(DDoS) attacks are increasing in scale, sophistication and frequency. As an organisation in research and education, you need a cost-effective way to mitigate these attacks, in a way that suits your needs and budget.
Our services include:
Foundation DDoS mitigation service - included in your Jisc membership
Foundation plus - offering extended out-of-hours protection
Critical services protection - for core services
Foundation DDoS mitigation
Critical services protection (CSP)
Protect your Janet network connection from DDoS attacks
Tailored protection against DDoS attacks for core services such as Web, VPN, DNS
Service has 24/7 protection capability
Automated protection for fast response times
Permanent mitigation protection of your chosen services available
Includes bespoke proposal assisting stakeholder buy-in
Foundation DDoS mitigation
As part of your Jisc subscription, you receive our foundation DDoS mitigation service. We monitor traffic for unexpected patterns. If an alert is triggered, traffic to the address is re-routed via the mitigation scrubbing centre. Attack traffic is then filtered out using carefully selected criteria and benign, business-as-usual traffic continues to flow to and from your services.
Support for the service is available from 08:00 to 18:00, Monday to Friday (excluding bank holidays).
An on-call service is available from 18:00 to midnight, Monday to Friday and from 09:00 to 17:00, on Saturday and Sunday. Bank holidays (excluding Christmas Day) have an on-call service between 09:00 and midnight.
Upgrade to foundation plus for 24/7 protection
With many of us now working more flexibly and needing access to networks outside of normal working hours, we've developed a new DDoS mitigation option to ensure your organisation is always protected. Foundation plus takes your Foundation DDoS a step further, providing round-the-clock (24 hours a day, 365 days a year) automated protection against Jisc detected volumetric DDoS attacks. You'll also have enhanced network protection at key times of the year, such as clearing and enrolment.
Response speeds are similar to those provided by the critical services protection “fast” response speed (alerts are triggered before the mitigation starts)
Any mitigation will remain in place for the duration of the attack, when you need it
Provides DDoS protection for the majority of volumetric and state exhaustion DDoS attacks
To provide an automated service that can be applied to all members, certain countermeasures have been disabled to avoid disrupting some legitimate traffic. If you'd like to fine-tune the thresholds or countermeasures used to protect your Janet network connection, please see our Critical Services Protection bespoke setup.
For extra peace of mind choose critical services protection
Do you need to protect specific, business-critical services or show you’re doing as much as you can to maintain business continuity at critical times?
We have developed an extra layer of mitigation support with our critical services protection service, which offers out-of-hours coverage, customisable protection of your external facing services and fast DDoS mitigation response times including the option of permanent mitigation.
Opt in to geographic IP location blocking
Recently, there has been an increase in ransomware attacks on our sector, with the use of the remote desktop protocol (RDP) as an attack vector.
As a temporary measure, Jisc can now restrict access to RDP (TCP port 3389 only) using geographic IP location blocking as part of your foundation DDoS protection, on an opt-in basis. Once in place, this block will only allow traffic from known UK IP address space.
Geographic IP blocking is not being enabled by default, as it may not be suitable/desirable for all members.
How to opt in
If you would like to opt in to geographic IP blocking, contact Janet CSIRT on firstname.lastname@example.org using the subject header 'Foundation Geo IP'. In your message, please provide the address space you would like filtered in contiguous IP address blocks.
Please note that geographic IP data is not always up-to-date and some false positives/negatives may be unavoidable when geographic IP blocking is applied.
Cyber security portal
Having a clear overview of network traffic is a useful part of any DDoS mitigation strategy. If you’re connected to the Janet Network, you can view traffic on your connection by accessing our cyber security portal. The portal also gives details of alerts or DDoS mitigations, whether in the past or currently in progress.
Over time, the portal will also integrate other Jisc security services – letting you access more information about network security, and control services to which you subscribe.