1. Automatic detection of attack patterns
In addition to the previous detection based on the traffic volume and packet quantity, we are now able to narrow down the actual attack more precisely. This allows us to look more closely at the type of attack being used. A UDP flood with 500k pps is no problem for server. 500k SYN packs can already present a problem. This distinction is now possible.
2. Filter the traffic according to known attack patterns.
At this level, the frequently used attacks are filtered. Thus, we can filter out attacks very efficiently. This is especially true of attacks that occur frequently, such as DNS-Reflection or UDP Floods on Port 80
3. Challenge response authentication and dynamic traffic filtering
It is used to filter attacks such as SYN floods, DNS floods, and invalid packets. Also, at this point, we can react very flexibly to individual attacks.