Teridion Demonstrates Resilience to DDoS Attack

Team Teridion

At the end of 2016, many major web properties have been impacted by the massive DDoS attack on the Dyn domain service. Teridion was a rare Dyn customer that was able to withstand the attack with no interruption.

This is because Teridion’s service spans multiple domain service providers and data centers, allowing Teridion to switch automatically between service providers in the case of an outage. Teridion was designed as a self-healing network that is resilient to a wide range of potential outages, including problems affecting entire data centers or regions.

Specific Teridion resilience capabilities include the following:

  • DNS provider failure: Every Teridion Kumo-X virtual network has multiple Domain Name Server (DNS) providers. If one provider fails or slows significantly, Teridion will switch to a secondary DNS provider.
  • Network failure: The TMS automatically reroutes traffic in response to any network congestion, including data center or network failures. This makes Teridion more reliable than dedicated MPLS lines for large outages.
  • TCR edge failure: TCRs are constantly monitored and unresponsive TCRs are automatically removed from a virtual network.
  • TCR core failure: The TMS automatically sets edge TCRs to route directly to the origin server if core TCRs become unavailable (for example through a data center outage).
  • TMS failure: a TMS failure will not affect Teridion Kumo-X, however automated routing adjustments to avoid congestion will stop until TMS is back online. Every element of TMS is replicated for high availability and mirrored for disaster recovery.
  • Teridion Portal failure: Teridion’s network performance is unaffected by the availability of the Teridion Portal.