Basic internet protection provided by Swisscom
The Internet connection is secured via a redundant Swisscom IP-Plus connection. Highly available attack mitigators are integrated between the IP-Plus routers and the Dynamic Computing Services platform. They analyse incoming and outgoing network traffic and block it when necessary. Deep Packet Inspection and "Recommended Client and Server Protection" are configured.
Deep Packet Inspection refers to a process whereby network technology monitors and filters data packets. As part of that, the data section and the header section of the data packet are examined simultaneously in terms of certain characteristics, such as protocol infringements, computer viruses, spam and other undesirable content.
"Recommended Server Protection" and "Recommended Client Protection" are sets of rules for clients and servers predefined by the security software developer. Those rules are enhanced when required. The Deep Packet Inspection database and the rules for client and server are updated on a regular basis. In addition, DDoS and botnet-based attacks are automatically blocked.
To prevent an insufficient amount of bandwith being available for IP addresses not under attack, in the event of a possible DDoS attack, the DDoS Protection Service is employed in addition to the IP-Plus option. In the event of an attack on an IP address in the Dynamic Computing platform, that traffic is redirected to a dedicated zone within the IP-Plus network. That way, Internet bandwidth is available in the Dynamic Computing platform even during a DDoS attack.
In the event of a DDoS attack, the attack is recorded and the operating team is notified. This then activates the rerouting of traffic for the affected IP address to a threat mitigation system.