Lumen help
DDoS Hyper support
Lumen® DDoS Hyper® offers an automated, digital path to turn up DDoS protections, backed by multiple layers of DDoS mitigation defense, including our extensive and deeply peered global backbone, advanced scrubbing center technology and Black Lotus Labs threat intelligence for reduced latency, enhanced performance and highly scalable mitigation capacity.
Managing DDoS Hyper
Two‑factor authentication (2FA)
Two‑factor authentication adds a second layer of protection for users who need to view and manage security services (such as DDoS Hyper). Control Center system administrators can add 2FA, re‑enroll 2FA, and remove 2FA for users in your organization. (In addition to 2FA, you need the Manage Security Solutions permission to manage DDoS Hyper services.)
DDoS Hyper videos (7 videos)
Frequently asked questions about DDoS Hyper
Get answers to common questions about ordering, activating, and managing DDoS Hyper service.
How do I order Lumen DDoS Hyper?
You can order DDoS Hyper online:
- For new customers, visit the Lumen DDoS Hyper shop page.
- For existing customers, sign in to Control Center, then click Shop, then click Marketplace.
- For all customers, download the Ordering DDoS Hyper checklist for a list of information needed and a step-by-step process to order, configure, and activate DDoS Hyper service.
What are the requirements for ordering DDoS Hyper?
- Ability to accept billing in U.S. currency
- Ability to designate a U.S.-based physical address where the majority of the service will be used
- Your router should be capable of:
- generic routing encapsulation (GRE) tunnel termination
- border gateway protocol (BGP) advertisements
- NetFlow generation
- If you select Flow-Based Monitoring (optional), your router must support simple network management protocol (SNMP).
- For internet service that is not provided by Lumen, IP address space of at least /24 or larger.
- If you have Lumen internet service, the minimum size of address space does not apply.
- If you have Lumen internet service, the minimum size of address space does not apply.
- Ability to provide technical details to activate the service, including:
- IP prefixes to be protected
- autonomous system number (ASN) of your internet provider
- IP address for your end of the GRE tunnel which receives the clean traffic
- If you select Flow-Based Monitoring, we also need:
- NetFlow Export IP address of the router
- SNMP version supported by your router
- For SNMP version 3, we need to know your:
- security level (Polling Only, Polling with Authentication, or Polling with Authentication and Privacy)
- SNMP authentication protocol (None, Secure Hash Algorithm (SHA-1), or Message Digest Algorithm 5 (MD5))
- SNMP encryption protocol (None, Advanced Encryption Standard (AES) for 128-bit, or Data Encryption Standard (DES))
- For SNMP version 3, we need to know your:
- SNMP polling IP address of the router
- Ability to configure the router to support the service
If you don't meet the requirements above, please contact your Lumen representative to learn about additional features available through Lumen DDoS Mitigation Service.
What happens once I order? How is Lumen DDoS Hyper installed?
You can track the status of your order in Control Center. The service is provisioned in near real time. Once provisioned, we will notify you and provide parameters so you can configure your equipment to work with DDoS Hyper.
How do I get help activating my purchase/service?
If you need help activating your service or have questions, dedicated support with chat and call options is available in Control Center. Sign in to view updates for your order and to access our support team.
Do I need two-factor authentication (2FA) to order DDos Hyper?
Two-factor authentication is not required for the first six hours after submitting the order. After six hours have passed since the order was submitted, you need two-factor authentication to view, make changes, or configure the service to activate it (if you haven't already activated your service). Your organziation's Control Center system administrator can add, re-enroll, and remove two-factor authentication for Control Center users in your organization.
Who recieves the 2FA?
Both the order contact and the technical contact will receive two-factor authentication when you ordered the service.
I am an existing customer. How do I ensure I have the correct permissions to order DDoS Hyper?
To place a DDoS Hyper order, you need to access the Shop tab in Control Center. If the Shop tab is not visible, contact your Control Center system administrator for access, open a portal support ticket to request access, or call 877-453-8353 (option 5) to have our team open a ticket on your behalf.
Who do I contact if I have an issue placing my order or configuring the service?
Use the chat button in the lower-right corner of Control Center.
What if I cannot see my order in my list of services?
Use the chat button in the lower-right corner of Control Center.
How long does it take to provision DDoS Hyper?
