Skip to main content
Goline Logo
Goline It Services Logo

Home

About Us

Services

Solutions

Systems Architecture

Support

FAQ

News

  • GOLINE SA Announces Strategic Partnership with NetApp November 7th, 2025
    GOLINE SA is excited to announce a new partnership with NetApp, a global leader in cloud data services and storage solutions. This collaboration aims to help organizations modernize their IT infrastructure, streamline data management, and enhance performance across cloud and hybrid environments. Modern Data Solutions for Businesses Through this partnership, GOLINE integrates advanced data management solutions, enabling businesses to securely store, manage, and access critical information across cloud, on-premises, or hybrid setups. Clients can benefit from: Flexible and scalable storage solutions to meet growing data needs Simplified management of cloud and on-premises environments Enterprise-grade security for sensitive and mission-critical data...
  • GOLINE SA Announces Partnership with Omnissa November 7th, 2025
    GOLINE SA is proud to announce a new strategic partnership with Omnissa, a global leader in digital workspace platforms and Horizon Cloud Service solutions. This collaboration marks a significant step forward in helping organizations embrace secure, flexible, and high-performance work environments. Why Choose Omnissa for Your Business? The platform enables virtual desktops, applications, and unified endpoint management. Organizations can deploy scalable workspaces across cloud, hybrid, or on-premises setups. Key benefits include: Easy access to desktops and apps on any device Centralized management for Windows, macOS, iOS, Android, and ChromeOS Strong security with access controls and multi-factor authentication Automated scaling to...
  • GOLINE SA partners with Cloudflare November 6th, 2025
    Goline is proud to announce a strategic partnership with Cloudflare, the world leader in web performance and security solutions. This collaboration aims to provide goline.ch customers with state-of-the-art protection against cyber threats while delivering lightning-fast website performance. Through this partnership, Goline integrates Cloudflare’s advanced services, including DDoS protection, CDN caching, DNS security, and edge computing, allowing businesses to secure and optimize their websites effortlessly. Users will benefit from improved page load speed, enhanced reliability, and robust defense against malicious attacks. This partnership with Cloudflare enables goline to offer unmatched security and performance solutions to clients. By leveraging Cloudflare’s cutting-edge technology,...

RoutePulse — AI-Powered Threat Mitigation & Blackholing

  1. RoutePulse — BGP Analytics & Security Intelligence

\n

\n

Back to RoutePulse Overview

\n
\n RoutePulse — AI-Powered Threat Mitigation, RTBH & Cloudflare Magic Transit \n
\n
\n

AI-Powered Threat Mitigation, RTBH & Cloudflare Magic Transit

\n

When a volumetric attack hits your network, every second counts. RoutePulse delivers fully autonomous threat mitigation that takes your infrastructure from alert to blackhole in under 3 seconds — eliminating the manual intervention bottleneck that leaves most NOC teams scrambling during peak incidents. With progressive ban escalation spanning 7 to 365 days, repeat offenders are dealt with increasingly aggressively, while a 48-hour observation window ensures legitimate traffic is never permanently impacted. The result is a mitigation framework that protects revenue-critical services around the clock without operator fatigue.

\n

At the core of the system, AI verdicts — NEUTRALIZE, OBSERVE, or SAFE — are computed against 7-day flow profiles for every flagged source. Blackhole routes are injected via persistent SSH RouterShell sessions on Juniper MX and Huawei NetEngine routers, capable of bulk-injecting 102 prefixes in approximately 7 seconds (down from 10 minutes using 204 separate SSH sessions). Cloud ASN protection gates for Google, Cloudflare, AWS, Meta, Akamai, Microsoft, and Apple require a threat score of 60 or higher before a NEUTRALIZE verdict is issued, and known research scanners such as Censys, Shodan, and BinaryEdge are excluded from auto-blackhole entirely. All SSH credentials are secured with AES-256-GCM encryption, and auto-reconciliation cycles every 2-3 minutes verify that active blackholes on the actual routers match the intended state. Dual-stack enforcement guarantees IPv4 /32 and IPv6 /128 minimum prefix lengths, and rich Telegram notifications keep your team informed of every inject, withdraw, and expiry event in real time.

