- What's New
- Function Overview
- Service Overview
-
Billing
- Billing Overview
- Billing Modes
- Billing Items
- Renewing Subscriptions
- Bills
- Arrears
- Stopping Billing
- Cost Management
-
Billing FAQs
- General FAQs
- Billing FAQs of CNAD Advanced
-
Billing FAQs of AAD
- How Is AAD Billed?
- Why Does My Payment Status Not Update After I Make a Payment?
- Will I Be Charged If I Buy an Elastic Protection Bandwidth and My Elastic IP Address Is Not Attacked for the Whole Month?
- What Happens If the Attack Traffic Exceeds the Elastic Protection Bandwidth?
- Can I Adjust My Elastic Protection Bandwidth From 100 Gbit/s to 200 Gbit/s When I Find 100 Gbit/s Is Insufficient?
- What Is the Charge If My IP Address Is Attacked Many Times a Day?
- How Do I Stop Elastic Protection to Avoid Being Charged for the Elastic Protection Bandwidth?
- How Can I Renew the AAD Service?
- How Can I Unsubscribe from the AAD Service?
- How Should I Automatically Renew AAD?
- Can the Original Configuration Data Be Saved After I Unsubscribe from an AAD Instance?
- How Is the Elastic Bandwidth Charged?
- Getting Started
-
User Guide
-
CNAD Basic (Anti-DDoS) User Guide
- Anti-DDoS Overview
- Using IAM to Grant Anti-DDoS Permissions
- Setting a Traffic Scrubbing Threshold to Intercept Attack Traffic
- Setting DDoS Alarm Notifications
- Enabling DDoS Alarm Notifications
- Enabling Logging
- Adding a Tag to an EIP
- Viewing an EIP Monitoring Report
- Viewing an Interception Report
- Querying Audit Logs
-
CNAD Advanced (CNAD) Operation Guide
- CNAD Overview
- Using IAM to Grant CNAD Permissions
- Purchasing a CNAD Instance
-
Adding a Protection Policy
- Protection Policy Overview
- Configuring a Basic Protection Policy to Intercept Attack Traffic
- Using Watermarks to Defend Against CC Attacks
- Blocking or Permitting Traffic From Specified IP Addresses Using a Blacklist and Whitelist
- Blocking Traffic to a Specified Port
- Blocking Traffic of a Specified Protocol
- Setting a Traffic Handling Policy Based on Fingerprint Features
- Using Advanced Protection Policies to Restrict Abnormal Connections
- Blocking Traffic From Specified Locations
- Adding a Protected Object
- Enabling Alarm Notifications for DDoS Attacks
- Enabling Logging
- Viewing Statistics Reports
- Managing Instances
- Managing Protected Objects
- Viewing Monitoring Metrics
- Querying Audit Logs
-
Advanced Anti-DDoS User Guide
- AAD Overview
- Using IAM to Grant AAD Permissions
- Purchasing an AAD Instance
- Connecting Services to AAD
-
Configuring a Protection Policy
- Protection Policy Overview
- Enabling Basic Web Protection
- Blocking Traffic From Specified Locations
- Blocking Traffic of a Specified Protocol
- Blocking or Allowing Traffic From Specified IP Addresses Using a Blacklist and Whitelist
- Mitigating CC Attacks Using Frequency Control Policies
- Using Intelligent CC Policies to Defend Against CC Attacks
- Enabling Alarm Notifications for DDoS Attacks
- Enabling Logging
- Viewing Statistics
- Managing Instances
- Managing Domain Names
- Certificate Management
- Managing Forwarding Rules
- Viewing Monitoring Metrics
- Querying Audit Logs
- Scheduling Center Quotas
-
CNAD Basic (Anti-DDoS) User Guide
- Best Practices
-
API Reference
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS Management
- Querying the List of Defense Statuses of EIPs
- Querying Optional Anti-DDoS Defense Policies
- Querying Weekly Defense Statistics
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Configured Anti-DDoS Defense Policies
- Anti-DDoS Task Management
- Alarm configuration management
- Default Protection Policy Management
-
Anti-DDoS Management
- Examples
- Appendix
- Out-of-Date APIs
- SDK Reference
-
FAQs
-
General FAQs
- What Are Regions and AZs?
- What Is the Black Hole Policy of HUAWEI CLOUD?
