Back

January 21, 2021

Smart Route: Optimizing Geolocation Routing

Offered as an option with Nexusguard’s Application Protection (AP) service, Smart Route enriches the standard AP offering through its ability to optimize traffic routes according to the geolocation of website users, while providing optimal user experience at the same time. For customers seeking to add advanced geolocation routing capabilities to their product portfolio, Nexusguard Smart Route is available via subscription through the AP service.

 

Smart Route Policies

Smartroute blog

Key Benefits:

- Optimizes traffic routes according to geolocation of website user
- Customizes and optimizes user experience 
- Swift and effective mitigation of under attack websites via Warzone feature
- Ensures optimal network latency and increased reliability
- Prevents collateral damage to websites not in attack zone

Configuration of Smart Route can be achieved by a few simple steps via the Nexusguard Customer Portal UI. Smart Route Policy is a value added feature, designed and built to customize and optimize the user experience of website users. This is achieved by mapping and distributing website users’ geolocation to pre-assigned Nexusguard scrubbing centers to ensure optimal network latency and increased reliability. 


When there’s a large DDoS attack targeting a single website, there might be hundreds of customers affected during that attack. This is where the Warzone feature within Smart Route Policy comes into play. The Warzone is a dedicated VIP pool in which the attack is redirected to, and used to isolate the under attack website from other websites, so as to allow Security Operations Centre (SOC) teams to continue handling and mitigating that attack effectively without causing impacts to other customers. Furthermore, end-users of other websites not caught in the attack zone can continue to enjoy the optimized geolocation experience as was intended and designed for them during peacetime.


For end-users from countries that do not match any rules defined in the list, their traffic will always be distributed to the Default Rule, which is in essence a global (anycast) VIP pool, and also the base policy that comes with the standard AP plan. 


Another feature of Smart Route Policy is the in-built health check function which ensures that traffic is distributed to healthy scrubbing centres only. In the event that a scrubbing centre is under maintenance or unavailable for whatever reason, its status is quickly identified by the health check function. The optimized rules are temporarily disabled automatically without the need for SOC intervention until the service of the scrubbing centre is reinstated. Moreover, website access remains totally unaffected during the period when the associated optimization rules are temporarily unavailable.

 

Smart Route Use Cases

 

Policy

Label

Highlights

  • Users from Europe are directed to scrubbing centres in the G-geoEurope region 
  • G-geoEurope
  • • End users from Europe are distributed to AM+LD scrubbing centres for optimized geolocation routing and reduced latency
  •  
  • • In the event that both AM+LD are unavailable, this geolocation rule is temporarily disabled until either of the scrubbing centres is resumed
  • Users from America are directed to scrubbing centres in the G-geoUS region 
  • G-geoUS
  • • End users from America are distributed to LA+MI+SJ scrubbing centres for improved latency and optimized geolocation routing
  •  
  • • In the event that LA+MI+SJ are unavailable, this geolocation rule is temporarily disabled until at least one scrubbing centre is resumed
  • Users from countries not matching any predefined rules are directed to the global (ANYCAST) rule
  • G-geoGlobal
  • This is the base policy of AP and is “always on” and cannot be disabled at any time

 

Salient Features of Smart Route

Nexusguard Smart Route is an advanced geolocation routing method, designed and built to customize and optimize the user experience of website users. Distributing website users’ geolocation to scrubbing centres at predesignated geographical regions delivers drastically reduced latency, increased reliability, reliable accuracy and optimal user experience.

Moreover, when attack traffic grows beyond the threshold, the Warzone feature immediately swings into action. A warzone VIP is assigned to the under attack website, which is a separate range of VIPs assigned only to under attack websites. No other website is assigned to this range during peacetime in order that the under attack website is isolated from the rest of the websites to avoid collateral damage. This also guarantees that end-users of other websites are able to continue to benefit from optimized geolocation routing without being impacted in any way by an attack.

For further information, please read about Nexusguard’s Application Protection.

Get the latest cybersecurity news and expert insights direct to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.