DDoS detection you control
DDOS-Guard routes your traffic through third-party scrubbing infrastructure. Flowtriq runs on your servers, detects attacks in 1-2 seconds, and lets you choose your own mitigation path. Your traffic, your data, your control.
Different categories
Detection vs scrubbing: understanding the difference
DDOS-Guard is a cloud scrubbing service. Flowtriq is a detection and mitigation orchestration platform. They solve different parts of the DDoS problem.
Proxy-based scrubbing requires traffic rerouting
Cloud scrubbing services like DDOS-Guard work by routing your inbound traffic through their network, filtering it, and forwarding clean traffic to your origin. This means a third party sees all your traffic, adds latency, and becomes a single point of dependency.
Geopolitical considerations
DDOS-Guard is headquartered in Russia with scrubbing infrastructure primarily in Eastern Europe. For organizations with data sovereignty requirements, compliance obligations, or customers in regions with sanctions concerns, routing traffic through Russian infrastructure may not be acceptable.
No per-server visibility
Proxy-based services see traffic at the network edge, not at the server level. They cannot build per-server baselines, detect below-threshold attacks targeting individual nodes, or provide server-side PCAP evidence for forensic analysis.
Vendor dependency
When your protection depends on a single scrubbing provider, their outages become your outages. Their pricing changes become your cost increases. Their policy decisions affect your service. Agent-based detection keeps you independent.
Side-by-side comparison
DDOS-Guard vs Flowtriq
A factual comparison between cloud scrubbing and agent-based detection.
| Capability | Flowtriq | DDOS-Guard |
|---|---|---|
| Architecture | ||
| Approach | Per-server agent, detection + mitigation orchestration | Proxy-based cloud scrubbing |
| Traffic routing | No rerouting required | All traffic routes through DDOS-Guard |
| Data ownership | Your data stays on your infrastructure | Third party sees all traffic |
| Detection | ||
| Per-server baselines | Dynamic per-node baselines | Network-edge detection only |
| Server-side PCAP | Automatic PCAP on every attack | No server-side capture |
| Detection latency | 1-2 seconds | Varies by service tier |
| Mitigation | ||
| Mitigation method | 4-tier: local firewall > FlowSpec > RTBH > cloud scrubbing | Cloud scrubbing (proxy-based) |
| Scrubbing provider choice | Cloudflare, OVH, Hetzner, DO, Vultr, Linode, custom | DDOS-Guard only |
| Operations | ||
| Alert channels | Slack, Discord, PagerDuty, OpsGenie, Telegram, SMS, email, Teams | Email, dashboard notifications |
| Pricing transparency | Public pricing: $9.99/node/month | Tiered plans, custom quotes for enterprise |
| Free trial | 14-day free trial, no credit card | Free tier with limitations |
Who each tool serves
Different tools for different needs
DDOS-Guard and Flowtriq are in different product categories. The right choice depends on whether you need scrubbing, detection, or both.
Flowtriq works well for
Operators who want per-server detection without routing traffic through a third party, teams with data sovereignty or compliance requirements, organizations that prefer choosing their own upstream scrubbing provider, and anyone who needs PCAP forensics and per-node baselines.
DDOS-Guard works well for
Web-facing services that primarily need HTTP/HTTPS scrubbing, operators comfortable with proxy-based protection, hosting customers who want turnkey protection bundled with their hosting, and users who prefer a managed scrubbing service over self-managed detection.
Common questions