- What are the Relationships Between ADS and Anti-DDoS Traffic Cleaning, CNAD Pro, and AAD?
- What Are the Differences Between Anti-DDoS and Advanced Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Are the Differences Between DDoS Attacks and Challenge Collapsar Attacks?
- What Is the Maximum Protection Capacity Provided by Huawei Cloud Anti-DDoS for Free?
- What Can I Do If an IP Address Is Blocked?
- Does Anti-DDoS Support the Transparent Access Mode?
- Does Anti-DDoS Service Provide SDKs?
- How Do I Migrate Instance Resources in an Enterprise Project?
-
CNAD Basic (Anti-DDoS) FAQs
-
About Anti-DDoS
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Scrubbing Affect Normal Services?
- What Are the Restrictions of Using Anti-DDoS?
- What Is the Protection Capacity of Anti-DDoS?
- What Data Can Be Provided by Anti-DDoS?
- Which Regions Does Anti-DDoS Support?
- What Can Be Protected by Anti-DDoS?
- Can Anti-DDoS Be Used Across Clouds or By Multiple Accounts?
- How to Determine Whether an Attack Occurs?
-
About Basic Functions
- What Would Happen When I Am Under a DDoS Attack Exceeding 500 Mbit/s?
- Which Types of Attacks Does Anti-DDoS Mitigate?
- What Should I Do If My Service Is Frequently Attacked?
- What Is the Difference Between ELB Protection and ECS Protection?
- Why Is the Number of Times of Cleaning Different from the Number of Attacks for the Same Public IP Address?
- Is Anti-DDoS Enabled by Default?
- Does Anti-DDoS Protect a Region or a Single IP Address?
- Do I Need to Release Anti-DDoS Resources When I Delete an Account?
- How Do I View the Traffic Scrubbing Frequency?
- How Can I View Anti-DDoS Protection Statistics?
- How Can I View the Monitoring Data of a Public IP Address in Anti-DDoS?
- How Can I View an Interception Report?
- Can I Disable Anti-DDoS Completely?
- How Do I Check Whether the Inbound Traffics Are Routed Through Anti-DDoS Devices?
- About Threshold and Black Hole
- About Alarm Notification
- About Service Faults
-
About Anti-DDoS
-
CNAD Advanced FAQs
-
Function Consulting
- What Is Unlimited Protection?
- Can CNAD Advanced Protect Non-Huawei Cloud and On-Premises IP Addresses?
- Does CNAD Advanced Protect IPv6 Addresses?
- What Do I Do If an IP Address Protected by CNAD Advanced Is Blocked?
- What Are the Protection Objects of CNAD Advanced?
- How Many Layers of Attacks Can CNAD Advanced Defend Against?
- How Long Does It Take to Switch Traffic from CNAD Advanced Back to AAD?
- Can CNAD Advanced Be Used Across Regions?
- What Is A Dedicated EIP?
- Billing
-
Function Consulting
-
AAD FAQs
-
Function Specifications
- What Service Ports Does AAD Support?
- What Forwarding Protocols Does AAD Support?
- Can I Change My Protection Bandwidths?
- Can an AAD Origin Server Use a CDN CNAME?
- What Is the Maximum Protection Capability When I Purchase 10 Gbit/s as the Basic Protection Bandwidth and 20 Gbit/s as the Elastic Protection Bandwidth?
- Does AAD Use a Public IP Address to Switch Traffic Back to Origin Servers?
- What Is the Maximum Number of Domain Names AAD Can Protect?
- How Much Additional Latency Will Be Incurred When AAD Is Deployed?
- Is There a Limit to the Number of Concurrent Requests?
- How Do I Disable Advanced Anti-DDoS?
-
Access Configuration
- Can I Connect My Service System to AAD If It Is Not Running on HUAWEI CLOUD?
- How Do I Check Whether a Protected Domain Name Is Correctly Configured After I Connect It to AAD?
- What Can I Do When Message "Invalid request" Is Displayed When I Upload an HTTPS/WebSockets Certificate?
- How Do I Convert a Non-PEM Certificate into a PEM One?
- How Do I Enable Both AAD and WAF?
- How Do I Connect My Service System to AAD?
- How Is CNAME-based Access Implemented?
