DDoS Glossary

DNS Diversion

DNS Diversion is a type of DDoS cloud protection technique in which an organization is able to divert its traffic to the DDoS provider using a DNS change. The change is as simple as modifying the relevant DNS record so that they will eventually direct traffic to the provider’s IPs. DNS Diversion can be always-on or on-demand. The provider is then able to mitigate the DDoS attacks and send the clean traffic back to the customer.

DNS Diversion is simpler than BGP Diversion but has limitations, such as protecting the origin IP.

Related entries: BGP Diversion, Infrastructure Protection