\n
\n
\n
<3s
\n
Single Inject
\n
\n
\n
7→365d
\n
Progressive Bans
\n
\n
\n
102
\n
Prefixes in 7s
\n
\n
\n
24/7
\n
AI Verdicts
\n
\n
\n

RTBH Blackhole Management (IPv4/IPv6)

Dedicated RTBH management page for Remote Triggered Black Hole routing. Inject and withdraw IPv4 (/32, /24) and IPv6 (/128) blackhole routes on upstream routers via persistent SSH sessions. BGP community 65535:666 signals upstream transit providers. Split IPv4/IPv6 active view, router route verification via live SSH query, and full audit trail for every operation.

☁️ Cloudflare Magic Transit Integration

On-demand DDoS protection integrated natively into RoutePulse, replacing 4 separate Python daemons with a single TypeScript service. Webhook endpoint receives 11 Cloudflare alert types in real time (L3/L4 DDoS, MNM auto-advertisement, tunnel health, BGP hijack). Advertise/withdraw 5 on-demand prefixes (4 IPv4 + 1 IPv6) with auto-withdraw after a 15-minute calm period. 124 searchable DDoS L3/L4 rules with 70 service presets and wirefilter editor. GRE/IPsec tunnel monitoring, CNI V2 Equinix ZH4 interconnect status, and 14 static routes with priority-based failover.

Key Capabilities

\n
    \n
  • AI-driven blackhole route injection via persistent SSH RouterShell on Juniper MX and Huawei NetEngine routers
    • \n
  • Progressive ban escalation: 7 days, 14 days, 28 days, and 365 days with a 48-hour observation window between cycles
    • \n
  • Three AI verdict classifications — NEUTRALIZE (blackhole), OBSERVE (monitor), SAFE (clear) — computed from 7-day flow profiles
    • \n
  • Cloud ASN protection gates for Google, Cloudflare, AWS, Meta, Akamai, Microsoft, and Apple requiring threat score of 60 or higher
    • \n
  • Research scanner exclusion list covering Censys, Shodan, BinaryEdge, and other legitimate scanning services
    • \n
  • Bulk injection performance: 102 prefixes in ~7 seconds, single inject in ~3 seconds, 5 sequential operations in ~15 seconds with zero rate-limit risk
    • \n
  • Auto-reconciliation every 2-3 minutes verifies active blackholes match intended state on live routers
    • \n
  • Dual-stack enforcement with IPv4 /32 and IPv6 /128 minimum prefix lengths
    • \n
  • Full detection-to-mitigation cycle typically completes in ~18 seconds end to end
    • \n
  • PIN authentication required for all manual blackhole operations
    • \n
  • AES-256-GCM encrypted SSH credential storage for router access
    • \n
  • Rich Telegram notifications for every inject, withdraw, and expiry event with strike-system tracking for repeat offenders
  • RTBH management: inject/withdraw IPv4 /32+/24 and IPv6 /128 routes with BGP community 65535:666 upstream signaling via persistent SSH
  • Cloudflare Magic Transit: 11 alert types, on-demand prefix advertisement/withdrawal, auto-withdraw after 15-minute calm period
  • 124 DDoS L3/L4 managed rules with 70 service presets (Web, VPN, VoIP, Gaming, Industrial/IoT) and wirefilter editor
  • GRE/IPsec tunnel health monitoring, CNI V2 Equinix ZH4 10G interconnect, 14 static routes with priority failover
    • \n
\n
\n \n
\n

Engineered and operated by the GOLINE SOC & Network Engineering team.

\n Explore all RoutePulse features →\n
\n
\n\n
65 / 100 SEO Score