Help Center> Anti-DDoS> Getting Started> How Do I Use Anti-DDoS?
Updated on 2024-05-11 GMT+08:00
View PDF

How Do I Use Anti-DDoS?

  • Cloud Native Anti-DDoS Basic (CNAD Basic) protects public IP addresses from Layer 4 to Layer 7 distributed denial of service (DDoS) attacks and reports alarms immediately when an attack is detected. In addition, CNAD Basic improves the bandwidth utilization to further safeguard user services.
  • CNAD Basic monitors the service traffic from the Internet to elastic public IP addresses (EIPs) to detect attack traffic in real time. It then scrubs attack traffic based on user-configured defense policies without interrupting services. It also generates monitoring reports that provide visibility into the network traffic security.
  • This document provides a quick start guide for CNAD Basic, covering how to view public IP addresses, enable alarm notification, configure service policies, and view monitoring and interception reports.

Step 1: Prepare the Environment

  1. Log in to the management console.
  2. Select a region in the upper part of the page, click in the upper left corner of the page, and choose Compute > Elastic Cloud Server (ECS).
  3. Create an ECS and bind an EIP to it. For details, see section Purchasing an ECS.

    • An EIP must be bound to the ECS so that the ECS can access the Internet.
    • If you have an ECS, you can reuse it without the need to create one again.

Step 2: View EIPs

  1. Click in the upper left corner of the page and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS page is displayed.
  2. On the Public IP Addresses tab page, check whether default protection has been enabled for the public IP address prepared in Step 1: Prepare the Environment.

    Figure 1 Viewing public IP address

Step 3: Enabling Alarm Notifications

  1. Click the Alarm Notifications tab.
  2. Enable the alarm notification function, set the notification topic, and click Apply.

    Figure 2 Setting alarm notifications

    The alarm notification function sends you alarm notifications (by SMS or email) if a DDoS attack is detected.

Step 4: Configuring a DDoS Protection Policy

  1. Click the Public IP Addresses tab, locate the row that contains the target public IP address, and click Set Protection.

    Figure 3 Set Protection

  2. Modify the protection settings as required and click OK.

    Figure 4 Modifying protection settings

    Configure the traffic cleaning threshold based on the actual service access traffic. You are advised to set a value closest to, but not exceeding, the purchased bandwidth.

Step 5: Viewing a Monitoring Report

  1. Click the Public IP Addresses tab, locate the row that contains the target public IP address, and click View Monitoring Report.

    Figure 5 Viewing a monitoring report

    You can view the protection status, traffic details, and attack events of a public IP address within the last 24 hours.

    Figure 6 Monitoring details