GameShield

GameShield is a customizable network security solution, which has specifically been designed for the gaming industry.

GameShield is a customizable network security solution, which has been designed for the game industry. GameShield allows you to efficiently defend against TCP CC attacks that typically occur in the game industry and to prevent Tb-level DDoS attacks. In addition, GameShield can help you reduce the costs of security protection.

Benefits

Security and stability
Multi-level disaster recovery architecture and risk management system to block malicious users and prevent DDoS and CC attacks.
Ease of use
Supports SDK-based query dispatching within several seconds and eight-ISP-based BGP acceleration to guarantee the optimum gaming experience.
Ease of maintenance
Supports visual management and multiple built-in features in the console, allowing you to simply scale the architecture.
Cost efficiency
Supports customization to meet different business demands and save costs.

Features

  • Fully-compatible, stable, and multifunctional SDKs with multiple functions.

    SDK dispatcher

    A DNS dispatcher, which can encrypt and dispatch DNS queries from each client within several seconds.

    Connection probing

    An SDK-based network connection diagnosis function, which is used to precisely diagnose network congestion issues and collect data for query dispatching.

    Strong encryption

    Highly-encrypted and reliable SDKs, which can be dynamically upgraded (depending on the platform).

    Compatibility

    All SDK versions are stable and reliable, and have been tested on all platforms and up to ten million clients.

  • Mass DDoS attack prevention

    Advanced risk management architecture

    Malicious client identification based on device fingerprints, operation environment monitoring, and packet behavior learning, working with attack traffic dispatching to precisely and dynamically identify and block malicious clients within several seconds, even after being attacked.

    Elastic and scalable protection

    The GameShield console allows you to efficiently scale and deploy anti-DDoS nodes and game security gateways. GameShield has adopted the advantages of cloud computing for you to prevent mass DDoS attacks and CC attacks at any time.

    UDP block

    All single-ISP-line protection nodes support the ISP-level UDP block service, which allows you to defend against malicious UDP traffic while preventing other attacks.

  • Precise CC attack prevention

    Empty and slow connection request prevention

    The game security gateways can automatically intercept empty and slow TCP connection requests.

    Mass CC attacks

    You can scale the number of game security gateways to intercept more than four million queries per second and defend against six hundred thousand zombies and up to 8 GB in traffic of CC attacks.

    Blacklist and whitelist with up to one million IP entries

    GameShield allows you to create a dedicated cluster of game security gateways for your business and use machine learning algorithms to automatically identify attacker IP addresses and then blacklist them. The game security gateways also allow you to block traffic from specific physical locations.

    Gateway-to-SDK encryption tunnels

    GameShield uses a gateway-to-SDK encryption tunnel to encrypt data transmitted between a game client and the server. Each client has only one single-use password. This can help you defend against CC attacks.

  • High-quality network nodes

    Access to high-quality backbone networks

    Single-ISP-line protection nodes are directly connected to the backbone network of China Telecom, China Unicom, and China Mobile with a latency less than 50 milliseconds.

    Eight-ISP-based BGP acceleration

    Deploys BGP nodes in Beijing, Hangzhou, and Shenzhen to access eight ISPs to efficiently dispatch queries and resolve network slowness and latency issues in single-ISP-line protection.

  • Statistics and analysis

    Data Reports

    Supports statistics and analysis of traffic data, SDK calls, DDoS and CC attacks, to locate issues and boost business development.

  • Log management

    Multiple types of logs

    Supports customization of multiple log types, including flow logs, TCP five-element logs, SDK dispatch logs, and connection monitoring logs.

    Persistent storage

    Supports persistent log storage in Alibaba Cloud Object Storage Service (OSS). You must manually activate OSS.

    Log analysis

    Incorporates GameShield logs and Alibaba Cloud DTplus to provide customization services, such as monitoring visualization. To use these services, you must activate specific Alibaba Cloud DTplus services, including DataV and MaxCompute.

Common Scenarios

  • CC attack prevention
  • Connection monitoring
  • Network congestion prevention
  • Network acceleration
DDoS attack prevention

DDoS attack prevention

Tb-level DDoS attack prevention.

The GameShield SDK automatically creates groups and dispatches queries based on the client information that it collects. This can help you identify and block malicious clients to prevent Tb-level attacks.

Benefits

  • Cost efficiency

    Prevents 300 GB of DDoS attacks with the monthly fee of RMB 30,000.

  • High performance

    High performance and stability based on the distribution system architecture and high-performance forwarding software developed by Alibaba Cloud.

  • Flexible dispatching

    SDK-based client query dispatching.

CC attack prevention

CC attack prevention

Layer-4 CC attack prevention to defend against 1,000,000 malicious queries per second.

GameShield establishes encryption tunnels from GameShield SDKs to game security gateways to help you defend against CC attacks, such as forged TCP connection requests or protocol packets sent by zombies. GameShield also provides other features, such as packet inspection, to help you defend against CC attacks without the need to launch the GameShield SDK.

Benefits

  • Precise detection

    Precise CC attack prevention with zero false positives and false negatives.

  • High performance

    GameShield can manage a minimum of 100,000 business queries per second and defend against 500,000 to 1,000,000 malicious queries per second.  

  • Dedication

    Business dedicated clusters that enable one million IP entries into whitelists and blacklists and traffic blocking based on physical locations.

Connection monitoring

Connection monitoring

Precise network issue diagnosis.

In a mobile network, slow networks and network latency occur regularly on clients and are difficult to diagnose. GameShield provides an SDK-based connection diagnosis function for you to automatically and manually probe the network and diagnose the cause of the slow network and network latency.

Benefits

  • Network latency and slowness detection

    Uses the GameShield SDK to detect and report areas where network latency and slowness have occurred.

  • Network diagnostic reports

    Automatically generates network diagnostic reports for a specific client. 

  • Multiple types of diagnostic information

    Multiple probing methods, including Ping, Tracert, and TCP probe.

Network congestion prevention

Network congestion prevention

You can dispatch packets that cause network congestion.

Based on the connection monitoring function and the distribution of game security nodes, you can precisely dispatch queries from a specified client. This allows you to resolve network latency and slowness issues.

Benefits

  • Precise dispatching

    You can dispatch queries sent from a specific client.

  • Multi-node deployment

    All GameShield nodes can dispatch queries.

Network acceleration

Network acceleration

Intelligent acceleration for the entire network.

Collects SDK information, deploys GameShield nodes on the entire network, and incorporates encryption tunnels between GameShield SDKs and game security gateways to accelerate traffic forwarding on the entire network.

Benefits

  • Secure

    Supports end-to-end connection encryption to prevent hijacking and traffic probing.

  • Compatibility with multiple terminals

    Provides iOS and Android SDKs and supports protocol optimization and multiplexing.

  • Low latency

    Deploys GameShield nodes on the backbone network to reduce network latency.