Help Center/ Edge Security/ Service Overview/ Service Edition Differences
Updated on 2025-11-04 GMT+08:00
View PDF
Share

Service Edition Differences

Currently, EdgeSec provides the professional and enterprise edition. For details, see Version Description and Functions and Features Supported by Each Version.

Package Selection

Table 1 Package selection

Reference Item

Professional Edition

Enterprise Edition

Applicable to

CDN resources are stolen and no DDoS attack occurs.

There are DDoS attacks or CC attacks with over 1 million of QPS.

Package price

$660 USD/month

$4,500 USD/month

Acceleration area

Global

Global

Supported functions
  • Hosting rule-based protection against the OWASP Top 10 security threats
  • CC attack prevention
  • Precise protection
  • Anti-crawler protection
  • IP address blacklist or whitelist
  • Known attack source
  • Geolocation access control
  • Privacy masking
  • IP intelligence
  • Global protection whitelist

All capabilities of the professional edition and the following additional capabilities:

  • AI-based behavior detection BOT
  • Request feature detection
  • Terabit-level Anti-DDoS
  • The number of security rules is doubled compared with that of the professional edition.

Description

Table 2 describes each version of EdgeSec.

Table 2 Description

Service Scale

Professional Edition

Enterprise Edition

Number of domain names

10

20

CC attack prevention rules

50

100

Precise protection rules

50

100

Reference table rules

50

100

IP address blacklist and whitelist rules

200

1,000

Geolocation access control rules

50

100

Global protection whitelist rules

1,000

1,000

Data masking rules

50

100

Functions Supported by Each Edition

Table 3 lists the security features applicable to each version.

Description:

  • √: The function is included in the current edition.
  • x: The function is not included in the current edition.
Table 3 Security features

Function Template

Professional Edition

Enterprise Edition

Domain expansion package

Adding wildcard domain names

Batch adding domain names to a policy

Protection against common web attacks, such as SQL injections, XSS, remote overflow vulnerabilities, file inclusions, Bash vulnerabilities, remote command execution, directory traversal, sensitive file access, and command/code injections

Updating protection rules against zero-day vulnerabilities to the latest on the cloud and delivering virtual patches in a timely manner

Web shell detection

Deep anti-evasion inspection to identify and block evasion attacks, such as the ones that use homomorphic character obfuscation, command injection with deformed wildcard characters, UTF7, data URI scheme, and other techniques

Inspection of all header fields in the requests

CC attack prevention

Precise protection

Reference table management

IP address whitelist and blacklist and importing of IP addresses/IP address ranges

Allowing or blocking web requests based on the countries that the requests originate from.

Bot protection capabilities
  • Anti-crawler based on known BOT features
  • JavaScript-based anti-crawler
  • Known Bot feature detection
  • Request feature detection
  • BOT behavior AI detection
  • JavaScript-based anti-crawler

Anti-DDoS capability
  • 10 Gbit/s attack defense
  • Protocol-based blocking
  • Region blacklist
  • IP address blacklist or whitelist
  • 1 Tbit/s attack defense

Global protection whitelist rules

Data masking