- How Does AAD Distribute Traffic When There Are Multiple Origin Servers?
- How Do I Check Whether a Back-to-Origin IP Address Has Been Whitelisted on My Origin Server?
- How Do I Change the Exposed IP Address of an Origin Server?
- How Do I Query the Back-to-Origin IP Address Range?
- Can I Migrate Enterprise Project Resources After Adding the Protected Domain Name?
- Can I Build My Own Anti-DDoS System Using HUAWEI CLOUD ECSs?
- How Do the AAD Blacklist and Whitelist Protect Customer's Servers?
- Do I Still Need to Configure the Blacklist and Whitelist in WAF Protection Policies After Configuring Them in DDoS Protection Policies?
- How Do I Use a Domain Name to Access Both IPv4 and IPv6 Services?
- What Should I Do If I Receive a Message Stating That the Domain Name Already Exists When Trying to Connect?
-
Faults
- What Should I Do When Encountering an Access Freezing, Delay, or Failure?
- Why Is Error 504 Displayed When I Access a Website After AAD Is Configured?
- How Do I Identify the Type of Attacks?
- What Should I Do If Error 500, 502, or 504 Is Reported When I Access My Website After I Enable Basic Web Protection for My Domain Name?
- What Can I Do If I Failed to Configure a Forwarding Rule?
- What Can I Do If My UDP Traffic Is Blocked?
- How Do I Unblock the Access That Has Been Automatically Blocked Due to the Threshold-Overtopped Attack Traffic?
- Why Can't I Specify Certain Ports When Configuring the Forwarding Rule?
- Error Message "Received fatal alert" Is Displayed After a Domain Name Is Bound to AAD
-
Product
- What Is a Protected IP Address?
- Does AAD Support Weighted Back-to-Origin?
- Can AAD Be Used Across Regions?
- What Is a CNAME Record?
- What is BGP?
- What Is the Origin Server Port of AAD?
- What Is the Origin Server IP Address?
- What Website IP Addresses Is Protected by AAD?
- What Is Service Bandwidth?
- What Is a Forwarding Protocol?
- Are Services Interrupted When They Are Being Connected to AAD?
- Can a Domain Name Be Bound to Multiple AAD Instances?
- Why Does the High-Defense IP Address Actually Receive Access Requests from a Client After AAD Is Deployed?
- Why Does the Attack Traffic Volume Increase After AAD Is Deployed?
- Will the Origin Server Be Exposed When the Attack Traffic Volume Increases After AAD Is Deployed?
- How Does AAD Protect Origin Server IP Addresses?
- Does AAD Support Two-Way SSL Authentication?
- Can I Modify or Delete the Certificates Uploaded to AAD?
- What Will Happen If My Service Traffic Exceeds the Configured Service Bandwidth?
- Is Advanced Anti-DDoS Software or Hardware?
- Does AAD Support IPv6 Protection?
- Why Is the Traffic of AAD Inconsistent with That of ELB?
-
Fees
- How Is AAD Billed?
- Why Does My Payment Status Not Update After I Make a Payment?
- Will I Be Charged If I Buy an Elastic Protection Bandwidth and My Elastic IP Address Is Not Attacked for the Whole Month?
- What Happens If the Attack Traffic Exceeds the Elastic Protection Bandwidth?
- Can I Adjust My Elastic Protection Bandwidth From 100 Gbit/s to 200 Gbit/s When I Find 100 Gbit/s Is Insufficient?
- What Is the Charge If My IP Address Is Attacked Many Times a Day?
- How Do I Stop Elastic Protection to Avoid Being Charged for the Elastic Protection Bandwidth?
- How Can I Renew the AAD Service?
- How Can I Unsubscribe from the AAD Service?
- How Should I Automatically Renew AAD?
- Can the Original Configuration Data Be Saved After I Unsubscribe from an AAD Instance?
- How Is the Elastic Bandwidth Charged?
-
Function Specifications
-
General FAQs
- Videos
-
More Documents
-
User Guide (Ankara Region)
- Service Overview
- Enabling Anti-DDoS
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS APIs
- Querying Optional Anti-DDoS Defense Policies
- Enabling Anti-DDoS
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying Anti-DDoS Tasks
- Querying the List of Defense Statuses of EIPs
- Querying the Defense Status of a Specified EIP
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Weekly Defense Statistics
- Alarm Reminding APIs
-
Anti-DDoS APIs
- Appendix
- Change History
-
User Guide (Ankara Region)
- General Reference
Copied.
