Help Center/ Anti-DDoS/ User Guide (Ankara Region)/ Configuring an Anti-DDoS Protection Policy
Updated on 2024-04-15 GMT+08:00
View PDF

Configuring an Anti-DDoS Protection Policy

Scenarios

You can adjust your Anti-DDoS protection policy after Anti-DDoS is enabled.

Prerequisites

You have obtained credentials for logging in to the management console.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click the Public IP Addresses tab, locate the row that contains the IP address for which you want to set protection, and click Set Protection in the Operation column.
  4. In the Set Protection dialog box, modify the parameters. Table 1 describes the parameters.

    Table 1 Parameter description

    Parameter

    Description

    Protection Settings
    • Default: In this mode, Traffic Cleaning Threshold is fixed at 120 Mbps. When the service UDP traffic is greater than 120 Mbps or the TCP traffic is greater than 35,000 pps, traffic scrubbing is triggered and Anti-DDoS will automatically intercept the attack traffic.
    • Manual: In this mode, you can set the value of Traffic Cleaning Threshold based on your service needs.
    NOTE:
    • Mbps = Mbit/s (short for 1,000,000 bit/s). It is a unit of transmission rate and refers to the number of bits transmitted per second.
    • PPS, short for Packets Per Second, is a measure of throughput for network devices. It means the number of packets sent per second.

    Traffic Cleaning Threshold

    Anti-DDoS scrubs traffic when detecting that the incoming traffic of an IP address exceeds the threshold.

    • When Protection Settings is set to Default, the value of Traffic Cleaning Threshold is 120 Mbps by default.
    • When Protection Settings is set to Manual, the value of Traffic Cleaning Threshold can be set based on your service needs. You are advised to set the threshold to a value closest to the purchased bandwidth but not greater than the purchased bandwidth.
    NOTE:

    If service traffic triggers scrubbing, only attack traffic is intercepted. If service traffic does not trigger scrubbing, no traffic is intercepted.

    Set this parameter based on the actual service access traffic. You are advised to set a value closest to, but not exceeding, the purchased bandwidth.

  5. Click OK to save the settings.