A deep-dive into Cloudflare’s autonomous edge DDoS protection

Cloudflare has deployed a global autonomous DDoS protection system across its 200+ data centers. The software-defined system, which runs on commodity servers, actively protects all customers against DDoS attacks without requiring human intervention. It detects and mitigates L3/4 and L7 attacks at the edge using a denial of service daemon (dosd). The latest improvements have expanded dosd's capabilities to protect against L7 attacks in addition to L3/4, covering 98.6% of all L3/4 DDoS attacks and mitigating 81% of all L7 attacks. This autonomous system is designed to disrupt the economics of DDoS attacks by protecting customers from both large-scale and small-scale attacks.