aurologic

What Is aurologic?

Every German enterprise operating a public-facing web service faces the same threat reality as enterprises everywhere else: DDoS attacks are inexpensive to launch, increasingly volumetric, and indiscriminate in target selection. The difference for German organisations is the compliance context. Under GDPR and the German BDSG (Bundesdatenschutzgesetz), the infrastructure handling that traffic — including DDoS scrubbing centres — is subject to German data protection obligations. Routing attack traffic through a US-operated scrubbing centre to satisfy a DDoS mitigation contract creates a data transfer with compliance implications that many German legal teams would prefer to avoid.

aurologic GmbH was built to address exactly this problem from Frankfurt soil. The company traces its roots to combahton GmbH, a German hosting and DDoS protection provider that began operations around 2012 under the same leadership and in the same Langen facility. In October–November 2023, combahton GmbH formally transitioned to the aurologic brand, retaining its ASN (AS30823), infrastructure, and managing director Joseph Maximilian Hofmann. The rebrand moved the company from the combahton.net and fastpipe.io identities to aurologic.com — same team, same data centre, new name.

The core value proposition has remained consistent through the rebrand: DDoS protection with 3,200 Gbps of in-house scrubbing capacity, included free of charge with all hosting products, operated from a Frankfurt-area data centre under German jurisdiction.

Key Features

3,200 Gbps Multi-Stage DDoS Protection

aurologic's headline specification is its in-house DDoS scrubbing capacity: 3,200 Gbps (3.2 Tbps) of mitigation capacity operated from Tornado Datacenter FFM1 in Langen. For context, this is a high figure for a boutique European provider — well above the typical 1 Tbps capacity cited by many mid-tier hosting providers. For attacks exceeding in-house capacity, aurologic automatically routes overflow traffic to upstream carrier-level filtering, adding a second mitigation layer.

The protection operates across L3–L7: volumetric flood mitigation at the network layer, protocol attack filtering at L4, and application-layer inspection for HTTP/HTTPS and game server traffic at L7. The multi-stage model means large volumetric attacks are absorbed at upstream carriers while sophisticated application-layer attacks are handled at the aurologic scrubbing platform with lower latency.

Configurable Mitigation Rules

A differentiator in aurologic's offering is the degree of customer control over mitigation behaviour. Detection thresholds and filtration rules are configurable via a web interface or REST API, without raising a support ticket for each adjustment. This matters for operators running applications with unusual traffic patterns — gaming servers with legitimate high-bandwidth UDP traffic, APIs with bursty legitimate request rates — where rigid default mitigation rules would produce false positives and filter legitimate traffic.

DDoS Included with All Hosting Products

For organisations hosting with aurologic, DDoS protection is bundled at no additional charge across cloud servers, dedicated servers, and co-location products. There is no separate mitigation contract, no per-gigabit overage charge for DDoS traffic, and no protection threshold that triggers extra billing. This all-inclusive model simplifies budgeting for hosting customers and eliminates the cost-complexity of layering a separate DDoS service on top of infrastructure hosting.

Remote Protection for External Infrastructure

For organisations with infrastructure hosted elsewhere that want aurologic's mitigation without migrating servers, the Remote DDoS Protection service offers BGP-based rerouting through aurologic's scrubbing platform. Customer prefixes are announced via BGP through aurologic's network, traffic is cleaned, and legitimate traffic is delivered to customer infrastructure via tunnel. This is the same technical model as Voxility's Anti-DDoS Tunnel and similar services from other providers — aurologic's differentiation is the German jurisdiction and 3,200 Gbps in-house capacity.

Tornado Datacenter Frankfurt

aurologic's facility, Tornado Datacenter FFM1, sits in Langen — approximately 20 kilometres south of Frankfurt city centre. Frankfurt is one of Europe's most important internet exchange hubs; the FFM1 facility has diverse dark-fibre connectivity to Equinix FR7 and Digital Realty FRA16, providing access to DE-CIX (Deutsche Commercial Internet Exchange, the world's largest by throughput) and other Frankfurt peering infrastructure. For German-market customers, Frankfurt proximity means low latency and direct access to the dominant European internet exchange ecosystem.

Pricing

aurologic's pricing follows the enterprise infrastructure model: no publicly posted rates, custom quotes based on specifications. Dedicated servers and cloud servers are listed in the portal with defined configurations, but exact pricing requires either portal login or direct sales engagement. DDoS protection itself is not separately priced for hosting customers — it is included.

For Remote DDoS Protection and Managed Appliance services protecting externally hosted infrastructure, pricing is custom-quoted based on prefix size, bandwidth commitment, and required SLA. IP transit pricing for network customers has been published at rates including 0.60 EUR per TB or 0.20 EUR per Mbps (95th percentile), with flat-rate options for higher-bandwidth commitments. These indicative rates may not reflect current quotes.

For teams comparing aurologic to cloud-native DDoS services with self-service dashboards and published tier pricing, the engagement model will feel more heavyweight. That reflects the nature of enterprise network infrastructure services rather than a competitive disadvantage.

EU Compliance & Privacy

aurologic GmbH's compliance positioning rests on its German corporate structure and Frankfurt physical infrastructure.

