What Is CNAD?
What Is CNAD?
Cloud Native Anti-DDoS Advanced (CNAD) provides higher DDoS protection capability for cloud services on Huawei Cloud such as Elastic Cloud Server (ECS), Elastic Load Balance (ELB), Web Application Firewall (WAF), and Elastic IP (EIP). CNAD defends against the DDoS attacks targeting the IP addresses on Huawei Cloud and it provides higher protection capabilities for cloud services. With few clicks on the console, you can enjoy always-on DDoS mitigation on Huawei Cloud.
Features
CNAD has the following features:
- Transparent access
You can directly protect public IP addresses on Huawei Cloud without modifying domain name resolution or configuring origin server protection.
- Unlimited protection
Huawei Cloud provides high DDoS mitigation capability based on the network and resource capabilities in the current region. The protection capability provided grows with the improvement of Huawei Cloud's network capabilities.
- Joint protection
Enabling the joint protection will automatically engage AAD for DDoS mitigation.
- IPv4/IPv6 protection
CNAD can protect IP addresses using IPv4 and IPv6 protocols.
- Traffic scrubbing
CNAD scrubs traffic when detecting that the incoming traffic of an IP address exceeds a certain threshold.
- IP address blacklist or whitelist
You can configure an IP address blacklist or whitelist to block or allow access from specified IP addresses.
- Protocol-based access block
Traffic accessing CNAD is blocked in one click based on the protocol type. For example, if there is no User Datagram Protocol (UDP) traffic, you are advised to disable UDP for CNAD.
Specifications
Table 1 describes the specifications supported by an instance of each edition.
CNAD protection is only available for cloud resources in the same region.
|
Specification |
CNAD Unlimited Protection Basic Edition |
CNAD Unlimited Protection Advanced Edition |
Cloud Native Protection 2.0 |
|---|---|---|---|
|
Billing Mode |
Yearly/Monthly |
Yearly/Monthly |
Yearly/Monthly and pay-per-use |
|
Bandwidth Type |
Cloud native network and fully dynamic BGP (static BGP not supported). |
Huawei cloud-native network, multi-line BGP |
Cloud native network and fully dynamic BGP (static BGP not supported). |
|
Protection Capability |
Shared unlimited protection for not less than 20 Gbit/s of traffic |
Shared unlimited protection for up to 1 Tbit/s of traffic |
Chinese mainland: Shared unlimited protection, no less than 20 Gbit/s. Outside the Chinese mainland: cross-border protection for carriers. |
|
Protected IP Addresses |
The value ranges from 50 to 500 and must be a multiple of 5. |
The value ranges from 50 to 500 and must be a multiple of 5. |
50 to 1000 IP addresses. The number of protected IP addresses must be a multiple of 50. |
|
Protection Times |
Unlimited |
Unlimited |
Unlimited |
|
IP Address Change Times |
Not supported |
Not supported |
Not supported |
|
Service Bandwidth |
The supported value ranges from 100 Mbit/s to 20,000 Mbit/s. |
Maximum value: 40,000 Mbit/s |
A maximum of 20,000 Mbit/s is supported. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
