Cybersecurity best practices and DDoS defence strategies
While the implementation of GRE (Generic Routing Encapsulation) tunnels to deliver clean traffic back to protected networks is the most common deployment method used in today’s networked world, Nexusguard’s Origin Protection (OP) allows for Direct Connect from CSPs’ network edge as an alternative means of returning clean traffic directly from our scrubbing centres to customer networks.
For CSPs whose data centres are geographically located in the vicinity of our POPs or co-located with our data centres, they can opt for a direct connection with our network by establishing a direct physical connection with Nexusguard’s scrubbing centres. CSPs who are located near us can set up 1 and 10 Gbps Ethernet fibre connections to achieve a direct connect, while those who are co-located with us can utilize the data centre’s services to establish a cross connect.
GRE is the principal deployment method used for the delivery of clean traffic pertinent to Nexusguard’s OP service, and although Direct Connect is an alternative method, it is not designed to replace GRE, rather it is used to further enhance the overall solution when combined with GRE.
Figure 1 - Direct Connect Configuration
In order to reap maximum benefits including guaranteed SLA, predictable network latency and unlimited attack coverage, Direct Connect is not normally offered as a lone solution, but predominantly as a combined offering with GRE.
Figure 2 - Direct Connect + GRE Combined Solution
Direct Connect is not restricted to IDCs within the proximity of Nexusguard PoPs or sharing the same IDC, point-to-point connectivity can also be extended through Virtual Private Connect (VPC) service providers at their location.
For service providers with high bandwidth requirements, typically requiring 1 Gbps and above of clean bandwidth, the deployment of Direct Connect combined with GRE tunnelling is a highly effective solution that offers increased availability and better protection to customer networks.
Direct Connect is typically applied to areas or countries with customers located in the vicinity of Nexusguard PoPs or sharing the same IDC, and where traffic is usually high owing to a large number of users, while connections to our other strategically located scrubbing centres are interlinked through GRE tunnels.
The combination of Direct Connect and GRE really comes into its own during very large attacks, since attack traffic is shared and distributed between our logically connected scrubbing centres via GRE and directly connected scrubbing centres, thus ensuring that customer networks are always fully protected.
- Large Bandwidth Capacity – Allows for extremely large amounts of traffic to be distributed across networks.
- Improved Network Performance – Traffic that is kept local can result in faster connections between the two peered networks.
- Better Network Ranking – The ability to show your network at a higher tier than others, and therefore improve its perception across the Internet.
Nexusguard’s Origin Protection guards against threats that target network resources. Learn more Origin Protection.
We will get back to you shortly.
Deploying a combination of Direct Connect and GRE tunnelling is a highly effective solution that delivers increased availability, unlimited attack coverage and guaranteed protection to customer networks.