Frequently Asked Questions
Everything you need to know about CoreEdge & CoreDetection — DDoS protection, deployment, and support. Can't find your answer? Contact our team.
What is DDoS Mitigation Service?
DDoS Mitigation Service, provided by CoreTech, is an advanced cybersecurity solution that safeguards your online assets from Distributed Denial of Service (DDoS) attacks. Our service efficiently detects and mitigates malicious traffic, ensuring uninterrupted online operations. Using state-of-the-art eBPF/XDP technology and AI-driven behavioral analysis, we identify and filter attack traffic in real-time while legitimate users experience zero disruption.
How does CoreTech's DDoS Mitigation Service work?
CoreTech employs a multi-stage mitigation approach. When an attack is detected by our AI engine, inbound traffic is automatically redirected to our our globally distributed infrastructure. At each center, malicious packets are identified and dropped using our XDP-powered filter engine, while clean legitimate traffic is returned to your network. The entire process — detection to mitigation — happens in under one second.
What makes CoreTech different from other DDoS providers?
CoreTech is one of the world's earliest adopters of eBPF/XDP technology for DDoS mitigation — delivering packet processing speeds at the NIC level that legacy ASIC-based systems cannot match. Our patented globally-distributed firewall maintains connection state across all our global PoPs simultaneously, preventing spoofing attacks that bypass traditional stateful systems. Combined with our Layer 7 Smart Detection architecture and multi-terabit global capacity, we offer a uniquely powerful autonomous solution.
Is DDoS Mitigation Service suitable for small businesses?
Yes, CoreTech's DDoS Mitigation Service is designed to scale for any business size. We offer flexible deployment options and service levels that match the specific needs and budgets of small businesses, while providing the same underlying technology that protects global enterprises. Our 10-day risk-free evaluation allows you to test our enterprise-grade protection directly in your infrastructure before committing.
Can CoreTech handle terabit-scale attacks?
Absolutely. With multi-terabit filtering capacity connected to multiple TIER1 providers and extensive BGP peers, CoreTech's infrastructure is engineered for the largest-scale attacks recorded to date. Our distributed architecture means no single PoP becomes a bottleneck — traffic is dynamically distributed across the global network.
What attack types does CoreTech protect against?
CoreTech provides comprehensive multi-layer protection including: L3/4 volumetric attacks (SYN floods, UDP floods, ICMP floods, IP spoofing), DNS attacks (query floods, amplification, NXDomain/water torture), application layer attacks (HTTP floods, Slowloris, SSL exhaustion), and BGP-level attacks. Our eBPF/XDP engine can also be programmed with custom filters for specific application protocols.
How do I connect my network to CoreTech's protection?
We support three flexible connection methods: (1) BGP over a cross-connect Ethernet uplink for colocation and data center clients — the lowest-latency option; (2) BGP over a GRE tunnel for remote or cloud-hosted infrastructure — deployable within minutes; and (3) BGP over an Internet Exchange private session for ISPs and carriers already present at IXs. All methods deliver identical protection capabilities.
What is the mitigation detection and response time?
CoreTech delivers industry-leading Time to Mitigation (TTM). Our average mitigation time across all attack types — including UDP/ICMP floods, SYN floods, TCP flag abuse, HTTP GET/POST floods, DNS floods, and DNS reflection — is less than one (1) minute, with a guaranteed SLA of five (5) minutes. For networks with pre-configured firewall rules, mitigation is instant. New subnets may require a synchronization period of up to 40 minutes as rules propagate across all global scrubbing centers.
Do you offer protection for specific applications like gaming or streaming?
Yes. CoreTech's eBPF/XDP technology allows us to develop custom packet processing logic for specific application protocols that cannot be protected by generic filtering rules. We have deployed custom protection for gaming servers, streaming platforms (RTMP, HLS), VoIP systems, and trading platforms. Contact our team to discuss your specific application requirements.
What are the hardware requirements for CoreEdge on-premises deployment?
