CenturyLink Communications UK Limited

CenturyLink DDoS Mitigation Service

The service cost-effectively mitigates risk posed by highly sophisticated, massive DDoS attacks through the application of proven anomaly detection technology. Available as an “on-demand” or “always-on” solution and backed by proven SLAs, CenturyLink DDoS Mitigation service cost effectively protects against most known forms of Layer 3 – 7 attacks


  • Threat Monitoring 24x7x365 globally deployed SOC Infrastructure
  • 12 Global Scrubbing Centres, with 3 more planned in 2016
  • Choice of services: On Demand or Always On mitigation
  • Flexible deployment options including Indirect or Direct Connection
  • A minimum /32 IP address range needed to implement service
  • DDoS mitigation/CDN network/MSS services from the network operator
  • We own the network and the DDoS mitigation service
  • A managed service charged through recurring costs, without system purchase
  • Best of class SLAs for unmatched threat protection
  • 4.5 Tbps attack ingestion


  • In house threat research and monitoring
  • Improved user experience Lower latency service for cleaned traffic
  • Minimise business impact - faster take down of command sites
  • One Solution protects all your services – Carrier agnostic
  • No requirement to allocate a new IP address range
  • Full suite of services, no 3rd party involvement
  • Service is typically less expensive than others
  • Portal based service management reduces costs of monitoring and managing
  • Peace of mind
  • Handle volumetric attacks via world’s largest network of Scrubbing centres


£6000.00 to £22950.00 per instance per month

Service documents

G-Cloud 9


CenturyLink Communications UK Limited

Mike Thomas

0330 060 9328


Service scope

Service scope
Service constraints Internet Connection required
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times When a ticket is opened on the Level 3 Incident Management System diagnosis begins into the cause. Automated notification emails can also be set up and Level 3 will provide updates at key milestones during the incident within the service SLA until the incident is resolved and closed.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels All DDoS Mitigation Customers are given access to our Global Security Operations Centres, who are available 24x7x365 to deal with attacks and support customers with the DDoS mitigation service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide comprehensive documentation on all aspects of the service
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction No available
End-of-contract process The service is disconnected

Using the service

Using the service
Web browser interface Yes
Using the web interface The web interface allows users to view comprehensive reporting of traffic flows and mitigation across the DDoS mitigation service, including tarffic flows over time, attack traffic volume, types of attack and volume of dropped traffic. The web interface also allows for support ticket logging and tracking.
Web interface accessibility standard None or don’t know
How the web interface is accessible The MyLevel3 Customer Portal is built on a robust platform accessible via the public Internet and is compatible with various software applications. The Portal employs three levels of authentication to ensure the protection and integrity of customer data. Each customer authorises a Delegated Administrator with customer-controlled, super-user account capabilities to create and modify user access and reset passwords on demand. Delegated Administrators can grant access in any combination of accounts and functionality to employees as business needs change. Logging into the Portal the first time can be accomplished using self-registration with basic account information listed on Level 3’s invoices. Password Policy Passwords are encrypted leveraging a SHA-256 hash function. Each password must be at least 8 characters and requires a specified mix of letters, numbers, and special characters.
Web interface accessibility testing None known
Command line interface No


Scaling available No
Independence of resources We scale the platform to meet the growing demand of our customers. In the event that any single customer requires more resources they are isolated to prevent impact to other users of the shared infrastructure
Usage notifications No


Infrastructure or application metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks The service is seperated at the transport layer
Data protection within supplier network Other
Other protection within supplier network The data is contained within the transport layer

Availability and resilience

Availability and resilience
Guaranteed availability Level 3 endeavour to make the service available 100% of the time., and begin to pay service credits after 60 consecutive seconds of platforms unavailability.
Approach to resilience Each scrubbing centre is deployed in a High Availability configuration Mitigation can be performed at any scrubbing centre, and traffic is scrubbed at the closest scrubbing centre to the attacker.
Outage reporting Outages are reported through the Service Manager

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Username and password
Access restriction testing frequency At least once a year
Management access authentication Username or password
Devices users manage the service through Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes CAS(T) telecommunications

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Level 3 Communications have a strict Change management control policy in line with our ISO20k certification.
The change process workflow can be summarised as follows:
• Change creation;
• Two Stage Change Approval (Quality / Technical);
• Identification of affected customers
• Customer notification.
• Implementation (generally between 00:00 and 06:00 Local time)
Vulnerability management type Supplier-defined controls
Vulnerability management approach Level 3 global security team receive threat information from a number of different sources including active monitoring of Level 3’s products and services and infrastructure, along with regular vendor vulnerability updates and information provided by communities of interest. Level 3 operate a regular patching policy and process along with a Vulnerability Management Forum for the review, risk management, prioritisation, remediation action plan and implementation planning associated with Vulnerabilities identified.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Level 3 operate an active protective monitoring process for it’s products, services and infrastructure which provides potential security event info to Level 3’s multiple SOC environment for analysis. Level 3’s SOC facilities are manned 24 x7x 365 providing as near as possible real-time response to security events with an escalation process to senior management as required.
Incident management type Supplier-defined controls
Incident management approach Level 3 maintain and operate a security incident process for management of potential security incidents which manages any potential incidents to conclusion. Anyone within Level 3 can raise a security breach via a dedicated portal which will then be analysed for required action. The process has defined paths of escalation and timeframes for escalation along with criteria for customer notification and response

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £6000.00 to £22950.00 per instance per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