Anti DDoS Protection – Can your Provider Protect you?

The increase in the number and severity of DDoS attacks, on almost every organisation that exists, is, for those not adequately protected, wreaking havoc with their networks.

What is a DDoS Attack?

A DDoS (Distributed Denial of Service) attack is an attempt to cause severe disruption to a network or server by overwhelming it with Internet traffic. This essentially creates a ‘traffic jam,’ so normal traffic requests cannot be met, resulting in a loss of service for users. If you’re unlucky enough to have experienced a DDoS attack, or worse still your Internet Service Provider has, you’ll know the cost of disruption from such an outage. DDoS attacks have existed for as long as there have been resources to attack, but now, as well as the multi-billion cybercrime market, there is an increase in severe DDoS attacks coming from students.

How do reputable broadband providers prevent DDoS attacks?

Reputable providers, providing up to date and secure broadband, will generally provide their additional services such as security and filtering as a cloud-based, managed service and will make continuous investments in their security systems.  Schools Broadband continues to invest heavily in this area to ensure we provide a service that delivers the robust protection our customer networks require.

What is the scale of threat of a DDoS attack?

Until now, the industry-leading Fortinet Firewalls, used by Schools Broadband in our core, have been sufficient to protect our customers. Such attacks have been soaked up and our schools are unaware of the dangers. The DDoS attacks we were used to seeing, didn’t affect large-scale networks. However, with the availability of increased bandwidths, comes the capacity to strike an attack as much as 50 times bigger than most school broadband lines. And that is what needs to be stopped dead in its tracks. Schools Broadband commonly manages attacks in the 10s of Gbps but is now geared up in readiness for attacks as big as 100Gbps which is soon to be a very realistic threat.

What should you ask your provider, to ensure they can prevent DDoS attacks?

Whilst a full Unified Threat Management (UTM) system is still needed, the growth in severity and frequency of DDoS attacks means providers need to move way beyond standard level firewalls and even enterprise level firewalls. Any reputable provider of secure services should have introduced a further level of dedicated DDoS protection to their own platform. Ask your provider if they have done this and what levels of reassurance they can provide. Schools Broadband introduced this extra level in 2019, investing hundreds of thousands of pounds in our Anti DDoS Protection System, protecting our own networks and our customers. Since then, not one of our schools has suffered an outage as a result of a DDoS attack.

How does the Anti DDoS Protection System work?

The Anti DDoS Protection System works by scrubbing and removing malicious traffic from the main traffic stream and in Schools Broadband’s case, sits between the Schools Broadband network perimeter and the customer’s network. A recent DNS reflection DDoS many 10s of Gbps in size, experienced by Schools Broadband, was fully contained by our anti DDoS Protection System. In the past, this would have massively affected customer connectivity, taking Schools Broadband anything between five and 40 minutes and was in the main, a manual process. Now it is fully automated and typically takes less than a second to be detected, with the malicious traffic scrubbed almost instantaneously, whilst genuine traffic continues to flow.

Schools Broadband is a leading provider of internet security and web filtering for education and has been awarded “Best Security” four times in five years by the Internet Service Providers Association.

To discuss Anti DDoS Protection for your school or MAT, contact a member of the Schools Broadband team today: 01133 222 333 or email: