Edition Specifications

Service scale

This edition is suitable for small and medium-sized websites that do not have special security requirements.

This edition is suitable for medium-sized enterprise websites or services that are open to the Internet, focus on data security, and have high security requirements.

This edition is suitable for large and medium-sized enterprise websites that have a large service scale or have customized security requirements.

The mode is recommended if you expect frequent service usage changes.

Peak rate of normal service requests

• Service requests: 2,000 QPS
• Support for QPS expansion packages
  • Origin servers deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.
  • Origin servers not deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.
• WAF-to-Server connections: 6,000 per domain name

• Service requests: 5,000 QPS
• Support for QPS expansion packages
  • Origin servers deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.
  • Origin servers not deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.
• WAF-to-Server connections: 6,000 per domain name

• Service requests: 10,000 QPS
• Support for QPS expansion packages
  • Origin servers deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.
  • Origin servers not deployed on Huawei Cloud: Each expansion package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.
• WAF-to-Server connections: 6,000 per domain name

WAF-to-Server connections: 6,000 per domain name

Service bandwidth threshold (Origin servers deployed on Huawei Cloud)

• 100 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.)

• 200 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.)

• 300 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 50 Mbit/s of bandwidth.)

300 Mbit/s

Service bandwidth threshold (Origin servers not deployed on Huawei Cloud)

• 30 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.)

• 50 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.)

• 100 Mbit/s
• Support for QPS expansion packages. (Each package supports up to 1,000 QPS and 20 Mbit/s of bandwidth.)

100 Mbit/s

Number of domain names

• 10
• Support for domain expansion packages. (Each package supports 10 domain names.)

• 50
• Support for domain expansion packages. (Each package supports 10 domain names.)

• 80
• Support for domain expansion packages. (Each package supports 10 domain names.)

200

Back-to-source IP address quantity (the number of back-to-source server IP addresses supported by a protected domain name)

20

50

80

20

Number of supported ports

• Standard ports: two (80 and 443)
• Non-standard ports: any ports listed in Ports Supported by WAF. The number of ports is not limited.

• Standard ports: two (80 and 443)
• Non-standard ports:
  • Any ports listed in Ports Supported by WAF. The number of ports is not limited.
  • To protect ports not listed in Ports Supported by WAF, submit a service ticket to enable it.

• Standard ports: two (80 and 443)
• Non-standard ports:
  • Any ports listed in Ports Supported by WAF. The number of ports is not limited.
  • To protect ports not listed in Ports Supported by WAF, submit a service ticket to enable it.

• Standard ports: two (80 and 443)
• Non-standard ports: any ports listed in Ports Supported by WAF. The number of ports is not limited.

Peak rate of CC attack protection

100,000 QPS

200,000 QPS

1,000,000 QPS

1,000,000 QPS

CC attack prevention rules

20

50

100

200

Precise protection rules

20

50

100

200

Reference table rules

-

50

100

200

IP address blacklist and whitelist rules

• 1,000
• Support for rule expansion packages. Each package supports 10 IP address blacklist and whitelist rules.

• 2,000
• Support for rule expansion packages. Each package supports 10 IP address blacklist and whitelist rules.

• 5,000
• Support for rule expansion packages. Each package supports 10 IP address blacklist and whitelist rules.

200

Geolocation access control rules

-

50

100

200

Web tamper protection rules

20

50

100

200

Website anti-crawler protection

-

50

100

200

Information leakage prevention rules

-

50

100

200

Global protection whitelist rules

1,000

1,000

1,000

2,000

Data masking rules

20

50

100

200

Security report templates

5

10

20

-

How WAF counts protected domain names:

• The number of domain names is the total number of top-level domain names (for example, example.com), single domain names/second-level domains (for example, www.example.com), and wildcard domain names (for example, *.example.com).
• Each combination of a domain name and a port is counted towards the domain name quota of the WAF edition you are using. For example, www.example.com:8080 and www.example.com:8081 are counted towards your quota as two distinct domain names.
• You can upload as many certificates in WAF as the number of domain names your WAF instances can protect within the same account. For example, if you buy a standard edition WAF instance, which can protect 10 domain names, a dedicated WAF instance, which can protect 2,000 domain names, and a domain name expansion package (20 domain names), your WAF instances can protect a total of 2,030 domain names (2,000 + 20 +10). In this case, you can upload 2,030 certificates.