+1 (844) 706-7383

Advantages of Our Network Infrastructure Design

Network Edge Switching:

Our primary point of contact with the Internet is in CoreSite where multiple Tier1 Carriers reside or have a point of presence, allowing us rapid expansion and competitive pricing.

Layer2 Switching:

Our network Layer2 is separated to multiple segments. Each network segment is comprised of multiple stacked switches with multiple uplinks to the core ensuring guaranteed network redundancy.

Firewalls Farm:

Our unique firewalls can handle multi-10Gbps of up to Layer7 Packet filtering and as high as 48 Million Packets Per Second.

Dark Fiber:

Connecting our data center location with our Network Edge provides us multi-10GE with seamless network bandwidth increase expansion.

Core Routing:

Multi-10GE uplink to our network edge, and our firewalls. Performs basic inter-VLAN customer-related routing and acts as uplink to Layer2 Switching segment.

Network IDS:

Our Network IDS, also a Sharktech-designed system, does real-time network monitoring and detects traffic anomalies and re-routes traffic to the firewall farm with the correct filters to block malicious traffic from the destined host.

Advantages of Our Network Infrastructure Design

Network Edge Switching:

Our primary point of contact with the Internet is in CoreSite where multiple Tier1 Carriers reside or have a point of presence, allowing us rapid expansion and competitive pricing.

Layer2 Switching:

Our network Layer2 is separated to multiple segments. Each network segment is comprised of multiple stacked switches with multiple uplinks to the core ensuring guaranteed network redundancy.

Firewalls Farm:

Our unique firewalls can handle multi-10Gbps of up to Layer7 Packet filtering and as high as 48 Million Packets Per Second.

Dark Fiber:

Connecting our data center location on 1500 Champa Street with our Network Edge provides us multi-10GE with seamless network bandwidth increase expansion.

Core Routing:

Multi-10GE uplink to our network edge, and our firewalls. Performs basic inter-VLAN customer-related routing and acts as uplink to Layer2 Switching segment.

Network IDS:

Our Network IDS, also a Sharktech-designed system, does real-time network monitoring and detects traffic anomalies and re-routes traffic to the firewall farm with the correct filters to block malicious traffic from the destined host.

FDC Uplink:

Backup peer agreement with FDC for inter-communications and peer agreements exchange.

Advantages of Our Network Infrastructure Design

Network Edge Switching:

Our primary point of contact with the Internet is in EQUINIX Chicago where multiple Tier1 Carriers reside or have a point of presence, allowing us rapid expansion and competitive pricing.

Layer2 Switching:

Our network Layer2 is separated to multiple segments. Each network segment is comprised of multiple stacked switches with multiple uplinks to the core ensuring guaranteed network redundancy.

Firewalls Farm:

Our unique firewalls can handle multi-10Gbps of up to Layer7 Packet filtering and as high as 48 Million Packets Per Second.

Dark Fiber:

Connecting our data center location in the Chicago Board of Trade with our Network Edge provides us multi-10GE with seamless network bandwidth increase expansion.

Core Routing:

Multi-10GE uplink to our network edge, and our firewalls. Performs basic inter-VLAN customer-related routing and acts as uplink to Layer2 Switching segment.

Network IDS:

Our Network IDS, also a Sharktech-designed system, does real-time network monitoring and detects traffic anomalies and re-routes traffic to the firewall farm with the correct filters to block malicious traffic from the destined host.

FDC Uplink:

Backup peer agreement with FDC for inter-communications and peer agreements exchange.

DDoS Filtering

Our network is proactively filtered in three different stages (upstreams, core-routers, distribution routers) and dynamically filtered in two stages (distribution routers, firewalls). Our NIDS (Network Intrusion Detection System) device captures inbound traffic, detects and logs malicious traffic, analyzes this data and finally provides the most appropriate filtering rules (layers 3-7) to our network firewalls by filtering the attack(s) with the least possible loss of legitimate traffic. NIDS' logging function includes reporting (after completing anti-spoof checks) source IPs involved to ISPs' abuse departments and anti-intrusion organizations that are connected with law authorities.

Our firewalls are capable to provide up to Layer7 filtering and they're connected between our core-router (which is directly connected to our data center's core-router) and our main router (which our switches are connected to) receiving filtering rules from NIDS and/or rarely from our staff members. Our firewalls have been designed to function both independently and as a whole. By default they all function together, but if for any reason NIDS becomes unavailable, the firewalls will start functioning independently. This may result in a temporary slower performance in order to avoid the network being unfiltered until NIDS becomes available again. Additionally, if one of the firewalls becomes unavailable, it instantly gets excluded from the load balancing system to prevent the network from becoming affected. This way, the network has a complete fail-over even if any of the firewalls or NIDS becomes unavailable.

Additionally, our NIDS analyzes and identifies attacks per packet's protocol, packet type and several other characteristics, giving the opportunity to our firewalls to filter an attack with at least 15 methods (planning to increase to 20+ methods in the near future). In rare cases, when an attack cannot get filtered differently, an IP null-route is applied. If the attack exceeds a specific number of Gbps (Gigabits per second) or Mpps (Million packets per second), additional ACLs may get applied in our router(s).

The firewalling mechanism described above has been completely designed and developed by Sharktech's engineers using a fundamental understanding of filtering and intensive knowledge and experience in preventing DDoS attacks. Our firewalls and NIDS use an open-source operating system with engineered firewalling and detection software.

Advantages of Our Network Infrastructure Design

Network Edge Switching:

Our primary point of contact with the Internet is in CoreSite where multiple Tier1 Carriers reside or have a point of presence, allowing us rapid expansion and competitive pricing.

Layer2 Switching:

Our network Layer2 is separated to multiple segments. Each network segment is comprised of multiple stacked switches with multiple uplinks to the core ensuring guaranteed network redundancy.

Firewalls Farm:

Our unique firewalls can handle multi-10Gbps of up to Layer7 Packet filtering and as high as 48 Million Packets Per Second.

Dark Fiber:

Connecting our data center location with our Network Edge provides us multi-10GE with seamless network bandwidth increase expansion.

Core Routing:

Multi-10GE uplink to our network edge, and our firewalls. Performs basic inter-VLAN customer-related routing and acts as uplink to Layer2 Switching segment.

Network IDS:

Our Network IDS, also a Sharktech-designed system, does real-time network monitoring and detects traffic anomalies and re-routes traffic to the firewall farm with the correct filters to block malicious traffic from the destined host.