Updated on 2025-07-11 GMT+08:00

Anti-DDoS Overview

Figure 1 shows the process of adding an EIP to Anti-DDoS for protection.

Figure 1 Process of using Anti-DDoS
Table 1 Procedures

No.

Procedure

Description

1

Enabling Anti-DDoS

Anti-DDoS is free of charge. It is automatically enabled when you purchase an EIP.

2

Using IAM to grant Anti-DDoS permissions

Use Identity and Access Management (IAM) to grant fine-grained Anti-DDoS service permissions to users.

3

Configuring an EIP protection policy

You can set a traffic scrubbing threshold for the protected EIP. When service traffic exceeds the traffic scrubbing threshold, Anti-DDoS scrubs the traffic to mitigate DDoS attacks.

4

Performing common security operations

  • Setting DDoS Alarm Notifications: After the alarm notification function is enabled, you will receive an alarm if a DDoS attack is detected.
  • Enabling DDoS Alarm Notifications: After event monitoring is enabled on Cloud Eye, alarms are triggered when events such as scrubbing, blocking, or unblocking occur.
  • Viewing an EIP Monitoring Report: You can view the monitoring details of a specified public IP address, including the protection status, protection parameters, traffic in the last 24 hours, and abnormal events.
  • Viewing an Interception Report: You can view the protection statistics of all public IP addresses of a user, including the number of scrubbing times, scrubbed traffic, and top 10 attacked IP addresses.
  • Querying Audit Logs: You can view historical Anti-DDoS operation records on CTS.

CNAD Basic does not support attack alarm notification and protection policy customization for public IP addresses of the GEIP and GA types.