Factsheet Managed Secure Cloud Compute customers can benefit from our Managed DDoS Protection service, integrating three solutions – a Web Application Firewall (WAF), a DDoS mitigation service, and a content delivery network (CDN) - into a single cloud-based service. The service protects you against DDoS attacks, allows you to serve content to end-users with high availability and high performance and helps you to meet PCI-DSS requirements. The Managed DDoS Protection service is hosted and run by Imperva, based on their Incapsula product (see www.imperva.com/products/wsc_incapsula.html). The service is PCI-certified and routes all your website and web application traffic via Imperva servers, intelligently profiling data in real-time to block even the latest web threats. The service protects you against current and emerging attacks, including SQL injection, cross-site scripting (XSS), illegal resource access, malicious bots, and other Open Web Application Security Project (OWASP) ‘Top 10’ threats. Your outbound website traffic is also automatically optimised, resulting in dramatically faster web page load times, while simultaneously reducing server workload and website bandwidth consumption. In addition, if you want to accept card payments via your website, this service will help you to fulfil the requirements of the Payment Card Industry's PCI-DSS section 6.6. The Managed DDoS Protection service can detect and block all of the DDoS attacks listed below:  TCP SYN+ACK  TCP FIN  TCP RESET  TCP ACK  TCP ACK+PSH  TCP Fragment  UDP  ICMP  IGMP  HTTP Flood  Brute FloodT  Connection Flood  Slowloris  Spoofing  DNS flood  Mixed SYN+UDP or ICMP+UDP flood  Ping of Death  Smurf  Reflected ICMP and UDP  Teardrop  Zero-day DDoS attacks  Attacks against common web servers such as Apache and II. The service proxies all web requests, so network layer DDoS attacks are never relayed to your servers. The service will therefore mitigate against all network level attacks against your site. The Imperva Cloud WAF protects websites with collective knowledge about threats, including newly emerging threats. Threat information is aggregated from the entire Imperva service network and is used to identify new attacks as they happen, simultaneously applying mitigation rules to all websites protected by the Imperva Cloud WAF. Monthly invoice against purchase order. All Eduserv services are managed to ITIL standards. Our 24/7 Network and Security Operations Centre (NSOC) and Service Desk are available for reporting service incidents and submitting change requests. Imperva’s engineers provide continuous website monitoring and security policy tuning. Additionally they provide proactive security event management and response. The Eduserv Service Desk will act as an interface between you and Imperva and will react as required in the event of a security incident to collaboratively resolve the issue. Eduserv will provide you with weekly reports as part of this service. Eduserv is a pan-government accredited (PGA) and ISO27001 certified organisation and uses appropriately certified management infrastructure, network connectivity, staff security clearance and processes to deliver the service in line with the Cabinet Office Security Policy Framework (SPF), CESG Good Practice Guide no.13 (GPG-13) and the PSN Code of Connection. The Imperva Incapsula service is a PCI-Certified Cloud-based WAF Solution and will help fulfil PCI 6.6 compliance requirements. Also available from the Digital Marketplace: Secure Cloud Compute; AWS Cloud Compute; Private Cloud Compute; Managed Infrastructure; Managed Application; Managed Database and Data Solutions; Website Development & Support; Cloud and Security Professional Services; Cloud Strategy and Roadmap; Cloud Adoption Assessment; Cloud Migration; Cloud Design. Eduserv is a not-for-profit IT services provider that helps public and third sector organisations to align their business and IT strategies, improve services and reduce costs. Our services include consultancy, managed cloud services, collocation and digital development. Imperva’s mission is to protect high-value applications and data assets in physical and virtual data centers worldwide. Their customers include 8 of the top 10 global telecommunications providers, 4 of the top 5 global computer hardware companies and over 250 government agencies and departments.