The company is incorporated at Amtsgericht Offenbach am Main (HRB 55328), making it a German legal entity subject to German BDSG and EU GDPR. Traffic processed by aurologic's DDoS scrubbing infrastructure is processed in Langen, Germany — not routed through US nodes, not subject to US CLOUD Act jurisdiction, and not governed by a US parent company's data handling policies. For German organisations in regulated sectors — financial services under BaFin oversight, healthcare under GDPR Article 9, public sector procurement — the German jurisdiction provides compliance clarity that US-operated DDoS scrubbing platforms cannot.

One aspect of aurologic's history worth acknowledging: the company (then operating as combahton) appeared in threat intelligence research as infrastructure associated with malicious hosting activity. This is not uncommon for wholesale infrastructure providers — malicious actors abuse shared infrastructure — and is distinct from the company itself engaging in malicious activity. Prospective enterprise customers should conduct their own due diligence on this history as part of supplier qualification.

Who It's Best For

German-market hosting customers wanting DDoS protection included with dedicated server or co-location contracts under German jurisdiction — no separate mitigation service, no additional per-attack fees.

Organisations with Frankfurt network infrastructure looking for IP transit with built-in DDoS protection and direct DE-CIX peering access from a German-law provider.

Teams protecting externally hosted infrastructure in Germany or the EU who want BGP-based mitigation routed through German-jurisdiction scrubbing rather than US-operated alternatives.

If the priority is DDoS protection bundled with German-jurisdiction hosting and 3.2 Tbps in-house scrubbing capacity, choose aurologic. If the priority is a self-service cloud WAF with global CDN performance, a free tier, and transparent pricing, choose Cloudflare or a similar managed service instead. If a global multi-region scrubbing network is required for latency-sensitive traffic outside Germany, aurologic's single Frankfurt facility will be a limitation.

The Verdict

aurologic occupies a specific niche: Frankfurt-based enterprise infrastructure with high-capacity DDoS protection included, operated under German law, by a team with over a decade of production networking experience. The 3,200 Gbps in-house scrubbing capacity is a credible specification for the enterprise market, and the German jurisdiction is a genuine compliance differentiator for BDSG/GDPR-sensitive organisations. The combahton heritage and the lack of self-service pricing are factors that require evaluation. For German hosting customers and network operators who know what they need — BGP transit, Frankfurt colocation, DDoS protection, German law — aurologic delivers it in one package.

Frequently Asked Questions

Is aurologic GDPR and BDSG compliant?

aurologic GmbH is a German company incorporated at Amtsgericht Offenbach am Main. It is subject to both the German Bundesdatenschutzgesetz (BDSG) and EU GDPR. DDoS scrubbing and hosting infrastructure is physically located in Langen, Germany, within the EU. Traffic processed by aurologic does not leave German or EU jurisdiction, and there is no US parent company that could be subject to US CLOUD Act demands for data. For German organisations with regulatory requirements specifying German or EU data processing, aurologic's structure provides the necessary compliance baseline.

Where is aurologic's data centre located?

aurologic's primary facility is Tornado Datacenter FFM1 in Langen, Hesse, Germany — approximately 20 kilometres south of Frankfurt am Main city centre. The facility has diverse dark-fibre connectivity to Equinix FR7 and Digital Realty FRA16, providing access to DE-CIX and Frankfurt internet exchange infrastructure. aurologic does not operate a multi-region DDoS scrubbing network; all mitigation processing occurs at the Langen facility, with overflow filtering at upstream carriers for exceptionally large attacks.

How does aurologic compare to Cloudflare for DDoS protection?

Cloudflare offers a global anycast WAF and DDoS service with self-service onboarding, transparent pricing starting from free, and application-layer features including Bot Management and API Shield. aurologic is a German infrastructure provider with a single Frankfurt facility, 3,200 Gbps in-house scrubbing capacity, and DDoS protection included free with hosting products. Cloudflare is better suited to teams needing a managed web application WAF with global CDN performance and zero infrastructure management. aurologic suits organisations hosting with a German provider, needing BGP-based network-level mitigation, or requiring German-law DDoS processing without US intermediaries.

What is the history behind the aurologic and combahton relationship?

combahton GmbH was a German hosting and DDoS protection provider that began operations around 2012 under Joseph Maximilian Hofmann's leadership from Langen, using ASN AS30823. In October–November 2023, combahton GmbH formally transitioned to aurologic GmbH — retaining the same leadership, data centre (Tornado Datacenter FFM1), ASN, and service portfolio, under a new brand and aurologic.com domain. Some documentation, status pages, and looking-glass infrastructure still reference the combahton identity. Note that threat intelligence reports have referenced combahton-era infrastructure in the context of malicious hosting activity; prospective customers should review this history as part of supplier due diligence.

Does aurologic include DDoS protection free of charge with servers?

Yes. aurologic includes its multi-stage DDoS protection at no extra charge with all cloud server, dedicated server, and co-location products. The protection delivers 3,200 Gbps of in-house L3–L7 scrubbing, with overflow filtering at upstream carriers for larger attacks. There is no DDoS mitigation add-on fee, no per-attack billing, and no traffic threshold above which DDoS protection begins to cost extra. For organisations purchasing hosting from aurologic, the mitigation is structural to the service rather than an optional bolt-on.