What Is CNAD?
What Is CNAD?
Cloud Native Anti-DDoS Advanced (CNAD) provides higher DDoS protection capability for cloud services on Huawei Cloud such as Elastic Cloud Server (ECS), Elastic Load Balance (ELB), Web Application Firewall (WAF), and Elastic IP (EIP). CNAD defends against the DDoS attacks targeting the IP addresses on Huawei Cloud and it provides higher protection capabilities for cloud services. With few clicks on the console, you can enjoy always-on DDoS mitigation on Huawei Cloud.
Features
CNAD has the following features:
- Transparent access
You can directly protect public IP addresses on Huawei Cloud without modifying domain name resolution or configuring origin server protection.
- Unlimited protection
Huawei Cloud provides high DDoS mitigation capability based on the network and resource capabilities in the current region. The protection capability provided grows with the improvement of Huawei Cloud's network capabilities.
- Joint protection
Enabling the joint protection will automatically engage AAD for DDoS mitigation.
- IPv4/IPv6 protection
CNAD can protect IP addresses using IPv4 and IPv6 protocols.
- Traffic scrubbing
CNAD scrubs traffic when detecting that the incoming traffic of an IP address exceeds a certain threshold.
- IP address blacklist or whitelist
You can configure an IP address blacklist or whitelist to block or allow access from specified IP addresses.
- Protocol-based access block
Traffic accessing CNAD is blocked in one click based on the protocol type. For example, if there is no User Datagram Protocol (UDP) traffic, you are advised to disable UDP for CNAD.
Specifications
CNAD supports the CNAD Unlimited Protection Basic, and CNAD Unlimited Protection Advanced. Table 1 lists the service specifications supported by each instance of each edition.
![](https://support.huaweicloud.com/eu/productdesc-aad/public_sys-resources/notice_3.0-en-us.png)
CNAD protection is only available for cloud resources in the same region.
Parameter |
Description |
---|---|
Billing Mode |
Yearly/Monthly |
Protection Level |
Unlimited protection advanced edition and basic edition. |
Resource Location |
Region where the protection resource is located |
IP Version |
|
Protected IP Addresses |
The value ranges from 50 to 500. |
Service Bandwidth |
Clean service bandwidth forwarded to the origin server from the AAD scrubbing center. It is recommended that the service bandwidth be greater than or equal to the egress bandwidth of the origin server. Otherwise, packet loss may occur or services may be affected. The configuration range is as follows:
|
Instance Name |
The name must be 32 or fewer characters in length. The name can contain only letters, digits, underscores (_), and hyphens (-). |
Required Duration |
The unit of the validity period is month or year.
NOTICE:
|
Enterprise Project |
This option is only available when you are logged in using an enterprise account, or when you have enabled enterprise projects. |
Quantity |
Number of CNAD instances to be purchased. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.