Service

Foundation DDoS mitigation

Coding on screens
Creative Commons attribution information
Coding on screens
©REDPIXEL.PL via Shutterstock
All rights reserved

DDoS mitigation is included with your Jisc membership to mitigate disruption to your Janet connection, avoid inconvenience, financial loss or reputational damage.

Contact your account manager

Geographic IP location blocking: To support members with the increase in ransomware attacks on the sector, Jisc can now restrict access to remote desktop protocol (RDP) using geographic IP location blocking. Find out more.

About foundation DDoS mitigation

Distributed denial of service (DDoS) attacks are increasing in scale, sophistication and frequency. As an organisation in research and education, you need a cost-effective way to mitigate these attacks – reducing business risks, in a way that suits your needs and budget.

As part of your Jisc subscription, you receive our foundation DDoS mitigation service. This gives you peace of mind that Jisc will manually mitigate any attack against your network connection.

With this service, we detect and filter DDoS attack traffic across the Janet Network before it reaches you – mitigating the effects of attacks on your Janet connection, and reducing disruption and cost.

What is a DDoS attack?

There’s no doubt that DDoS attacks have evolved. As criminals enlist new technologies like Internet of Things (IoT) devices to distribute and amplify attacks, it has become a threat that organisations can no longer choose to ignore. "Denial of service" describes the ultimate goal of a class of cyber attacks designed to render a service inaccessible. Most organisations rely heavily on web connectivity and online services to conduct business, so any disruption to this service can have serious ramifications, including:

  • Service interruption
  • Damage to brand reputation
  • Loss of revenue

How we mitigate an attack

In general, DDoS mitigation works by monitoring traffic for unexpected patterns. If an alert is triggered, traffic to the address is re-routed via the mitigation scrubbing centre. Attack traffic is then filtered out using carefully selected criteria and benign, business-as-usual traffic continues to flow to and from your services.

Opt in to geographic IP location blocking

Recently, there has been an increase in ransomware attacks on our sector, with the use of the remote desktop protocol (RDP) as an attack vector.

As a temporary measure, Jisc can now restrict access to RDP (TCP port 3389 only) using geographic IP location blocking as part of your foundation DDoS protection, on an opt-in basis. Once in place, this block will only allow traffic from known UK IP address space.

Geographic IP blocking is not being enabled by default, as it may not be suitable/desirable for all members.

How to opt in

If you would like to opt in to geographic IP blocking, contact Janet CSIRT on irt@csirt.ja.net using the subject header 'Foundation Geo IP'. In your message, please provide the address space you would like filtered in contiguous IP address blocks.

Please note that geographic IP data is not always up-to-date and some false positives/negatives may be unavoidable when geographic IP blocking is applied.

Availability of service support

Support for the service is available from 08:00 and 18:00, Monday to Friday (excluding bank holidays).

An on-call service is available from 18:00 to midnight, Monday to Friday and from 09:00 to 17:00, on Saturday and Sunday. Bank holidays (excluding Christmas Day) have an on-call service between 09:00 and midnight.

Do you have additional requirements?

Do you need to protect specific, business-critical services or show you’re doing as much as you can to maintain business continuity at critical times?

Responding to member needs, we have developed an extra layer of mitigation support with our critical services protection service, which offers out-of-hours coverage, customisable protection of your external facing services and fast DDoS mitigation response times including the option of permanent mitigation.

Find out more

To find out more about DDoS mitigation from Jisc, contact your account manager, or see our range of cyber security services.
 

UKAS and ISO 9001 and ISO IEC 27001 logo

This service is included within the scope of our ISO9001 and ISO27001 certificates.

Read more about International Organisation for Standardisation (ISO) standards and view Jisc certificates.