Complex Solution for DDoS Attacks Protection
(STEERAZE)

Rational security for cyberwars: DDOS protection for private and national security systems

Steeraze is a disruptive project within border defense field developing state-of-art protection against a DDoS attack that implements the newest technologies and designs at a fraction of the costs of other leading products in that arena.

Steeraze provides the DDOS protection services to the banking sector, telecommunication enterprises, and government institutions. Steeraze contributes to the national cybersecurity of Ukraine.

Challenge:

The DDoS attack is a sudden traffic inflow from multiple sources that disrupts the normal traffic and can make the web service unavailable. This type of attack is rather primitive but effective. Electronic banking services and other services that should be present online are especially vulnerable to DDoS attacks. DDoS attacks are also a serious risk for the military services and national cybersecurity.

There are several respectable vendors, who provide the solutions for DDoS protection. Unfortunately, these solutions are costly and non-affordable for many businesses. Mentioning that, other providers propose the cloud DDoS protection service. However, they also expensive; besides, the cloud protection can cause the slower system operation. Many private businesses and government organization were ready to try the alternative solution.

Project scope:

Together with Steeraze representatives, CitrusDev team analyzed the existing methods of the same appliance use and developed the Statement of Work. After the signing of the agreement, CitrusDev started the development.

Within two years of the work, up to 6 high-skilled professionals took part in the project: full-stack web developers, .Net and C++ developers, QA engineer, and the project manager. Together with partly cloudy Windows-based DDoS protection appliance, they developed the web portal for system monitoring, to track the traffic and detect the unusual activities.

If the monitoring system detects the signs of DDoS attack, it uses message broker pattern to prevent the crashdown and service unavailability.

DDoS protection for it infrastructures

In normal mode, all the traffic going directly to the client side. Steeraze provides a virtual appliance that is installed in the end user infrastructures and instantly starts to monitor traffic and detect anomalies. The protective measures begin when a signal comes from the sensor to Steeraze Portal. Experts continuously analyze statistics and If the fact of attack is confirmed, the client is notified of the beginning of the attack and, according to the agreements, the traffic is diverted to Steeraze Cloud. The Steeraze Cloud infrastructure consolidates intrusion detection and countermeasures at various levels of the OSI model. Thus, even the most sophisticated L3/L4 and L7 attacks are neutralized. After the attack is complete, the traffic arrives again on the normal route and the client receives a detailed incident report.

DDoS protection for web applications

DNS Redirection is quick, easy and effective Change the DNS records for any hosts to your Steeraze provided IP addresses. Your traffic flows through the Steeraze cloud, where ddos traffic is filtered by our DDoS mitigation professionals. Legitimate traffic proceeds to your infrastructure. Once the attack is ended, just change your DNS records back to your original IPs.

What we do

• Software requirement specifications
• DDoS protection appliance
• Monitoring web portal
• Windows-based partly cloud solution
• Web Push service for instant notifications
• Message Broker service for high load inter-service communication

Solution:

Steeraze contacted CitrusDev team because of its well-known expertise in IT security issues. The leading engineer of the team is a Ph.D. in this field. The team supports the best security standards, and track the latest publications and hypotheses of the peers.

Both sides agreed to develop the appliance and partly cloudy web service to monitor the state of the system and to turn on the active DDoS protection with the start of the attack, while the rest of time the protection remains passive. This solution saves the resources and, at the same time, effectively protects the system in the case of attack.

Results:

CitrusDev developed the fully-featured complex solution, which includes the DDoS protection appliance and two monitoring services, for the appliance, and for the cloud.

Steeraze entered the market of the IT security services in the time, when the world recognized the growing risks of the global cyber attacks, like the Petya. This unfamous malware attacked several vulnerable online systems, including the federal health care system of the United States, and caused a panic and significant financial losses. So the market was ready to meet the new solutions.

Nowadays Steeraze provides its services to the large banks, both domestic and foreign-owned, state institutions and several other enterprises that are important for the national security.