows traffic we know is legitimate for your application to reach your server.
This technique allows us to provide an extra layer of security traditional DDoS Protection suites can't keep up with, allowing us to block new attack vectors more efficiently.
We also have numerous fail-over procedures to ensure we do not have 1-point of failure. Most hosting providers only have one DDoS Protection method, if that goes down, so does their entire network.
Example Attack Vectors We Block
Volumetric Attacks
High-volume traffic floods designed to consume bandwidth and overwhelm network infrastructure.
Protocol Attacks
Exploits weaknesses in server resources and network protocols to cause service disruption.
Malformed Packets
Detects and blocks packets with corrupted headers, invalid checksums, and malformed data structures.
Application Layer
Sophisticated attacks targeting specific applications and services with seemingly legitimate requests.
Fragment Attacks
Advanced fragmentation-based attacks that attempt to bypass traditional security measures.
Botnet & Zombie Detection
Identifies and blocks coordinated attacks from compromised devices and zombie networks.
ICMP Attacks
Blocks malicious ICMP traffic including ping floods, smurf attacks, and ICMP tunneling.
Advanced Evasion
Detects sophisticated attempts to bypass security measures using novel techniques and zero-day exploits.
Game Specific Attacks
Detects custom, hard to mitigate attacks made specifically for game servers.
*Not all attack vectors are listed here. Blocked data is accurate but skewed to prevent predictions.
Questions?
Join over 6,000+ members in our Discord community chat with other server owners, get help, and stay up to date with the latest news.