DDoS Hyper service is provisioned in approximately 15 minutes.
Which Lumen scrubbing center should I select?
Select the scrubbing center closest to your location. If you are creating multiple tunnels to the same location, continue selecting the next closest scrubbing center (to provide diversity).
How do I find my order if I leave during the process?
- If your DDoS Hyper order is currently being provisioned, sign in to Control Center and click Services. Then click View (in the Open Orders box).
- If your DDoS Hyper service is already activated, sign in to Control Center and click Services, then click DDoS Hyper (in the Network, Security, and Communications box).
How do I know when my clean traffic return path(s) or flow-based monitoring instance(s) have been provisioned and how long does it take?
The indicator next to the clean traffic return path or flow-based monitoring instance will turn green. It will take approximately 15 minutes.
Is there a sample configuration to help me configure my router to support DDoS Hyper service?
Yes, once your clean traffic return path has been provisioned, a link to sample configurations appears at the top of the configuration screen.
How do I know if the clean traffic return path or flow-based monitoring instance I configured failed?
If there is an issue with provisioning, the icon will turn red. Please note the provisioning can take up to 15 minutes to complete. If the icon turns red, Lumen automatically creates a ticket to resolve the issue. If you need immediate assistance, please contact support. During business hours, use the chat button in the lower-right corner of Control Center.
Where do I find my SNMP username and password?
You can access your SNMP username and password through Control Center by clicking Monitoring, click Security Services Administration, then click on the DDoS tab. Two-factor authentication is required to access your SNMP username and password.
Accessing your SNMP credentials for Flow-Based Monitoring
How do I sign in to the DDoS portal?
To access DDoS reports, return to Security Solutions Analytics and scroll down to View my DDoS Mitigation Portal Credentials under the DDoS Mitigation Service header.
Once you have your credentials, click on DDoS Mitigation and Reporting (under the Reports header).
Accessing your DDoS Mitigation and Reporting portal credentials
How do I run a test mitigation?
Once your service is activated, the Lumen Security Operations Center (SOC) can help you run a test mitigation. Contact the Lumen SOC at 866-254-5210.
How do I create ticket to get help?
- To submit a ticket for user permissions, two-factor authentication and other portal-related issues, sign in to Control Center and create a portal support ticket. If you need help creating a portal support ticket, use the chat button within Control Center or call 877-453-8353 (option 5).
- To submit a ticket related to your DDoS Hyper service, sign in to Control Center using two-factor authentication and create a security repair ticket. If you need help creating a security repair, call the Lumen Security Operations Center (866-254-5210).
What is the SLA for DDoS Hyper?
The service is monitored 24/7 by Lumen Security Operations Centers with alerts and mitigations backed by up to 10-minute time-to-mitigate SLAs for most known forms of attack after traffic is on-ramped through Lumen scrubbing centers.
I cannot see my DDoS Mitigation and Reporting portal credentials on the Security Solutions Analytics page. What do I do?
- For immediate resolution, contact the Security Operations Center (866-254-5210).
- For non-urgent issues, sign in to Control Center with two-factor authentication and create a security repair ticket.
I am having Control Center issues. How do I get help?
For general Control Center issues not specific to DDoS Hyper, including permissions, billing account number, inventory visibility, and related items, call 877-453-8353 (option 5).
DDoS Hyper support
- Control Center portal support (including two-factor authentication): Call 877-453-8353, option 5.
- DDoS Hyper quoting/ordering: For quoting and ordering support or questions about the service before ordering, contact your Lumen representative.
- DDoS Hyper provisioning/service testing: Once you place an order and configure your router to work with the DDoS Hyper service, contact the Lumen Security Operations Center (866-254-5210).
- DDoS Hyper Security Operations Center support:
- If your DDoS Hyper service is active:
- For urgent issues, contact the Lumen Security Operations Center (866-254-5210). Learn how to escalate an urgent issue.
- For non-urgent issues, sign in to Control Center using two-factor authentication and create a security repair ticket (Support > Security Repair Tickets).
- For urgent issues, contact the Lumen Security Operations Center (866-254-5210). Learn how to escalate an urgent issue.
- If your service is not yet active, contact our support team using the chat icon in the lower-right corner of your screen (within Control Center).
- If your DDoS Hyper service is active:
- Topics covered on this page:
