Attacks stop at the edge, not at your port.

Inline, automated mitigation built into AS50338 — attack traffic is detected and surgically removed before it reaches your services. Time to mitigate under one second, on by default for every transit, server and VPS customer.

01How it works

Inline scrubbing, in the traffic path

No tunnel diversion, no BGP swing to a third-party cloud. Traffic is cleaned inside AS50338 and clean packets continue to your port.

Internet
Attack + legitimate traffic arrives at the AS50338 edge.
L3/L4 scrubbing
Volumetric floods and amplification dropped at line rate.
L7 protection
Application-layer attacks filtered against live signatures.
AS50338 fabric
Clean traffic rides the metro fabric between PoPs.
Your port
Only clean traffic is delivered — transit, server or VPS.
02Key features

Your network, protected

Always-on protection

Mitigation is inline and permanently active — no activation call, no diversion delay.

TTM under 1 second

Detection to mitigation in under one second. Attacks are stopped before sessions drop.

Inline & automated

Real-time, always-available defence — attacks are mitigated without human intervention.

Real-time reporting

Per-attack reports with vectors, volumes and the mitigation strategy taken.

Dedicated mitigation NOC

Engineers continually monitor and tune the health and capacity of your protection.

Advanced detection

Zero-day protection with adaptive policies and real-time packet signatures.

Multilayer protection

From volumetric floods to L7 — web app attacks, session hijacks and injection attempts.

Adaptive tuning

Profiles auto-tune to your resources and traffic patterns as they evolve over time.

03Attack coverage

Vectors we mitigate

Signatures are updated continuously; anything not listed is analysed by the mitigation NOC and added to your profile.

Volumetric DDoS
TCP flood — ACK, PSH, SYN, RST, URG
UDP flood
UDP fragmentation
ICMP flood — ping of death, failed reflectors
Reflective & amplification
NTP amplification
SSDP / UPnP
SNMP
Chargen
Smurf
Fraggle attack DNS
DNS amplification
LDAP
RIP
TFTP
MEMCached
Resource exhaustion
Malformed & truncated packets
IP fragmentation
Invalid TCP segment IDs
Bad checksums
Illegal TCP/UDP flags
Invalid TCP/UDP ports
Reserved IP address
Gaming
A2S source flood
A2S GETSUM
FiveM exhaustion
RTFM request
TS3INIT
NetBIOS
04FAQ

Mitigation questions

01 Is mitigation included or an add-on?

Included. Every IP Transit port, bare metal server, VPS and private cloud sits behind the same scrubbing — no per-attack fees, no protection tiers.

IP Transit — scrubbing included
02 What happens during an attack?

Detection triggers automatic mitigation in under a second. You keep serving traffic; afterwards you get a report with vectors, peak volume and the strategy applied.

03 Can you tune protection for my application?

Yes — the mitigation NOC adjusts your profile for game servers, DNS, VoIP or any traffic pattern that standard signatures handle poorly. Gaming vectors are covered out of the box.

04 We are under attack and not a customer — can you help?

Hit us up. Emergency onboarding onto our transit with scrubbing enabled is typically live within hours, depending on your location and connectivity.

Under attack right now?

Hit us up — emergency onboarding for transit customers is typically live within hours.