Oracle Cloud Infrastructure DDoS Protection FAQ

Layer 7 DDoS Protection

Does Oracle Cloud Infrastructure provide layer 7 (L7) distributed denial of service (DDoS) protection?

Yes. Oracle Cloud Infrastructure provides unlimited DDoS protection for web applications and services.

Where does the L7 DDoS protection occur?

DDoS protection is provided by the Oracle Cloud Infrastructure edge network, which is comprised of globally-distributed, high-capacity points of presence (PoPs) that support a wide range of edge applications. Oracle Edge PoPs are located in Oracle Cloud Infrastructure regions and at standalone locations worldwide. Specifically, L7 DDoS attacks are managed by the Oracle Web Application Firewall (WAF), which includes a complete set of access control and bot management features designed to defeat L7 DDoS threats. Oracle WAF is designed to protect against the vast majority of DDoS attacks at each PoP. In the event of an extremely-high-volume L7 DDoS attack, Oracle uses DDoS scrubbing centers, which are globally-distributed to ensure quick response times.

How is the Oracle Cloud Infrastructure L7 DDoS mitigation provisioned?

The service is available from the Oracle Cloud Infrastructure console. The customer selects L7 DDoS protection from the console as part of the WAF’s bot management menu. Customers can select one of two options:

  1. On-demand: L7 DDoS protection is turned on at the customer's discretion.
  2. Always-on: L7 DDoS protection is always on and provides automatic protection.

What is included with the L7 DDoS mitigation?

L7 DDoS mitigation is part of the Oracle Cloud Infrastructure WAF and is activated when users select a range of policy options designed to defeat sophisticated L7 DDoS attacks. Policy options include but are not limited to JavaScript challenges, IP rate limiting, device fingerprinting, and human interaction challenges. These countermeasures are fully automated when the 'always-on' option is selected. Users can also select the 'on-demand' option to manually turn on L7 DDoS protection at their discretion.

What does Oracle charge for the L7 DDoS mitigation?

L7 DDoS mitigation is part of the Oracle Cloud Infrastructure WAF. This is a metered subscription based on traffic and request volumes. See Oracle's pricing page for more information.

How does Oracle Cloud Infrastructure L7 DDoS mitigation work?

Traffic is automatically routed to the Oracle Cloud Infrastructure edge network via a reverse proxy architecture. The edge network includes globally-distributed PoPs that inspect all HTTP and HTTPS traffic before it arrives at the web application. The PoPs use the activated DDoS countermeasures to automatically eliminate traffic that is identified as coming from malicious botnets.

What reporting is provided?

The Oracle Cloud Infrastructure portal contains consoles with near real-time reporting about alerts, blocked requests, bot mitigations, and logs.

Back to Top

Layer 3 and Layer 4 DDoS Protection

Does Oracle provide DDoS protection for layer 3 (L3) and layer 4 (L4) attacks?

Yes. Oracle DDoS protects customers against L3 and L4 attacks.

What is Oracle DDoS Protection?

Oracle's DDoS Protection detects and mitigates volumetric attacks intended to overwhelm internet-facing resources and make them unavailable for legitimate users and workloads.

How does Oracle detect and mitigate DDoS attacks?

Network traffic is constantly monitored and analyzed by our experienced security teams, which detect and eliminate malicious traffic.

How does Oracle’s DDoS mitigation work for L3 and L4 attacks?

Oracle protects internet-facing resources with a set of DDoS mitigation techniques designed to filter out malicious traffic while allowing valid traffic reach Oracle cloud resources. Oracle uses a number of techniques to detect and mitigate the DDoS attack. These include globally-distributed DDoS scrubbing centers that are part of the Oracle Cloud Infrastructure edge services network. Oracle also uses DDoS scrubbing techniques in Oracle Cloud Infrastructure regions, as well as additional up-stream scrubbing when needed. For added protection, Oracle does not require customers to advertise Oracle cloud IP addresses.

What types of DDoS attacks does Oracle protect against?

Oracle DDoS Protection defends customers against volumetric attacks such as UDP reflection attacks, DNS reflection, NTP reflection, and ICMP floods. These types of DDoS attacks are usually called L3, L4, or Network DDoS attacks. The goal of these attacks is to saturate the bandwidth of the attacked host. Protocol attacks such as SYN floods and fragmented packet attacks are also automatically detected and mitigated.

How do I enable Oracle DDoS Protection?

Oracle DDoS Protection is automatically configured and always on when customers subscribe to an Oracle Cloud Infrastructure service.

How much does Oracle DDoS Protection cost?

Oracle DDoS Protection is complimentary with all Oracle Cloud Infrastructure services and is available to all customers.

Do all Oracle Cloud Infrastructure regions offer Oracle DDoS Protection?

Yes. Oracle DDoS Protection includes monitoring and mitigation in every Oracle Cloud Infrastructure region.

Will I get notified during a DDoS attack?

Oracle DDoS Protection does not automatically notify customers during attacks. But when appropriate, Oracle provides standard support communication to customers.

Back to Top

Call us now
1-800-633-0738 (United States)

Call us now
1-800-633-0738 (United States)

Technical Support

Oracle Cloud Discussion Forums