Using CNAD Basic for Free
If you have purchased Huawei Cloud EIPs, you can use CNAD Basic for free.
CNAD Basic offers EIPs Layer 4 protection against DDoS attacks and real-time alarm notifications, enhancing bandwidth utilization and ensuring the stable operation of user services.
CNAD Basic monitors the service traffic from the Internet to elastic public IP addresses (EIPs) to detect attack traffic in real time. It then scrubs attack traffic based on user-configured defense policies without interrupting services. It also generates monitoring reports that provide visibility into the network traffic security.
CNAD Basic automatically activates protection for EIPs on Huawei Cloud. You can simply configure alarm notifications and protection policies to access the protection features of CNAD Basic.
Procedure
This section describes how to quickly configure CNAD Basic protection for an EIP. Figure 1 shows the process.
Step |
Description |
---|---|
Register a Huawei ID, enable Huawei Cloud, grant CNAD Basic permissions, and prepare protected objects. |
|
Check whether the protected objects are synchronized to the CNAD Basic console and whether the default protection is enabled. |
|
Set traffic scrubbing alarm notifications for protected objects. |
|
Configure traffic scrubbing policies for protected objects. |
|
View the protection status and traffic details of protected objects. |
Prerequisites
- Before using CNAD Basic, register a Huawei ID and enable Huawei Cloud. For details, see Registering a Huawei ID and Enabling Huawei Cloud Services and Real-Name Authentication.
If you have enabled Huawei Cloud and completed real-name authentication, skip this step.
- Ensure that the account has been assigned related permissions. For details, see Creating a User Group and Assigning the Anti-DDoS Access Permission.
- Create an ECS and bind an EIP to it. For details, see section Purchasing an ECS.
NOTE:
If you have an ECS that meets the requirements, you do not need to create one again.
Step 1: Viewing the EIP Status
- Click
in the upper left corner of the page and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS page is displayed.
- On the Public IP Addresses tab, ensure that the EIP prepared in Prerequisites has been synchronized to CNAD Basic and the default protection has been enabled for it.
Figure 2 Viewing public IP address
Step 2: Enabling Alarm Notifications
- Click the Alarm Notifications tab.
- Enable the alarm notification function, set alarm parameters, and click Apply.
Figure 3 Configuring alarm notifications
Table 1 Parameter description Parameter
Example Value
Description
Scrubbed Traffic Alarm Threshold
1000Kbps
When the volume of scrubbed traffic reaches the threshold, an alarm notification is sent. Set the threshold as required.
Alarm Notifications
Set the alarm switch to
to enable the alarm function.
You will receive notifications (by SMS or email) if a DDoS attack is detected on your EIP.
SMN Topic
-
You can select an existing topic or click View Topic to create a topic.
For details about how to create a topic, see Creating a Topic.
Step 3: Configuring a DDoS Protection Policy
- Click the Public IP Addresses tab, locate the row that contains the target public IP address, and click Set Protection.
Figure 4 Protection settings
- Modify the protection settings as required and click OK.
Figure 5 Modifying protection settings
Table 2 Parameter description Parameter
Example Value
Description
Set Protection
Custom
The default protection level is 120 Mbit/s, but you can manually adjust to higher levels if needed.
Traffic Cleaning Threshold
150Mbps
You are advised to set a value closest to, but not exceeding, the purchased bandwidth.
CNAD Basic scrubs traffic when detecting that the inbound traffic of an IP address exceeds the threshold.
Step 4: Viewing a Monitoring Report
- Click the Public IP Addresses tab, locate the row that contains the target public IP address, and click View Monitoring Report.
Figure 6 Viewing a monitoring report
You can view the protection status, traffic details, and attack events of a public IP address within the last 24 hours.
Figure 7 Monitoring details
Related Information
- Event monitoring can be enabled for a protected EIP, which triggers an alarm when events like scrubbing, blocking, or unblocking occur. For details, see Setting Event Alarm Notifications.
- If you want to enable attack logging for a protected EIP for subsequent analysis and O&M, you can enable LTS. For details, see Configuring LTS for Anti-DDoS Logging.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot