This document outlines the terms and conditions, service description, and service levels for Node4's DDoS Protection as a Service. It details how Node4 provides a combined approach to mitigate Distributed Denial of Service (DDoS) attacks, which involve multiple computers sending repeated requests to a server, making it inaccessible to valid users. The service aims to filter out malicious traffic while allowing genuine client traffic to pass through.
The document covers key definitions such as Client Responsible Incident, Mitigation, Incident, and Service Availability. It also specifies client responsibilities, including providing timely notice of cyber-attack threats and obtaining approval for penetration testing. The service does not guarantee prevention of all DDoS attacks and involves fees for installation, monthly service, and professional services. Node4 monitors its core infrastructure 24/7 and provides different levels of support based on incident priority, with specific response and resolution times.
Furthermore, the document addresses service availability objectives, outlining service credits for failing to meet targets, with exclusions for incidents caused by the client, third parties, or force majeure events. The DDoS Protection service includes mitigation of both application layer and volumetric DDoS attacks. Overall, it describes a comprehensive service designed to protect clients from DDoS attacks, with clear guidelines on responsibilities, incident management, and service level agreements.