CoreEdge requires a 1U rackmount server with an AMD EPYC 9454P processor (48 cores @ 2.75 GHz), 128 GB DDR5 RAM (2× 64 GB), a BOSS-N1 controller card with 2× 480 GB M.2 NVMe SSD, and two NVIDIA ConnectX-6 dual-port 100 GbE QSFP56 NICs for the XDP/eBPF data path. A separate dual-port 1 GbE management NIC handles out-of-band access. The standard license provides 100 Gbps clean traffic capacity and protects against attacks up to 300 Gbps. See our Server Requirements documentation for the full specification table.
What are the hardware requirements for CoreDetection on-premises deployment?
CoreDetection requires a 1U rackmount server with an AMD EPYC 9124 processor (16 cores @ 3.0 GHz), 32 GB or 64 GB DDR5-4800 ECC RAM, a BOSS-N1 controller card with 480 GB M.2 NVMe SSD, an Intel E810-XXV dual-port 25 GbE SFP28 NIC for flow ingest, and an NVIDIA ConnectX-6 Dx dual-port 100 GbE QSFP56 NIC. A separate dual-port 1 GbE management NIC handles out-of-band access. See our Server Requirements documentation for throughput tier scaling and the full specification table.
What are the hardware flow specifications for CoreDetection?
CoreDetection sizing is driven by flow volume, not line-rate. For 40 Gbps traffic environments (small ISPs or enterprise edges), an 8-core CPU with 32 GB RAM sustains approximately 200,000 flows per second. For 100 Gbps environments, a 16–24-core processor with 64–128 GB RAM handles 2–3 million flows per second. For carrier-scale deployments at 400 Gbps and beyond, a 24–32-core AMD EPYC or Intel Ice Lake platform with 256 GB RAM sustains 5–8 million flows per second. See our Server Requirements documentation for the full throughput tier table.
Do CoreEdge and CoreDetection require separate servers?
Both deployment models are supported. For smaller deployments — such as an enterprise edge or regional ISP with moderate traffic — CoreDetection and CoreEdge can run comfortably on the same physical server. For full-scale production deployments, separating the components onto dedicated servers is strongly recommended. CoreDetection's flow analysis and ML processing are CPU and memory intensive, while CoreEdge's packet forwarding path benefits from dedicated NIC resources and isolated CPU pinning.
What licensing tiers are available for on-premises deployment?
CoreEdge provides 100 Gbps clean traffic capacity (attacks up to 300 Gbps). Hardware is purchased once and paired with an annual license covering all software updates and technical support. Customers can also opt for a lifetime license with one full year of updates and support included. Cloud-based customers pay monthly based on clean traffic capacity with connectivity via GRE tunnel or cross-connect.
What are your SLA commitments?
CoreTech guarantees 100% Mitigation Efficiency — meaning all malicious traffic is filtered once the mitigation time frame has elapsed. Our average Time to Mitigation (TTM) is under one minute for all attack types, with a guaranteed SLA of five minutes. We also maintain a 99.99% uptime SLA for our network infrastructure. In the event of a service outage, SLA credits are issued based on duration: up to 6 hours = 7 days prorated credit, over 6 hours = 14 days prorated credit. Three outages within any 60-day period grant the right to terminate without penalty.
Do you offer 24/7 support?
Yes. CoreTech provides 24/7/365 technical support through our Security Operations Center (SOC) with strict SLA-backed response times: Critical issues (active DDoS attacks, service outages) receive a response within 10 minutes; Major issues (partial degradation, configuration) within 1 hour; Minor issues within 1 business day. Support is available via email ([email protected]), dedicated Slack channels for each customer, and direct phone line (+90 501 075 60 08). For clients under active attack, use the "Under Attack?" button for immediate emergency assistance.
Is CoreTech's service compliant with industry standards?
Yes. CoreTech's DDoS Mitigation Service adheres to stringent industry security standards and data protection regulations. We maintain compliance with relevant telecommunications and cybersecurity regulations across our operating regions. All customer traffic data processed through our scrubbing centers is handled according to our privacy policy and applicable data protection laws.
Can I get a demo or trial of the service?
Yes, CoreTech offers technical demonstrations and proof-of-concept deployments for qualified prospects. Our team will walk you through the technology, show you real-time traffic analysis dashboards, and can arrange a live simulation of attack mitigation. Contact us through the form on our Contact page or call us directly to schedule a demo session.
Still Have Questions?
Our team of DDoS mitigation experts is available 24/7 to answer your specific questions and help you find the right protection solution.