Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 7 attack families with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Layer 7 Detection
HTTP flood, credential stuffing, API abuse & bot detection.
Automated Runbooks
Chain mitigation steps into automated incident response playbooks.
Analytics Baselines Threat Intel & IOC Multi-Node Status Pages Correlation Audit Log Attack Profiles Flow Collection Mirror / SPAN Mode NEW
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape State of DDoS 2026 REPORT Free Certifications Hackathon Sponsorships
Research & Guides
Mirai Botnet Kill Switch Research memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners Managed Protection Whitelabel / Reseller Affiliate Program Pay with Crypto System Status
Legal & Support
Contact Us Security Trust Center Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs, see how teams like yours use Flowtriq to detect and stop DDoS attacks.

All Use Cases → Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs/MSSPs Small Operators Routers Edge Node Defense Proxy Providers VPN Providers
Gaming & Entertainment
Game Server Hosting Game Studios Esports Platforms iGaming & Sportsbooks
Business & Emerging
SaaS Platforms E-Commerce Financial Services Compliance VoIP & Cloud Calling GPU & AI Cloud

Free Tool

DDoS Config Converter

Select your current DDoS protection platform, answer a few questions about your setup, and get a personalized Flowtriq configuration — with a feature-by-feature translation and pricing comparison.

1
Select Platform
2
Your Setup
3
Flowtriq Config

What are you currently using?

Select your current DDoS protection solution. If you use multiple, pick the primary one.

Migrate from Any DDoS Platform to Flowtriq

Flowtriq supports direct migration from every major DDoS protection platform — open-source tools, hardware appliances, cloud scrubbing services, and gaming-focused networks. The migration path is the same in every case: install the ftagent on each Linux server alongside your current solution, let baselines form over 24–72 hours, then decommission your old platform with confidence.

From FastNetMon (Community & Advanced)

FastNetMon detects threshold violations in aggregated flow data from your routers. Flowtriq installs directly on each server as a kernel-level agent, providing per-packet visibility that flow sampling fundamentally cannot give you. Your existing BGP sessions (ExaBGP, GoBGP, BIRD, FRRouting) are reused by Flowtriq's BGP adapter — no peer changes required. What FastNetMon advanced doesn't have: attack classification, PCAP forensics, dynamic baselines, and alerts wherever your NOC works (Slack, PagerDuty, SMS, and more). What Flowtriq adds: all of those, plus AI summaries and a 4-level auto-escalation engine.

From Wanguard (Andrisoft)

Wanguard's Sensor + Filter architecture monitors flow data and diverts traffic via BGP for scrubbing. Flowtriq's ftagent replaces the Sensor with per-server packet analysis, and Flowtriq's automated mitigation (iptables, nftables, XDP/eBPF, cloud APIs) replaces the Filter's BGP diversion for most attack scenarios. Both your sFlow/NetFlow sources and BGP sessions can be carried forward directly.

From Hardware Appliances (Corero, Arbor APS, Radware, A10)

Hardware appliances provide inline mitigation but typically require significant CAPEX, dedicated management infrastructure, and ongoing maintenance. Flowtriq is SaaS — no hardware to provision, no server to patch, no licenses to renew. For hosting providers and cloud operators who already have Linux servers, adding a per-server agent is operationally simpler than maintaining appliances. Flowtriq also exposes per-server granularity that inline appliances often aggregate away.

From Cloud Scrubbing (Cloudflare Magic Transit, AWS Shield, Akamai Prolexic)

Cloud scrubbing services protect at the network edge. They're excellent at absorbing large volumetric attacks before they hit your transit links. What they cannot provide is per-server packet-level visibility: exactly which server was targeted, what the attack looked like at the packet level, and PCAP evidence for forensics or abuse reports. Flowtriq and cloud scrubbing services are complementary — run Flowtriq agents on your servers for server-level visibility, and use cloud scrubbing for transit-level absorption on your largest attacks.

From Gaming-Focused Networks (CosmicGuard, Path.net)

Gaming DDoS protection services use anycast BGP to absorb floods at the network level. They're optimized for UDP traffic and low-latency routing. Flowtriq installs on each game server to provide visibility into what's actually reaching the server, classification of UDP flood variants, PCAP capture for every incident, and server-level mitigation for attacks that bypass or precede network-level protection.

Get Your Personalized Flowtriq Config Above

Select your current platform in the converter tool, answer a few questions, and get your exact setup — including install commands, config file, alert channel mapping, and price comparison.

Start Free Trial — No Credit Card →

Frequently Asked Questions

How long does migration from FastNetMon to Flowtriq take?

Deploying the Flowtriq agent alongside FastNetMon takes under 2 minutes per server. Run both in parallel while baselines form (24–72 hours), then decommission FastNetMon. Total active work for a 20-node deployment is under one hour.

Can I keep my existing BGP sessions and ExaBGP setup?

Do I need flow data from routers, or is the agent enough?

Can Flowtriq replace Cloudflare Magic Transit?

What happens to alerts I had configured in my old platform?

Does Flowtriq work without a BGP router?

Parallel Migration Guide

How to safely migrate from your current DDoS solution to Flowtriq without any detection gaps.

1. Install alongside your current tool

Flowtriq runs as a lightweight agent (pip install ftagent) and uses minimal resources. It can run alongside FastNetMon, Wanguard, or any other tool without conflicts. Both systems monitor the same traffic simultaneously.

2. Compare detection for 7+ days

Run both systems in parallel and compare: alert timing, false positive rate, attack classification accuracy, and incident detail level. Flowtriq should match or exceed your current tool on all metrics.

3. Migrate mitigation triggers

Set up your BGP FlowSpec, RTBH, or cloud scrubbing triggers in Flowtriq. Use the converted config from above as a starting point. Test each trigger individually before going live.

4. Cut over and decommission

Disable alerts on your old tool, keep it running silently for one more week as a safety net, then remove it. Total expected migration time: 2-4 weeks. Total downtime: zero.