What is IBM Cloud® Internet Services?

IBM Cloud Internet Services brings market-leading security and performance to your external web content and internet applications before they reach the cloud.


Performance and reliability

person holding a tablet

Performance and reliability

Elevate apps by improving mobile experiences, ensuring app availability and accelerating app performance.


two security cameras mounted on the outside of a building


Get a product designed to protect against online threats like data breaches and bot abuse.

Key feature

The app protection you need

How it’s used

VPC isolated workloads

Deploy isolated workloads across multiple locations and zones

Secure multiregion Kubernetes clusters

Deploy an application on multiple Kubernetes clusters.

Global and high availability applications

Deploy an internet-facing application.

Frequently asked questions

What is a DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic.

How does a DDoS attack work?

A DDoS attack involves an attacker gaining control of a network of online machines. Computers and other machines are infected with malware, turning each one into a bot. The attacker then has remote control over the group of bots (called a botnet). The attacker can then direct the machines by sending updated instructions to each bot using a remote control.

What are common types of DDoS attacks?

Different DDoS attack vectors target varying components of a network connection. A network connection on the internet is composed of many different components or “layers.” Like building a house, each step in the model has a different purpose. The OSI model is a conceptual framework used to describe network connectivity in seven distinct layers.

What is the process for mitigating a DDoS attack?

Mitigating a multi-vector DDoS attack requires various strategies to counter different trajectories. The more complex the attack, the more difficult to separate from normal traffic – the goal of the attacker is to “blend in” as much as possible. To overcome a complex attempt at disruption, a layered solution will give the greatest benefit. 

What is a web application firewall?

A web application firewall (WAF) helps protect web applications by filtering and monitoring HTTP traffic between a web application and the internet. By deploying a WAF in front of a web application, a shield is placed between the web application and the internet. A WAF protects the server from exposure by having clients pass through the WAF before reaching the server.

What is the difference between blacklist and whitelist WAFs?

A WAF that operates based on a blacklist (negative security model) protects against known attacks. Conversely, a WAF based on a whitelist (positive security model) only admits traffic that has been pre-approved. Both blacklists and whitelists have their advantages and drawbacks, which is why many WAFs offer a hybrid security model, which implements both.

What is a content delivery network?

A content delivery network (CDN) refers to a geographically distributed group of servers, working together to provide fast delivery of internet content. A CDN quickly transfers assets needed for loading internet content. The popularity of CDN services continues to grow, and today most web traffic is served through CDNs.

How does a CDN work?

To improve speed and connectivity, a CDN will place servers at exchange points between different networks. These internet exchange points (IXPs) are the primary locations where different internet providers connect to provide each other access to traffic originating on their different networks.

How does a CDN improve website load times?

For websites loading content, users drop off quickly as a site slows down. The globally distributed nature of a CDN means reduced distance between users and website resources. Instead of having to connect to wherever the origin server of a website may live, a CDN lets users connect to a geographically closer data center. Less travel time means faster service.

What is DNS?

The Domain Name System (DNS) is the phonebook of the internet. People access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load internet resources.

How does DNS work?

DNS resolution involves converting a host name (such as www.ibm.com) into a computer-friendly IP address (such as Each device on the internet is assigned an IP address that’s used to find the device. When loading a web page, what a user types into their browser’s address field is translated into the IP address needed to locate that web page.

What is a DNS resolver?

The DNS resolver is the first stop in the DNS lookup and is responsible for dealing with the user who made the initial request. The resolver starts the sequence of queries that ultimately leads to a URL being translated into the necessary IP address