When a customer has reported an active attack to the Redcentric Service Management Centre (SMC) or when an attack is detected through proactive monitoring, mitigation is enabled as follows:

Redcentric personnel signal to the mitigation supplier using crafted routing updates. The supplier then advertises the protected address space to the wider Internet through its peers and after a period of time when routing converges, all traffic to the protected addresses is routed through the supplier’s scrubbing platform. Traffic is usually routed through the scrubbing network within 1 hour of a reported or detected attack.

Mitigation will typically remain in place for 24 hours. If after 24 hours, the attack persists, mitigation remains in place for a further 24 hours.

When it is confirmed that the attack has ceased, mitigation is removed. Customer’ traffic is returned to the normal path and Customers are notified by email.
If mitigation is enabled due to instruction from the Customer as a result of a received threat, and an attack is not detected within 48 hours, originarily mitigation will be deactivated but it may be possible to extend mitigation protection if necessary.