Mitigating DDoS Attacks at Layer 7 The document discusses using a global server load balancer (GSLB) to localize and mitigate distributed denial of service (DDoS) attacks at layer 7. A GSLB can direct traffic away from data centers experiencing attacks based on the geographic source of traffic. It can also "sinkhole" traffic from specific regions to unroutable addresses. The GSLB integrates with GeoIP to classify attackers and adapt DNS responses. Business rules are needed to distinguish actual attacks from surges in legitimate traffic. Ongoing work includes improving attack detection and automatic blacklisting of source addresses.