Use Cases
Kernloom protects public and internal services from L3/L4 patterns that cause state exhaustion, CPU spikes, and unpredictable latency — especially the “noisy traffic” that doesn’t look like a classic volumetric DDoS.
1) Ingress & API gateway protection
Problem: Gateways melt down under scans, churn, retries, and bursty clients.
Kernloom helps by: washing L3/L4 noise before it turns into connection/CPU pressure.
Success metrics:
- lower gateway CPU
- fewer connection spikes
- stable p95/p99 latency
2) Internal service shielding (east-west)
Problem: noisy integrations, misconfig storms, lateral scan patterns.
Kernloom helps by: limiting abusive patterns early without needing payload inspection.
3) State exhaustion defense
Problem: attacks targeting state (SYN bursts, churn, low-rate burn).
Kernloom helps by: detecting anomalies and applying progressive enforcement.
4) NAT-safe enforcement
Problem: hard blocking can harm legitimate users behind shared IPs.
Kernloom helps by: soft limiting first, escalating only on persistent non-compliance.
5) Offload L7 components (WAF / proxies)
Problem: L7 tools spend resources on junk that isn’t meaningful inspection.
Kernloom helps by: removing noisy traffic early so L7 can focus on real threats.
6) Protect fragile & legacy backends
Problem: critical systems you can’t scale or change quickly.
Kernloom helps by: reducing incident frequency and keeping services responsive.