Megaport puts DDoS protection inside network

DDoS protection is usually something you bolt onto the edge of a network after the scary part starts. Megaport is trying a different move. On May 5, the company launched a built-in DDoS protection service for Megaport Internet that filters malicious traffic inside Megaport’s own network instead of sending it off to a separate mitigation service. That sounds like plumbing — but the stakes are uptime, latency, and whether a customer has to reroute traffic in the middle of an attack. (megaport.com) ### What actually changed? Megaport added DDoS protection as a native feature on top of Megaport Internet, its managed internet connectivity product. Customers turn it on through the Megaport Portal, pick from preconfigured mitigation profiles, and the company says the service can be deployed in under 60 seconds. The key design choice is where filtering happens — inside Megaport’s private network path, not as a detour to an outside scrubbing provider. (megaport.com) ### Why does “inside the network” matter? Traditional mitigation often works like an emergency roadblock. Traffic gets redirected to a cleaning station, bad packets get stripped out, then the rest gets forwarded back to the app. That works, but it can add routing complexity, operational delay, and sometimes extra latency at exact(megaport.com)leaning before the attack reaches the customer environment. (businesswire.com) ### What problem is this reacting to? Attackers have gotten better at spreading pressure around. A recent DataDome case is the clearest example: 2.45 billion malicious requests in five hours from about 1.2 million IP addresses against a large content platform. The trick was not raw peak flood alone. It was fragmentation — lots of sources, lower request rates per IP, and enough distribution to slip past simple rate-limit logic. (datadome.co) ### So is this about volumetric attacks or app attacks? Both, at least in the sales pitch. Megaport says the service covers volumetric, traffic-based, and application-layer attacks through one add-on. That matters because modern campaigns blur the line — one wave tries to saturate pipes, another tries to exhaust web infrastructure, and a third just hides in (datadome.co)ownstream box has to absorb the mess. (megaport.com) ### What’s the catch? The catch is visibility. When mitigation moves deeper into a provider’s network, customers get less direct line of sight into what the filtering path is doing under stress. Megaport says keeping traffic inline avoids extra latency and routing detours, but buyers will still care about tail behavior — weird spikes, false positives, and how narrowly t(megaport.com)Megaport’s system mitigates at the host or IP level so the rest of a customer network can keep running. That is the right idea. The proof will be how it behaves during ugly real incidents. (businesswire.com) ### Who is this really for? This is aimed at enterprises already using Megaport as connective tissue between clouds, data centers, and internet-facing services. Those customers do not want to assemble a separate mitigation stack every time they expose something publicly. They want the network underlay to come with security controls already attached — fast to enable, predictable to bill, and boring to operate. (megaport.com) ### Why now? Because “internet access” and “security service” are collapsing into one product category. Cloud connectivity providers have spent years selling private, programmable paths. The next step is to make those paths resilient by default. Megaport is betting that DDoS protection should feel less like renting a fire truck and more like having sprinklers built into the building. (businesswire.com)gaport-Launches-Built-In-DDoS-Protection-Enabling-On-Demand-Network-Resilience)) ### Bottom line? Megaport’s news is not that DDoS mitigation exists. It’s that the company wants mitigation to disappear into the network itself. If that works in practice, customers get faster protection with less rerouting drama. If it does not, they inherit a black box in one of the most sensitive parts of the path. (megaport.com)