flowShield

aurologic flowShield is the most advanced part of DDoS-Protection provided by aurologic. In the very beginning, back in 2013, flowShield was implemented as netfilter kernel hook, later as netmap user-space application - nowadays in eBPF/XDP with a seperate Go based control-plane, allowing great flexibility and very fast development speeds while taking benefit from a event based architecture.

flowShield sits at the edge of the aurologic network, receiving ingress traffic on-demand. On-demand in this regards means, whenever flowAnalyzer decides to change the routing - or the customer manually triggers ingress traffic rerouting. flowShield carries each single packet through it's packet processing pipeline, applying customer defined filters as well as pre-defined static and dynamic filters, thwart attackers at the closest point of the networks edge.