Configuring a Basic Protection Policy to Intercept Attack Traffic
After your service is connected to CNAD, you can set basic protection policies for the protected objects. If the DDoS bandwidth on an IP address exceeds the configured threshold, CNAD is triggered to scrub attack traffic to ensure service availability.
Limitations and Constraints
If you have a custom policy, you cannot change the traffic scrubbing threshold. To change the traffic scrubbing threshold, submit a service ticket to Huawei technical support.
Enabling Basic Protection
- Log in to the management console.
- Select a region in the upper part of the page, click in the upper left corner of the page, and choose . The Anti-DDoS Service Center page is displayed.
- In the navigation pane on the left, choose Protection Policies page is displayed. . The
- Click Create Protection Policy.
- In the displayed dialog box, set the policy name, select an instance, and click OK.
Figure 1 Creating a policy
- In the row containing the target policy, click Set Protection Policy in the Operation column.
- In the Basic Protection area, click Set.
Figure 2 Basic protection
- In the Basic Protection Settings dialog box that is displayed, set the traffic scrubbing threshold.
Figure 3 Basic protection settings
Table 1 Parameter description Parameter
Description
Traffic Scrubbing Level
If the DDoS bandwidth on an IP address exceeds the configured scrubbing level, CNAD is triggered to scrub attack traffic.
You are advised to set a value closest to, but not exceeding, the purchased bandwidth.
Defense Mode
If the traffic reaches the specified scrubbing level, traffic scrubbing is triggered.
- Loose: Scrubbing is triggered when the traffic reaches three times of the scrubbing level.
- Normal: Scrubbing is triggered when the traffic reaches twice the scrubbing level.
- Strict: Scrubbing is triggered when the traffic reaches the scrubbing level.
- Click OK. The basic protection policy configuration is completed.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot