DDoS Protection

DDoS Attack Protection & Mitigation

Innovative and high-efficient AI-based DDoS protection, build with cutting edge technologies of next generation.

Contact us

Global AnyCast network with 20+ scrubbing centers and 12+ Tbps edge capacity.

Distributed globally stateful firewall with hole-punching enabled (patented in 2022).

AI technology with ML to analyze traffic in real time, define the optimal route.

XDP high-performance packet processing in the Linux kernel.

We Provide DDoS Protection For:

DDoS Network Protection

We provide DDoS network protection through a BGP connection - standard Ethernet uplink, GRE tunnel or IX.

DDoS Server Protection

We provide DDoS server protection - virtual, dedicated and collocated, that are in our network.

DDoS Website Protection

We provide DDoS protection for websites, applications and services that are in our network.

Key Features of Our DDoS Mitigation

DDoS Protection In a Global AnyCast Network

  • 20+ scrubbing centers in best interconnected internet hubs world-wide.
  • 12+ Tbps network edge capacity.
  • 23+ IXs connected all over the world.
  • #16 for known peers globally (>3000).
  • #9 for known peers in the United States.

Scrubbing Centers (PoPs) for DDoS Mitigation

There are 20+ active scrubbing centers (points of presence) in 18 locations around the world, most of them in Equinix data centers. Six more PoPs are in the project phase. The DDoS defense network is constantly expanding.

  • Sofia
  • Frankfurt
  • Amsterdam
  • London
  • Madrid
  • Paris (soon)
  • Singapore
  • Sydney
  • Tokyo
  • Warsaw
  • Moscow
  • San Jose
  • Phoenix
  • Los Angeles
  • Chicago
  • New York
  • Miami
  • Dallas
World Map
  • Active PoP
  • Sofia
  • In-progress PoP

DDoS attacks are being blocked in the scrubbing center closest to the source of illegal traffic.

XDP Technology


XDP (eXpress Data Path) is a technology that allows for high-performance packet processing in the Linux kernel by bypassing the traditional network stack. It can process packets at a much higher rate than traditional methods, allowing for the effective filtering and blocking of malicious traffic.

Custom packet processing logic

eBPF / XDP technology allows implementation of custom packet processing logic, which can be used to detect and mitigate specific types of DDoS attacks and to also develop custom DDoS filters for specific applications that can't be protected otherwise (with generic filtering).

Distributed Globally Stateful Firewall with Hole-punching Enabled

Hole-punching enabled

Distributed Globally Stateful Firewall with hole-punching enabled operates in a similar way to traditional stateful firewall, keeping track of the state of network connections and using this information to determine whether to allow or block incoming or outgoing packets.

Cloud-based solution

The main advantage of a stateful cloud firewall is that it is highly scalable, as it can be deployed on a cloud infrastructure, allowing it to handle large volumes of traffic and protect against DDoS attacks. Additionally, a stateful cloud firewall can be easily managed and updated remotely.

Application Layer Filtering

Application layer filtering is based on protocol specifications as laid out in RFCs. It refers to the process of examining and controlling network traffic based on the specific protocols used in the application layer of the OSI model.

This can include protocols such as HTTP, FTP, and DNS, among others. The specifications for these protocols are laid out in Request for Comments (RFC) documents, which are published by the Internet Engineering Task Force (IETF).

AI Technology

High-efficiency and low latency

We apply AI technology with machine learning (ML) techniques to analyze network traffic in real time and make decisions about how to route that traffic to optimize performance and minimize latency.

Custom Filters

AI determines what type of filters should be applied on a specific IP subnet (/32) based on the application that is running behind that IP. This is made available directly in the customer portal in the Discovered Services section.

Smart Filtering

Customers may not know what application is running behind an IP but they can manage results from our automated service discovery system and apply the corresponding filter with a simple click.

How do we Provide DDoS Protection?

In Our Network

  • We provide free DDoS mitigation to all our clients (cloud and dedicated servers).
  • If needed, more clean traffic capacity can be provided after ordering the relevant DDoS service packet.
  • If you need to protect your network, server, application or website, join our network.

