PROS / The service has a variety of DDoS protection capabilities.
CONS / This service only offers cloud-based protection.
VERDICT / Not only can CloudFlare Enterprise shelter your website from DDoS attacks, but its content delivery network has features designed to increase the speed and availability of your site.
CloudFlare offers several web operations, including web content optimization, reputation-based security and a cloud-based web application firewall, in addition to its DDoS protection service, to protect its clients. With 42 data centers spread across the globe, the service is not only designed to protect you from attacks but to optimize your site and improve its availability.
While CloudFlare does not disclose the network and scrubbing capacity of its enterprise service, it does not bill you for bandwidth usage. If your site spikes in traffic or is under attack, you will not be charged for the increased bandwidth. Instead, CloudFlare charges a flat fee for bandwidth per plan. CloudFlare’s cloud protection is also unique in that it does not require you to give your SSL private keys, something other cloud-based solutions require. The service offers keyless SSL so that the users can retain control of their keys and still route encrypted traffic through the service’s global network.
This DDoS service does not require you to purchase and install hardware or software. Once you become a client, you simply change the DNS to reroute traffic through CloudFlare’s data centers. The company then monitors and reacts to changes in your site’s traffic patterns. The service distinguishes between legitimate and malicious surges in traffic. When an attack is detected, CloudFlare automatically blocks attack traffic at the edge, protecting your server and ensuring legitimate visitors can still access your site.
In addition to CloudFlare’s easy setup, the service provides a global content delivery network (CDN) that optimizes the performance of your website. Quick load times are crucial for site visitors. By caching content, accelerating dynamic content and making it easy to optimize outbound content, CloudFlare’s CDN optimizes content for device, browser and bandwidth needs. Using a global infrastructure with high-performance equipment and data centers dispersed globally, content is brought closer to site visitors. During an attack, the CDN absorbs traffic surges so that you continue to maintain your online presence.
In addition to CloudFlare’s impressive CDN, the service includes additional performance and security features like a web application firewall (WAF) and border gateway protocol (BGP). The cloud-based WAF runs in real time and prevents a variety of attacks. You can customize the WAF’s rule sets by either using ones developed by industry experts or importing your own rules. The service also offers BGP protection to route traffic.
CloudFlare also offers standard mitigation techniques like rate limiting, IP blocking, automatic bot discernment and real-time monitoring. You can select between always-on or on-demand service protection. CloudFlare can work with you to create a customized mitigation strategy to suit your needs. This service is deployed and managed on the cloud.
You can access analytics about your site and reports from the centralized management dashboard. The enterprise level of service also includes a dedicated account manager available for any issues or questions you may have. CloudFlare not only guarantees 100 percent uptime, but puts in place service credits should you experience a lapse, making it a 2,500% service level agreement. What that means is that you receive company credit in the amount of five times any downtime minutes and five times the customers affected.
The enterprise plan includes 24-hours-a-day, seven-days-a-week monitoring. Customer service is available constantly by phone and email. The website lists multiple phone numbers, including one for the U.K., Asia and other international callers, so you can reach a nearby agent. The service, however, does not have live chat, but it lists several emergency numbers for when an attack is underway.
CloudFlare operates one of the largest global networks. With a variety of advanced mitigation techniques, the service is more than capable of handling sophisticated and large scale DDoS attacks. Operating only on the cloud, you can activate the service immediately for DDoS protection.