In response to increased threats of DDoS attacks, MCNC has made a significant investment in developing and implementing world-class DDoS protection capabilities for NCREN customers. MCNC has updated the NCREN backbone with advanced traffic routing capabilities and has deployed multiple DDoS scrubbing centers on the network. When customers face a DDoS attack, network traffic can be diverted into the nearest scrubbing center, where traffic can be analyzed and cleaned. DDoS attack traffic is removed from the flow, allowing legitimate network traffic to continue on to the targeted customer. In short, the scrubbing centers remove the bad traffic and allow the good traffic to continue on to the customer, ensuring that business services can continue functioning and minimizing the negative impact of the DDoS attack.
NCREN is a vast network. Providing effective DDoS protection at the scale necessary to keep up with bandwidth demands has not been a small undertaking, but MCNC believes this capability is necessary for students, researchers, and citizens in North Carolina.
Frequently Asked Questions
How Do I Sign Up For MCNC’s DDoS Protection?
If you get network service from MCNC, you’re covered. These enhanced DDoS protection capabilities are part of MCNC’s standard network service. You do not need to sign up or pay for anything extra to get this protection.
Does This Guarantee That I’ll Never Have Another DDoS Issue?
No. It is possible that you may face an attack that MCNC’s solution cannot easily mitigate. However, MCNC now operates a significantly improved capability to protect against the negative effects of DDoS attacks.
What Types of DDoS Attacks Can MCNC Protect Me From?
MCNC’s DDoS protection measures are designed to address volumetric and infrastructure-layer DDoS attacks. The protection mechanisms are not specifically designed to protect against application-layer attacks. However, it is possible that MCNC may be able to help mitigate some application-layer attacks. If you believe that you are under DDoS attack of any type, please contact MCNC to discuss how we might be able to assist.
Can MCNC’s DDoS Protections Mitigate TCP SYN Flood Attacks?
Yes. MCNC’s protection mechanisms are capable of mitigating common TCP SYN flood attacks, and have been used to successfully mitigate this type of attack on NCREN.
Can MCNC Detect If I’m Under DDoS Attack?
MCNC operates a capability to detect most common DDoS attack patterns. However, some attacks (particularly application-layer attacks) may not be detected by MCNC’s analysis tools. In some cases, MCNC may be able to mitigate an attack even if the standard detection tools cannot detect it. If you believe that you are under DDoS attack of any type, please contact MCNC to discuss how we might be able to assist.
Will MCNC Mitigate DDoS Attacks Automatically?
MCNC does implement some measures to automatically mitigate certain specific, well-known attack patterns. In most cases though, MCNC will not modify a customer’s traffic flow without first discussing the attack and the proposed mitigation with the customer. However, if the attack is impacting multiple customers or its ability to provide normal network service, MCNC does reserve the right to take the steps necessary to return service levels to normal.
What Do I Do If I’m Under a DDoS Attack?
Contact the MCNC Network Operations Center (NOC) at 877-GO-NCREN (877-466-2736). Support representatives are available 24x7 to assist with DDoS mitigation or other network issues.
Where Can I Get Additional Information on MCNC’s DDoS Protection?
Visit the Enhanced DDoS Protection page on MCNC’s Service Catalog for the latest information on this service. MCNC also conducted a webinar on DDoS protection. You can access a webinar recording and the presentation slides at MCNC’s web site. Finally, join the MCNC Security team at NCREN Community Day 2016 in November where we will provide more details about MCNC's DDoS protection. You will also have the opportunity to meet with us one-on-one for in-depth discussions.
Return to Security homepage.