Voxility

What Is Voxility?

The DDoS protection industry is dominated by a handful of US-headquartered platforms — Cloudflare (San Francisco), Akamai (Cambridge MA), Imperva (San Mateo) — that built global anycast networks on American capital and American legal jurisdiction. European enterprises using these services get world-class technical performance but route their traffic through infrastructure ultimately subject to the US CLOUD Act, staffed by teams operating under US legal obligations.

Voxility is one of the oldest surviving European exceptions. Founded in Bucharest in 2004 — before "DDoS-as-a-service" existed as a market category, before anycast BGP scrubbing was a standard approach — the company built its network from the ground up in Romania under Silviu Sirbu's leadership. Two decades later, Voxility SRL (CUI 16633718) operates as a RIPE NCC registered Local Internet Registry, appears in RIPE NCC Internet Country Reports as a top-10 upstream provider for Bulgaria, Moldova, and Romania, and records approximately 37.7 million RON in annual revenue with 49 employees.

That origin matters for two reasons. First, it means Voxility has operated through every major DDoS attack generation — from early volumetric floods to today's multi-vector L7 campaigns — and the mitigation platform reflects two decades of production learning rather than a clean-sheet design built to match a competitor's feature matrix. Second, Romanian and EU jurisdiction means the company has never had to navigate US government data demands, making it structurally different from the large American platforms even when those platforms host European data in European data centres.

Key Features

Always-On L3–L7 DDoS Mitigation

Voxility's mitigation model is network-first. Traffic enters the Voxility anycast network and passes through scrubbing PoPs before reaching customer infrastructure. Detection is automated: when attack traffic is identified, BGP rerouting activates within seconds, diverting the affected IP or prefix to mitigation infrastructure without requiring manual intervention.

Coverage extends from L3 (volumetric UDP floods, ICMP floods, IP fragmentation attacks) through L4 (SYN floods, TCP state exhaustion) to L7 (HTTP/HTTPS application-layer attacks, DNS query floods). This breadth matters because modern DDoS campaigns are typically multi-vector — combining a volumetric flood to saturate upstream links with an application-layer attack to exhaust server resources simultaneously.

Anti-DDoS Tunnel for Networks

For organisations with existing infrastructure that want DDoS protection without migrating servers, Voxility offers GRE tunnel-based protection. Customer prefixes are announced via BGP through Voxility's network, traffic is scrubbed at Voxility PoPs, and clean traffic is delivered back through the tunnel. This model lets network operators add Voxility mitigation as an overlay on top of their existing hosting, without changing server locations or network architecture.

Secure Uplink with IP Transit

Voxility's IP transit product includes DDoS protection by design. Rather than selling raw transit capacity and charging separately for mitigation, Voxility's Secure Uplink delivers clean traffic to customer edges as the baseline service. For organisations purchasing IP transit, this means DDoS filtering is structural — there is no unprotected transit path that an attacker could exploit before scrubbing activates.

Anycast CDN and Hosting Integration

Beyond pure mitigation, Voxility operates an anycast CDN integrated with its DDoS protection, and offers dedicated server hosting in its Bucharest data centre with built-in DDoS protection at no extra charge. The integration means organisations can use Voxility as a single-vendor provider for hosting infrastructure, network transit, CDN, and DDoS protection — all under one Romanian jurisdiction contract.

RIPE NCC LIR Membership

Voxility's status as a RIPE NCC registered Local Internet Registry is operationally significant. LIR members manage their own IP address space allocations directly from RIPE NCC, rather than receiving addresses as a downstream allocation from another provider. This gives Voxility direct control over the routing and management of its network, independent of upstream provider policies. For enterprise customers, it means Voxility's IP addresses carry EU provenance from the regional internet registry — no US or non-EU entity is in the allocation chain.

Pricing

All Voxility services are custom-priced. There is no self-service sign-up, no publicly listed monthly rate, and no free trial. Anti-DDoS Tunnel for Networks, Secure Uplink, and dedicated server products are all quoted on request based on prefix size, bandwidth commitment, and specific mitigation requirements.

Published market data indicates Anti-DDoS Tunnel pricing in the range of $526–$1,989/month for network-level mitigation, and Secure Uplink products starting around $468/month for clean IP transit, though these figures reflect specific configurations and may not represent current quotes. Dedicated servers with included DDoS protection are separately priced based on specification.

For teams accustomed to Cloudflare's self-service pricing page or OVHcloud's instant server configurator, Voxility's sales-led process will feel opaque. That is the standard model for specialist network infrastructure providers serving enterprise and carrier customers — it reflects the customisation of network-level services rather than an attempt to obscure costs.

EU Compliance & Privacy

Voxility's EU compliance positioning is built on infrastructure and legal structure, not marketing language.

The company is incorporated in Romania — an EU member state — as Voxility SRL, subject to Romanian data protection law (which mirrors EU GDPR) and EU law generally. The RIPE NCC LIR membership places Voxility under European internet governance for IP address management. Traffic processed by Voxility scrubbing infrastructure stays within the company's EU-operated network; there is no US data centre in the mitigation path, and no US corporate parent that could be served with CLOUD Act data demands.

For industries with strict EU data localisation requirements — financial services regulated under DORA, healthcare under GDPR Article 9 special categories, public sector under national security classifications — Voxility's structural EU positioning is not replicable by US-headquartered DDoS providers even when those providers operate EU edge nodes.

Who It's Best For

Eastern European enterprises and carriers for whom Voxility's top-10 upstream provider status in Bulgaria, Moldova, and Romania translates into genuinely superior network proximity and transit relationships.

Organisations requiring BGP-based network-level DDoS protection for entire IP prefixes — hosting companies, telecoms, financial institutions — rather than application-level protection for individual websites.

Teams seeking a single-vendor EU solution for hosting infrastructure + IP transit + DDoS protection under a single Romanian-jurisdiction contract.

If the priority is network-level DDoS protection, EU data sovereignty, and a 20-year Romanian track record, choose Voxility. If the priority is a self-service managed WAF with global CDN performance and a free tier, choose Cloudflare or another hyperscale platform instead. If east-European internet connectivity and direct RIPE NCC membership are not relevant to the threat model, Voxility's PoP footprint may be smaller than alternatives.

The Verdict

Voxility is not a startup story or a cloud-native rebrand — it is a two-decade-old Romanian network infrastructure company that built a real anycast network from Bucharest long before EU data sovereignty became a procurement criterion. The RIPE NCC LIR status, top-10 upstream provider rankings in three Eastern European countries, and Romanian jurisdiction combine to make it one of the few genuine EU-native DDoS mitigation options at network-infrastructure scale. For Eastern European carriers, hosting providers, and enterprises with BGP-based mitigation requirements, the track record and EU lineage are serious differentiators. The sales-led process and single-region PoP concentration are real trade-offs worth evaluating against alternatives.

Frequently Asked Questions

Is Voxility a RIPE NCC member?

Yes. Voxility SRL is a registered RIPE NCC Local Internet Registry (LIR), which means the company manages its own IP address allocations directly from RIPE NCC under European internet governance. LIR status is operationally significant: Voxility's IP address space carries direct RIPE NCC provenance, the company controls its own routing policies independently of upstream providers, and the registration demonstrates a level of network maturity that distinguishes infrastructure providers from resellers. LIR membership details are publicly accessible in the RIPE NCC database.

Is Voxility GDPR compliant?

Voxility SRL is a Romanian company subject to EU GDPR and Romanian data protection law. Infrastructure is EU-hosted with no US parent company or US data centre in the traffic path. RIPE NCC LIR status places the company under European internet governance for IP address management. The combination of Romanian corporate structure, EU-only network, and RIPE NCC membership provides structural GDPR alignment. Voxility does not have a US CLOUD Act exposure through a US parent entity.

How does Voxility compare to Cloudflare for DDoS protection?

Cloudflare operates a global anycast network covering 300+ cities with transparent self-service pricing, a free tier, and extensive application-layer features including WAF, Bot Management, and API protection. Voxility is a specialist EU network infrastructure provider with deep BGP and transit expertise, strong Eastern European PoP presence, and Romanian jurisdiction. Cloudflare is a better fit for teams needing a self-service managed WAF and global CDN with minimal network expertise. Voxility suits carriers, hosting providers, and enterprises needing BGP-based network-level mitigation, IP transit with built-in DDoS protection, or single-vendor EU infrastructure under Romanian jurisdiction.

Does Voxility offer a free trial?

No. Voxility does not offer a free trial, a free tier, or self-service onboarding. All services are custom-quoted via the Bucharest sales team after a technical requirements discussion. For teams evaluating Voxility, the initial engagement involves describing network topology, IP prefix requirements, expected traffic volumes, and mitigation SLA expectations. Voxility's dedicated server hosting products, which include DDoS protection at no extra charge, may represent a lower-commitment entry point than a standalone mitigation contract.

What DDoS attack types does Voxility protect against?

Voxility's multi-layer mitigation covers L3 volumetric attacks (UDP floods, ICMP floods, DNS amplification, NTP amplification), L4 protocol attacks (SYN floods, TCP state exhaustion, fragmented packet attacks), and L7 application-layer attacks (HTTP/HTTPS floods, DNS query floods, game server attacks). Detection is automated with BGP-based rerouting to scrubbing infrastructure activated within seconds of attack onset. Both network-level clients (BGP/GRE tunnel) and CDN/web application clients can be protected, with the applicable layer coverage depending on the service type contracted.