Russian cybersecurity firm Servicepipe has completed testing of Kraftway’s Rubezh-T servers to develop a fully domestic Anti-DDoS Hardware-Software Complex (PAK). The solution, branded as DosGate, achieves 400 Gbps/400 Mpps throughput and targets L3–L7 attacks through adaptive filtering algorithms. This partnership aligns with Russia’s import substitution initiatives, particularly for critical infrastructure protection1.
Technical Specifications and Capabilities
The DosGate system combines Kraftway’s hardware reliability with Servicepipe’s traffic analysis expertise. Key features include real-time AI-driven traffic filtering, customizable thresholds to reduce false positives, and 24/7 monitoring dashboards. Kraftway’s Rubezh-T servers underwent rigorous testing in Servicepipe’s lab, including simulated attacks mimicking HTTP/2 Rapid Reset and ICMP flood techniques2.
Servicepipe’s solution integrates with existing infrastructure through a compatibility matrix currently under development. This matrix will optimize performance for other domestic hardware vendors, addressing post-2022 sanctions challenges. The system’s 400 Gbps capacity positions it competitively against international alternatives like Cloudflare (10 Tbps) and Qrator Labs (3 Tbps)3.
Implementation and Use Cases
Servicepipe has already deployed similar solutions for clients like Frank Media, blocking 1.2 million bot requests daily. The DosGate PAK is designed for:
- Energy sector operators (40% growth in DDoS protection demand reported in 2023)
- Government networks where Kraftway has been a trusted vendor since 1993
- Media companies facing application-layer (L7) attacks
“Our lab’s threat simulations ensure DosGate adapts to evolving attack vectors,” stated Mikhail Khlebunov of Servicepipe during testing2.
Comparative Analysis
| Solution | Capacity | Key Differentiator |
|---|---|---|
| DosGate (Servicepipe/Kraftway) | 400 Gbps | Domestic hardware integration |
| Cloudflare | 10 Tbps | Global CDN infrastructure |
| StormWall | 4.5 Tbps | CMS-specific protection rules |
Security Implications
The collaboration addresses two critical needs in the Russian cybersecurity landscape: reducing dependency on foreign hardware and providing state-aligned solutions for critical infrastructure. Testing included:
- Behavioral analysis for AI-driven attacks
- Hardware stress tests under sustained 400 Gbps loads
- Validation against 15 attack vectors documented in CIS benchmarks
For network defenders, the solution offers granular traffic filtering controls. Example Nginx configurations for smaller-scale DDoS mitigation demonstrate the technical approach4:
http {
limit_req_zone $binary_remote_addr zone=ddos:10m rate=10r/s;
server {
location / {
limit_req zone=ddos burst=20 nodelay;
}
}
}Future Developments
Servicepipe plans to expand the compatibility matrix to include other Russian hardware vendors by Q3 2025. The company is also developing mobile DDoS mitigation guidelines, recommending VPN solutions like Kaspersky Secure Connection for endpoint protection5.
This partnership represents a strategic shift in Russia’s cybersecurity posture, combining domestic hardware production with specialized software development. The technical specifications and testing methodologies provide a blueprint for other import substitution initiatives in the sector.
References
- “Servicepipe and Kraftway partnership details”, NBJ.ru, 2025.
- “Servicepipe tests Kraftway servers for DDoS protection system”, DSMedia.pro, 2025.
- “Technical analysis of Servicepipe’s DosGate solution”, CISOCLUB, 2025.
- “Nginx configuration for DDoS protection”, FirstVDS, 2025.
- “Servicepipe solutions protect Frank Media”, Connect-WIT, 2025.