Other Networks

  • BGP connection over standard Ethernet uplink (cross-connect) that has in-line DDoS filters.
  • BGP connection over GRE tunnel established over public Internet to a closest scrubbing center.
  • BGP connection over IX - private session when supported.

DDoS Solution Trusted by 500+ Clients

  • 123.NET - big ISP in the USA, Michigan's Premier Data Center, Network, & Voice Services Provider.
  • VTX1 - the biggest ISP in Texas, providing phone, internet and TV services to rural communities in South Texas.
  • EasyDNS - Canadian ISP which supplies DNS and web hosting services.
  • ReadyIDC Co., Ltd. - data center operator in Thailand, providing IAAS in other regions as well.
  • ClouDNS - provider of global Managed DNS services, including GeoDNS, AnyCast DNS.
  • HerzaDigital Indonesia - big IAAS provider in Indonesia and also surrounding countries.
  • IP Projects GmbH - infrastructure provider in Germany.
  • Active 1 GmbH - data center operator in Germany.
  • VibeGames - one of the biggest game servers providers.
  • Piranha Systems - ISP in South Korea.
  • Core Technologys - large integrator, providing network consultancy and DDoS security to Middle East.

Our DDoS mitigation successfully protects more than 500 companies in various business sectors around the world.

The Most Vulnerable Industries

The Most Vulnerable Industries

The most attacked industries globally vary according to the degree of digitization in the respective region, but are traditionally those with the highest public importance and handling consumer data.

Digitization opens up many opportunities for companies, but also poses the risk of malicious cyberattacks if complex protective measures are not taken.

Delta.bg is the exclusive partner and representative of Path Network at the Balkans

  • Bulgaria
  • Serbia
  • North Macedonia
  • Turkey
  • Romania
  • Greece
  • Kosovo
  • Croatia
  • Bosnia and Herzegovina
  • Montenegro
  • Slovenia
Delta.bg is the exclusive partner and representative of Path Network at the Balkans

Contact Us

If you need more information or would like to receive a personalized offer, contact us using the contact form below:

Frequently Asked Questions

What is a DDoS attack?

DDoS is an abbreviation for Distributed Denial of Service. A DDoS attack aims to block users' access to a network, server or application. The attack can be done by exhausting resources or by exploiting a flaw in the software. They are used to extort, cause damage, harm reputation, deter customers, lose trust, and quite often to divert attention while another attack is being carried out in parallel. Most often, popular web servers are attacked with the aim of preventing them from fulfilling requests from the Internet. According to the Internet Architecture Board, this action is a computer crime that violates Internet ethics.

Typically, DDoS attacks are huge and require a large network capacity to be filtered. Our customers benefit from a global Anycast network where more than 20 scrubbing centers with 12 Tbps network edge capacity are interconnected worldwide and have a direct connection to 23+ IXs.

What is DDoS protection?

DDoS Protection aims to protect networks, servers, online business owners, websites and applications from DDoS attacks by tracking network activity to protected resources and blocking illegal traffic before it reaches them. For our customers' DDoS protection, we use scalable and high-efficient cloud-based technology with low latency and custom filters.

How are DDoS attacks carried out?

DDoS are performed relatively easily and at an affordable price, which is why their popularity is increasing. They are implemented by malicious persons through infected devices - computers, laptops, etc. or with breaches in the security of other devices on the Internet - the so-called Botnets.

Types of DDoS attacks

DDoS attacks vary in volume, frequency and complexity. They aim to limit the operation of a server:

  • Internet Control Message Protocol (ICMP) flood
  • (S)SYN flood
  • Teardrop attacks< /li>
  • Peer-to-peer attacks
  • Asymmetry of resource utilization in starvation attacks
  • Permanent denial-of-service attacks
  • Application-level floods
  • Nuke
  • HTTP POST DDOS attack
  • R-U-Dead-Yet? (RUDY)
  • Slow Read attack
  • Reflected/ Spoofed attack
  • Telephony denial-of-service
  • Denial-of-service Level II
  • Advanced Persistent DoS (APDoS)

How to be protected from DDoS attacks?

To be protected from DDoS attacks you need to use DDoS protection. Check out our AI-based DDoS protection in a global Anycast network with high performance and low latency.