Automatically mitigate disruptive and distributed attacks

Deploy rapidly and immediately protect against application DDoS attacks. Leveraging our network’s massive bandwidth and adaptive techniques, Fastly DDoS Protection automatically keeps you performant and available without any required configuration.

Scalable network

Building on our powerful, global network offering 350+ Tbps capacity, we dynamically and proactively process, analyze, diagnose, and respond to DDoS attacks of all sizes.

Automatic mitigation

Enable Fastly DDoS Protection with the flip of a switch to automatically block application DDoS attacks to ensure they don’t disrupt your business.

Versatile protection

No matter your architecture, you can deploy Fastly’s DDoS Protection to gain speedy, scalable defenses without tuning, even as you ship changes on-demand.

Request a demo

By creating an account you agree to the Terms of Service and acknowledge our Privacy Policy.

Benefits

Smarter, automatic mitigation

Gain a dynamic, proactive, and automatic solution that detects, evaluates, and immediately reacts to DDoS attacks without any manual intervention so you can keep your website and mobile apps performant and available.

Enhance resiliency

Ensure performance and availability of your apps and APIs so your organization can maintain revenue generation and limit outage-related brand reputation impacts.

Zero Attack Fees

We align our pricing to the value you get, billing based on legitimate traffic that your business wants, never for the attack spikes we mitigate that you don’t.

Reduce Cloud Spend

Stop attacks from hitting your origin and inflating operational costs while creating reduced, more consistent cloud spend overall.

Features

Every app and API needs DDoS protection

From startups launching their first mobile app to the world’s largest e-commerce sites, every application and API on the internet is susceptible to DDoS attacks slowing their service, inflating cloud expenses, or, worse, taking them offline. With Fastly DDoS Protection, anyone can flip a switch and gain immediate protection.

Scalable network

Building on our powerful, global network offering 350+ Tbps capacity as of June 30, 2024, we automatically absorb massive network layer attacks while dropping any irrelevant non-HTTP/HTTPS traffic. With the power of Fastly’s platform, we dynamically and proactively process, analyze, diagnose, and respond to DDoS attacks of all sizes so your team can uphold scalability, stability, and reliability – all with one click of a button.

Automatic mitigation

Enable Fastly DDoS Protection with the flip of a switch to automatically block application DDoS attacks – from everyday nuisances through never-before-seen traffic spikes – to ensure they don’t disrupt your business. When unexpected volumetric traffic events arise, Fastly’s proprietary Attribute Unmasking techniques validate their legitimacy and if malicious, begin scanning a comprehensive list of characteristics to find the attacker and confidently mitigate their attacks, even if they rotate IPs.

Versatile protection

No matter your architecture, you can deploy Fastly’s DDoS Protection to gain speedy, scalable defenses without tuning, even as you ship changes on-demand. Offered as a standalone solution, it mitigates application DDoS attacks before they turn into incidents, without forcing engineering teams to become security experts or purchase confusing bundles. Start with dynamic, proactive protection at the click of a button, then integrate with the rest of our edge cloud platform when you’re ready.

Additional Features

Mitigation features you can count on

Protect against Denial of Service style attacks with flexible configurations that enable powerful protection

Origin Shielding

Fastly’s Origin Shield maximizes computing resources for continuous content requests by designating a specific POP to serve as a “shield” for your origin servers. A shield POP can also be used to configure more specific DDoS protections and improve service availability.

Fastly cache IP space

Fastly provides an API endpoint so you know which IP addresses our caches will use to send traffic from our CDN to your origin server. This enables you to update firewalls at the origin so only our cache traffic can access your resources.

Rate limiting

Fastly offers rate limiting on the edge and within the WAF. Edge rate limiting on the CDN is ideal for high-speed, high-volume attacks, while the Next-Gen WAF’s advanced rate limiting counters slow and low attacks. Together, they provide unmatched flexibility to effectively mitigate attacks of any level and complexity.

Custom DDoS filters

Upload custom VCL to block certain URLs, client types, geographies, or types of requests for immediate response to DDoS attacks.

Stop reflection and amplification (DRDoS)

Distributed Reflection Denial of Service (DRDoS) attacks take down a victim's network by overwhelming it with response requests sent from a different or spoofed origin.

Stop ping floods, ICMP floods, UDP abuse

Ping Floods (also known as ICMP floods) aim to overwhelm a network with ICMP echo requests, impacting both outgoing and incoming bandwidth.

Ready to get started?