DDoS Protection

Stop people from stopping you

Unmetered, highly available DDoS mitigation. Scrubbing centers in Brazil and the U.S.
View pricingTalk to us

Routing is not mitigating

Providers that don't have enough capacity will often change routes when you're suffering an attack. Instead of routing, Latitude.sh will mitigate, meaning no increase in latency for you.

No attack is too big

With 2 Tbps of capacity, Latitude.sh's scrubbing centers are equipped to handle any distributed attack, no matter its shape or form.

Included and extensible

All Latitude.sh servers offer mitigation of DDoS attacks at no extra cost, so you'll always be protected. Upgrade to more robust plans at anytime.

How it Works

Latitude.sh's security approach is comprised of two methods that you can choose from, Inline and Out-of-Path, each with its own set of benefits to prevent disruptions caused by bad traffic, while allowing good traffic through.

Out-of-path

Latitude.sh defaults to an Out-of-Path topology so that the network infrastructure is scalable without relying on the mitigation appliance and, more importantly, so that the mitigation appliance doesn't become a single point of failure. When an IP is in Out-of-Path mode, the appliance only starts working when needed.

Inline

Available on the Anti-DDoS Pro Package, IPs can be set to Inline in order to be protected all times, regardless of whether an attack is actually happening. In Inline mode, all traffic from that IP passes through to the closest availableLatitude.sh scrubbing center. Protection starts instantly when an attack is identified.
Latitude.sh DDoS Protection Topology

No matter the attack, we can handle it.

Network level

  • TCP Flood
  • UDP Flood
  • ICMP Flood

Reflective/Amplified

  • DNS Flood
  • NTP Flood
  • SNMP Flood
  • SSDP Flood

Fragmented Packet

  • Overlapping
  • Missing
  • Too Many

Application Layer

  • Repetitive GET
  • Slowloris
  • SlowRead

Specially Crafted Packet

  • Stack
  • Protocol
  • Buffer

Managed Defense Mechanisms

Latitude.sh DDoS Protection service is fully managed. On top of traditional management features such as IP blocking, ACLs, null routes, blackholes, and unused ports disabling, it goes further with complete protection of layers 3, 4, and 7.
Defense Mechanism

Ready to get started?

Create an account and start deploying bare metal in minutes. Or, contact us to design a custom solution for your business.
Get startedContact sales