Megaport DDoS Protection

Megaport DDoS Protection is a platform-native security add-on for Megaport Internet. It helps identify and mitigate malicious Layer 3 and Layer 4 Distributed Denial of Service (DDoS) traffic before it disrupts eligible traffic flowing through Megaport Internet. It is designed for organizations that use Megaport Internet to support mission-critical cloud, application, or customer-facing workloads and want a simpler way to add network-layer resilience without deploying additional hardware or complex third-party tunnel management.

Megaport DDoS Protection protects eligible traffic that flows through Megaport Internet. It is designed to help mitigate network-layer and transport-layer DDoS attacks that could otherwise overwhelm the internet path supporting customer workloads. It does not protect traffic that does not transit Megaport Internet, such as traffic arriving over third-party ISP connections or alternative upstream providers. For customers using BGP with multiple upstreams, protection applies only to the traffic that transits Megaport Internet. Traffic from other upstream providers is outside the scope of Megaport DDoS Protection.

No. Megaport DDoS Protection is not a Web Application Firewall. It focuses on Layer 3 and Layer 4 network-layer protection. A WAF is designed to inspect and protect web applications from Layer 7 application-layer threats such as SQL injection, cross-site scripting, application exploits, and some bot activity. Megaport DDoS Protection should be used alongside application-layer security tools where those controls are required.

No. Megaport DDoS Protection does not replace your firewall. Firewalls help enforce network access policies and inspect traffic according to your security rules. Megaport DDoS Protection is designed to help mitigate DDoS traffic at the network and transport layers before it disrupts eligible Megaport Internet traffic. It complements firewalls, WAFs, and other security tools by helping reduce the impact of disruptive DDoS traffic before it reaches downstream infrastructure.

In eligible locations, Megaport DDoS Protection can be provisioned through the Megaport platform in under 60 seconds. Availability depends on service eligibility and supported locations. Customers should confirm availability for their Megaport DDoS Protection with their Megaport account team or CSM.

Megaport DDoS Protection supports two operating modes: Active and Passive. Passive mode observes traffic and identifies potential anomalies without actively mitigating traffic. This can help customers understand traffic patterns before enabling active mitigation. Active mode enables autonomous mitigation. When malicious traffic is detected, the service helps filter attack traffic while allowing legitimate traffic to continue where possible. Customers can use these modes to align protection with their operational needs and troubleshooting requirements.

Megaport DDoS Protection uses capacity-matched pricing based on the associated Megaport Internet service. This means protection is aligned to the capacity of the Megaport Internet connection rather than being based on the volume of attack traffic. Final pricing, contract terms, and availability should be confirmed with Megaport.

No. Megaport DDoS Protection is designed for eligible traffic that transits Megaport Internet. It does not protect third-party ISP links, office broadband, or traffic that reaches your environment through another provider. If your architecture uses multiple upstream providers, only the traffic flowing through Megaport Internet is within scope.

Megaport DDoS Protection is a strong fit for organizations that use, or are evaluating, Megaport Internet for mission-critical workloads where uptime, performance, and operational simplicity matter. Common use cases include: - SaaS platforms and digital services - Ecommerce and high-traffic event windows - Financial services and regulated environments - Gaming, media, and latency-sensitive applications - Cloud migrations and production workloads - Service providers and managed service providers supporting customer-facing infrastructure It is especially relevant for teams that want to add network-layer resilience without deploying physical appliances, managing complex tunnel configurations, or relying only on basic ISP-level protection.

Yes. Megaport DDoS Protection is an add-on for Megaport Internet. It is not a standalone DDoS service for non-Megaport connectivity. Customers who do not currently use Megaport Internet can speak with Megaport about building a security-ready internet path for cloud and mission-critical workloads.

Megaport DDoS Protection is available in select locations. Customers should contact their Megaport account team or CSM to confirm whether their service is eligible.

Megaport DDoS Protection is focused on Layer 3 and Layer 4 DDoS attacks. These are network-layer and transport-layer attacks designed to overwhelm connectivity, infrastructure, or transport protocols with malicious traffic. It is not designed to replace application-layer controls for Layer 7 threats such as web application exploits, credential attacks, or bot management.

Yes, customers can add Megaport DDoS Protection to an existing Megaport Internet service where the service is available. Existing customers should contact their CSM or account owner to confirm availability and discuss the best setup for their environment.

Megaport DDoS Protection brings network-layer resilience into the Megaport platform. Instead of treating security as a separate overlay, customers can add protection to Megaport Internet through the same platform they use to manage their connectivity. This supports Megaport's broader direction as an Automated Infrastructure platform, helping customers connect, secure, and scale infrastructure on demand.