Setting a Protection Policy
Anti-DDoS automatically enables defense against DDoS attacks for public IP addresses on Huawei Cloud (Huawei Cloud EIPs).
You can configure an Anti-DDoS defense policy in either of the following ways:
- Use the default protection policy.
The default protection policy is an initial policy and takes effect for all newly purchased EIPs. The default traffic scrubbing threshold is 120 Mbit/s and can be modified.
- Manually set a protection policy.
You can manually set protection policies for your public IP addresses in batches or one by one. The default protection policy will no longer be used for public IP addresses for which protection policies have been manually configured.
Manually Setting a Default Protection Policy
- Log in to the management console.
- Select a region in the upper part of the page, click
in the upper left corner of the page, and choose . The Anti-DDoS page is displayed. - Select the Public IP Addresses tab and click Set Default Protection Policy.
- Set the traffic cleaning threshold based on the site requirements, as shown in Figure 1.
Table 1 Parameter description Parameter
Description
Traffic Cleaning Threshold
Anti-DDoS scrubs traffic when detecting that the incoming traffic of an IP address exceeds the threshold.
You can set the traffic cleaning threshold based on your service traffic. Set the threshold to a value closest to the purchased bandwidth but not greater than the purchased bandwidth.
The default protection rate is 120 Mbit/s. You can manually set more protection levels.
NOTE:- If service traffic triggers scrubbing, only attack traffic is intercepted. If service traffic does not trigger scrubbing, no traffic is intercepted.
- Set this parameter based on the actual service access traffic.
- Click OK.
After you set the default protection policy, the newly purchased public IP addresses are protected based on the configured policy.
Manually Setting a Protection Policy
- Log in to the management console.
- Select a region in the upper part of the page, click in the upper left corner of the page, and choose . The Anti-DDoS page is displayed.
- On the Public IP Addresses tab page, select a setting method based on the site requirements.
- To configure protection policies for multiple public IP addresses, select multiple public IP addresses and choose Set Protection in the upper part of the page.
Figure 2 Configuring protection policies in batches
- To configure a protection policy for a single public IP address, in the row containing the desired public IP address, choose Set Protection.
Figure 3 Configuring a protection policy for a public IP address
- To configure protection policies for multiple public IP addresses, select multiple public IP addresses and choose Set Protection in the upper part of the page.
- Set the traffic scrubbing threshold based on the site requirements, as shown in Figure 4.
Table 2 Parameters for configuring a protection policy Parameter
Description
Traffic Cleaning Threshold
Anti-DDoS scrubs traffic when detecting that the incoming traffic of an IP address exceeds the threshold.
You can set the traffic cleaning threshold based on your service traffic. Set the threshold to a value closest to the purchased bandwidth but not greater than the purchased bandwidth.
The default protection rate is 120 Mbit/s. You can manually set more protection levels.
NOTE:- If service traffic triggers scrubbing, only attack traffic is intercepted. If service traffic does not trigger scrubbing, no traffic is intercepted.
- Set this parameter based on the actual service access traffic. You are advised to set a value closest to, but not exceeding, the purchased bandwidth.
- Then, click OK.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
