The future of business starts with developers

Learn more
Company The team behind better online experiences Network Map A new architecture for the modern internet Industry Analyst Relations See what industry analysts say about Fastly News Recent updates and announcements Platform The platform behind better, faster and more secure digital experiences Customer Stories See how the best of the web succeed Events Connect with Fastly at an event Careers Join the team that's building a better internet

The Fastly Edge Cloud Platform

See All Products
Content Delivery (CDN) Deliver fast, personalized experiences globally Live Streaming Deliver seamless live streaming experiences Streaming Video (VoD) Deliver exceptional on-demand video experiences Media Shield Optimize multi-CDN deployments On-the-Fly Packager Dynamically package on-demand video content in real time Image Optimization Rapid image processing at the edge Load Balancer Granular control over routing decisions TLS Encryption Reduce the complexity of TLS management Origin Connect Connect directly to Fastly IP Addresses Easily manage IP addresses HTTP/3 & QUIC Modern protocols Domain Research API Instant, accurate domain name discovery Object Storage Get direct access to large files at the edge with zero egress fees
Next-Gen WAF Modern web app and API security, anywhere Bot Management Detect and mitigate bot attacks DDoS Protection Automated mitigation of disruptive and distributed attacks API Security Secure your API endpoints Client-Side Protection Defend against client-side attacks AI Bot Management Stop AI bots from scraping website content
Edge Compute Take your apps to the edge — our instant platform helps you build amazing experiences for your users Key Value Store The fastest key value store you can get, but as easy to use as your familiar database tools Websockets & Fanout Real-time messaging, at global scale, with complete personalization and easy setup Developer SDKs Program the same services we use to build Fastly products Enterprise Serverless The most powerful serverless platform, built on open standards and integrated with Fastly’s full suite of products AI Accelerate your AI workloads and improve efficiency with semantic caching Object Storage Get direct access to large files at the edge with zero egress fees Programmable Cache Get full programmatic access to the same legendary caching that powers our CDN. MCP Server AI-powered control for your Fastly services.
Real-time Logging Stream and analyze logs in real-time Edge Observer Explore live and historical traffic data Domain Inspector Assess domain level insights Origin Inspector View complete origin to edge insights Alerts Create notifications for service-related metrics Log Explorer & Insights Interact with actionable insights

Extraordinary services for exceptional results

See All Services
Professional Services Expert help to migrate or optimize your delivery service Live Entertainment Services Live streaming experiences that scale with your audiences Support Plans World class support from start to finish Managed CDN Maximized control and flexibility Managed Security Expertly managed web application protection Customer Support Fastly Support helping you grow better, together

Innovative digital solutions

See all our solutions
Streaming Media Deliver stellar live and on-demand streaming Emerging Media High performance for emerging media brands Digital Publishing Real-time journalism with improved reader experiences eCommerce Fast, personalized experiences at scale Financial Services Integrated security to protect customer data High Tech Instantly scale your performance as you grow Travel & Hospitality Online tailored experiences for your guests and visitors Online Education Deliver secure learning experiences at scale Gaming Fuel your players’ next win with ultra-fast, secure game downloads
Infrastructure Savings Achieve lower, more predictable cloud spend Multi-cloud Optimization Reduce complexity and unify cloud resources Customer Trust Learn more about Fastly’s Customer Trust initiatives Privacy Enablement Learn how to protect your user's data Sustainability Dashboard See your electricity use and GHG emissions for the Fastly platform

Empowering every developer to build incredible experiences

Try Fastly Free
Developers Build something amazing today Fast Forward Creating a more trustworthy internet Dev Tools Dev tools built for teams - with an edge Developer SDKs Program the same services we use to build Fastly products Community Join developers around the world Sign up Create a free developer account

Help build a fast, safe, and engaging internet with Fastly

Why Partner with Fastly Help deliver safe, fast and engaging experiences Cloud Partners Learn about the benefits of combining Fastly with your cloud services Channel Partners Enhance your offerings & capabilities with Fastly products Technology & Integration Partners Explore our partner ecosystem
Partner Portal Login Access all your Fastly partner resources Become a Partner Enhance your business by reselling or referring Fastly products Find a Partner Let us help connect you with the right partner for your needs

Get Help with Fastly

Documentation Get the most out of Fastly Resource Library Explore data sheets, reports, and more Fastly Academy Hands on learning with Fastly products Learning Center Learn about Internet technology Blog Our latest thoughts and ideas Security Research Stronger security through research Fastly's POV Explore expert and industry insights
Support Center How can we help? Contact Us Get in touch today
Back to learning center

What is a Volumetric DDoS Attack?

A volumetric Distributed Denial-of-Service (DDoS) attack is a cyberattack designed to overwhelm a target’s network infrastructure by flooding it with huge amounts of traffic. Attackers use numerous compromised computers (called a botnet) to produce a volumetric, or large scale, attack, with the goal of completely overwhelming a target system. 

By consuming all available bandwidth between the target and the internet, it becomes impossible for legitimate users to access websites, APIs, or services. Think of this like a traffic jam - influxes of vehicles to a single lane road mean no one can get through. 

These volumetric attacks are not necessarily intended to exploit software vulnerabilities in the target system - instead, they aim to incapacitate the target so bad actors can access the compromised system. 

How does a volumetric attack work?

Volumetric attacks typically use botnets. A botnet is a group of compromised computers or Internet of Things devices (IoT) that are under the control of a hacker (also known as a “botmaster” or “bot herder”). They enable a botmaster to launch large-scale attacks via the pooled computational resources the botnet makes accessible. 

Attackers can control these devices remotely and instruct them to send traffic simultaneously to a target.

Because the traffic comes from a huge number of distributed sources, it can be very difficult to block. The massive influx of data saturates network links, routers, and firewalls, preventing legitimate traffic from reaching the destination.

What is the main goal of a volumetric DDoS attack?

The main objective is to exhaust available bandwidth. Every internet connection has a finite capacity, and when incoming malicious traffic exceeds that capacity, legitimate requests are dropped or delayed. Think again about the traffic analogy.

This effectively causes:

  • Website outages

  • API failures

  • Service degradation

Unlike other attack types, volumetric attacks don’t need to actually “break” anything or hack into a system- they simply have to overwhelm resources in order to be effective. 

What are common types of volumetric attacks?

Volumetric attacks come in several forms, each designed to generate high traffic volumes:

  • UDP Floods. Attackers send large numbers of UDP packets to random or specific ports, forcing the target to process and respond to each one.

  • ICMP (Ping) Floods. Massive numbers of ICMP echo requests (“pings”) are sent to the target, consuming bandwidth and processing power.

  • Amplification Attacks. These attacks use legitimate third-party servers to multiply traffic volume, making them especially powerful and efficient.

Each method focuses on maximizing traffic output relative to attacker effort.

You can read more in depth about the different types of volumetric and standard DDoS attacks here

How large can volumetric attacks get?

Modern volumetric attacks can reach hundreds of gigabits per second (Gbps) or even exceed 1 terabit per second (Tbps). Some of the largest recorded attacks have surpassed multiple terabits per second.

To put this in perspective:

  • A typical enterprise network might handle 1 to 10 Gbps

  • A Tbps-scale attack is hundreds of times larger

This scale makes volumetric attacks particularly dangerous for organizations without large-scale mitigation infrastructure and security tooling in place. 

How are volumetric attacks different from other DDoS attacks?

DDoS attacks are generally divided into three categories:

  • Volumetric attacks. These focus on overwhelming bandwidth with sheer traffic volume.

  • Protocol attacks. These target weaknesses in network protocols - an example is SYN floods. 

  • Application-layer attacks. These target specific applications or services - an example is HTTP request floods that mimic real users. 

Volumetric attacks are different from other DDoS attacks namely because they use a brute force strategy - rather than using sophisticated or more pointed tactics, they simply send a deluge of traffic at scale and hope for success. 

What are the signs of a volumetric DDoS attack?

Organizations can often detect volumetric attacks by observing unusual traffic patterns. Key signs to look out for include: 

  • Sudden and dramatic spikes in inbound traffic

  • Network congestion or complete service outages

  • Increased latency and slow response times

  • Packet loss or dropped connections

  • Traffic coming from many geographic locations simultaneously

Because the traffic volume is so high, these attacks are often easier to spot compared to other DDoS attack types. Having the right solutions in place that monitor and alert in real time helps keep an organization on top of any sudden changes. 

Why are volumetric attacks so effective?

Volumetric attacks are effective because they combine simplicity with scale. They are easy to launch using readily available tools or botnets and are also highly scalable. Since they are difficult to trace due to their distributed nature and attackers often ‘spoof’ the traffic sources, it can be very hard for organizations to identify the source(s) of an attack. 

When an attack does happen, it requires enormous resources (both from an infrastructure and personal perspective) to mitigate. Without proper preparation and strategies in place, organizations can really struggle. 

Who is typically targeted?

Volumetric DDoS attacks can target virtually any internet-facing service, including:

  • E-commerce platforms (causing revenue loss)

  • Financial institutions (disrupting transactions)

  • Gaming services (impacting user experience)

  • SaaS platforms and APIs (affecting customers downstream)

  • Government and critical infrastructure

Attack motivations range from financial gain and extortion to competition, activism, or disruption.

How can organizations defend against volumetric attacks?

Defending against volumetric attacks requires infrastructure capable of handling or absorbing large traffic volumes. Common strategies include:

  • DDoS mitigation services. Specialized providers use large-scale networks to filter malicious traffic before it reaches the origin.

  • Traffic scrubbing centers. Incoming traffic is routed through systems that analyze and remove attack traffic.

  • Anycast networking. Traffic is distributed across multiple global data centers, reducing the impact on any single location.

  • Rate limiting and filtering. Suspicious traffic patterns can be throttled or blocked.

  • Scalable infrastructure. Cloud-based systems can dynamically absorb spikes in traffic.

No single solution is enough- effective defense requires a layered security strategy. That is, a strategy that considers multiple methods for detecting and preventing the inevitability of a DDoS attack. 

For more information, you can read this ‘Guide to Stopping a DDoS Attack’ here

Can volumetric DDoS attacks be completely prevented?

It is not possible to completely prevent volumetric attacks, as they originate from external sources on the internet. However, organizations can minimize their impact through preparation.

Effective mitigation focuses on:

  • Rapid detection

  • Automated traffic filtering

  • Scalable infrastructure

  • Incident response planning

With the right defenses in place, attacks can often be mitigated without noticeable disruption to users.

Why Fastly Is Your Best Solution to Preventing DDoS Attacks

Maintaining comprehensive security against DDoS attacks presents major challenges in terms of cost, complexity, false positives, evolving threats, and resource intensity. However, Fastly's cloud-based DDoS protection solution directly resolves each of these concerns.

The key benefits of Fastly’s DDoS Protection include the following:

  • Lowers Costs: Fastly offers cost-effective DDoS protection, which is included with its CDN services. 

  • Simplified Complexity: Fastly's solution requires no complex setup or manual tuning on your side. The network automatically absorbs layer 3/4 attacks, while the next-gen WAF seamlessly handles Layer 7 threats.

  • Reduced False Positives: Fastly's advanced SmartParse detection engine accurately classifies requests while minimizing the false positives that could block real users.

  • Continuous Evolution: Fastly enhances detection and mitigation based on solid intelligence, letting you stay ahead of evolving global attack trends

  • Resource Efficiency: Fastly's massive 336 Tbsp network has a built-in capacity to absorb even extraordinary attacks without performance impacts. 

  • Automated edge mitigation also reduces the origin load. 

Sign up for a free trial to learn more about how Fastly can bring you peace of mind and stop bad actors. 

You can also read more about available DDoS Mitigation providers here with this detailed guidance. 

Ready to get started?

Get in touch with us today
Talk to an expert