Does Flowtriq work on AWS, cloud, or serverless?
Flowtriq works on any Linux cloud VM. It does not work on serverless platforms where there is no host OS to install an agent on. This page covers every major cloud provider and deployment model.
Compatibility
Cloud platform compatibility matrix
| Platform | Works with Flowtriq? | Deployment | Cloud firewall API |
|---|---|---|---|
| AWS EC2 | Yes | ftagent on each instance | AWS Shield Advanced orchestration |
| GCP Compute Engine | Yes | ftagent on each instance | - |
| Azure VMs | Yes | ftagent on each VM | - |
| DigitalOcean | Yes | ftagent on each Droplet | Yes (Cloud Firewall API) |
| Vultr | Yes | ftagent on each instance | Yes (Firewall API) |
| Linode / Akamai | Yes | ftagent on each Linode | Yes (Firewall API) |
| OVH / Hetzner | Yes | ftagent on each server | OVH VAC + Hetzner DDoS scrubbing |
| Docker / Kubernetes | Yes | ftagent on host node (DaemonSet for K8s) | - |
| AWS Lambda | No | No host OS | Use AWS Shield |
| GCP Cloud Run | No | No host OS | Use GCP Cloud Armor |
| Cloudflare Workers | No | No host OS | Use Cloudflare DDoS Protection |
| Azure Functions | No | No host OS | Use Azure DDoS Protection |
Complementary
Flowtriq complements cloud provider protection
Every major cloud provider includes basic DDoS protection. Flowtriq adds per-instance visibility, forensics, and automated response that provider-level protection does not offer.
AWS Shield Standard + Flowtriq
AWS Shield Standard is free and protects all AWS resources against common L3/L4 DDoS attacks at the network edge.
Flowtriq adds: per-instance detection, attack classification with confidence scoring, PCAP forensics, custom alert channels (Slack, PagerDuty, Discord), audit logging, and automated on-instance mitigation rules. Shield Standard does not provide per-instance visibility or forensic evidence.
Cloudflare + Flowtriq
Cloudflare proxies HTTP/S traffic and absorbs DDoS at its edge network.
Flowtriq adds: detection for non-HTTP protocols (UDP, DNS, game traffic), per-server PCAP evidence, infrastructure-layer visibility behind the Cloudflare proxy, and BGP mitigation for traffic that does not flow through Cloudflare.
OVH / Hetzner + Flowtriq
OVH VAC and Hetzner DDoS Protection scrub traffic at the provider edge.
Flowtriq adds: per-server visibility into what attacks reached your server, forensic evidence (PCAP, classification), alerting, and audit trails. Provider scrubbing mitigates; Flowtriq shows you what happened and generates compliance evidence.
Multi-cloud deployments
If your infrastructure spans AWS, GCP, bare metal, and a colo, each provider has its own DDoS tooling with different dashboards and alert formats.
Flowtriq provides: a single dashboard for DDoS detection across all providers. Same agent, same alerts, same incident format regardless of where the server runs.
Serverless
What about serverless?
Flowtriq cannot protect serverless functions (AWS Lambda, GCP Cloud Run, Cloudflare Workers, Azure Functions) because there is no host operating system to install an agent on. These platforms abstract away the server entirely.
For serverless DDoS protection, use your platform's built-in options:
- → AWS Lambda: AWS Shield Standard (free, automatic) or Shield Advanced (paid, with response team)
- → GCP Cloud Run: GCP Cloud Armor (WAF + DDoS protection)
- → Cloudflare Workers: Cloudflare's built-in DDoS protection (automatic, unmetered)
- → Azure Functions: Azure DDoS Protection Standard
If your architecture is hybrid (some serverless + some VMs/bare metal), Flowtriq protects the VM/bare-metal portion while provider tools cover the serverless functions.
FAQ
Cloud questions
Does Flowtriq work on AWS?
Yes. ftagent runs on any EC2 instance running a modern Linux distribution. It provides per-instance DDoS detection, attack classification, PCAP forensics, and automated mitigation via iptables/nftables rules and cloud scrubbing (including AWS Shield Advanced orchestration). It complements AWS Shield Standard, which provides free basic L3/L4 protection.
Does Flowtriq work on GCP?
Yes. ftagent runs on Compute Engine instances. Install via pip, connect to the dashboard, and detection is active in under 60 seconds. GCP's built-in network protection handles basic volumetric attacks; Flowtriq adds per-instance visibility, classification, forensics, and automated response.
Does Flowtriq work on Azure?
Yes. ftagent runs on Azure VMs running Linux. Azure DDoS Protection Standard operates at the network edge; Flowtriq provides per-VM detection, PCAP forensics, alerting, and mitigation orchestration that Azure does not offer at the instance level.
Does Flowtriq work on DigitalOcean, Vultr, or Linode?
Yes. ftagent runs on Droplets (DigitalOcean), Vultr instances, and Linode/Akamai compute instances. Flowtriq also integrates with the cloud firewall APIs of these providers to auto-deploy blocking rules when attacks are detected.
Does Flowtriq work on serverless (Lambda, Cloud Run, Workers)?
No. Serverless platforms do not provide a host OS to install an agent on. Flowtriq requires a Linux server where ftagent can run. For serverless DDoS protection, use your cloud provider's built-in options: AWS Shield, GCP Cloud Armor, or Cloudflare's proxy.
Does Flowtriq work in containers and Kubernetes?
Yes. ftagent runs on the host node in a containerized environment. It monitors network traffic at the kernel level regardless of container orchestration. For Kubernetes, install ftagent as a DaemonSet on each worker node.
Does Flowtriq need BGP to work on cloud?
No. BGP FlowSpec and RTBH are optional features for operators with BGP infrastructure. On cloud VMs, Flowtriq provides full detection, classification, PCAP forensics, alerting, and on-node mitigation (iptables, nftables) without any BGP configuration. Cloud firewall API integrations (DigitalOcean, Vultr, Linode, Cloudflare WAF) provide additional cloud-native mitigation.
Can I use Flowtriq with AWS Shield Advanced?
Yes. Flowtriq detects attacks at the instance level and can trigger AWS Shield Advanced scrubbing as one of its 9 cloud scrubbing provider integrations. AWS Shield Advanced handles volumetric traffic absorption; Flowtriq provides detection, classification, and forensics.
Related
Learn more
Works on any Linux cloud VM.
14-day free trial. 60-second install. No credit card required.