If DDoS attackers increase attack traffic and consume the total outbound bandwidth of the data center, any firewall is equivalent to a firewall. No matter how powerful the firewall is, the outgoing bandwidth has been exhausted, and the entire IDC seems to be in a disconnected state, just like a door already crowded with people, no matter how many guards you have arranged in the door for inspection is useless, people outside are still unable to get in, but most of today's attacks are for commercial purposes and are prone to G-level attacks. Some data centers do not have sufficient bandwidth, A large-volume attack must have caused a large disconnection of the entire data center. Although the firewall detects the attack, it can only filter out the illegal data packets to protect internal network devices and servers from being damaged, however, the disconnection is caused by insufficient total bandwidth of the data center, so using a good firewall will not help.
Therefore, even if many data centers claim to adopt good hardware firewalls, they can defend against high-traffic attacks. However, if your servers are under heavy-traffic attacks, the data center will not dare to let you in, because it will affect the normal access of other servers, and there is not much charge for hosting a server. To make such a small business and cause great trouble, the operator will certainly feel that it is not cost-effective, the worst thing is that the network administrators of those data centers have to block IP addresses in disorder.