Purchasing AAD Instances

Prerequisite

Constraints

• Each user can purchase a maximum of five instances by default. If the quota is insufficient, submit a service ticket to apply for a higher quota.
• If your service servers are located in Chinese Mainland, you are advised to purchase AAD. You have obtained an ICP license for your domain names to be protected by AAD.
• If your service servers are located outside Chinese mainland, you are advised to purchase AAD (International Edition).

Procedure

1. Log in to the management console.
2. Select a region in the upper part of the page, click in the upper left corner of the page, and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS Service Center page is displayed.
3. In the upper right corner of the page, click Buy CNAD Pro.
4. On the Buy AAD page, set Instance Type to Advanced Anti-DDoS.
5. Set instance specifications, as shown in Figure 1. Table 1 describe related parameters.
   Figure 1 Setting the parameters required for purchasing an AAD instance
   

   Table 1 Parameters for purchasing an AAD instance

   Parameter	Description
   Access Type	Website: Huawei Cloud uses intelligent algorithms to select the optimal access point for you and does not provide fixed high-defense IP addresses. This type is recommended for users using "Domain Name Access". IP Address: provides only IP port protection and fixed high-defense IP addresses. Only users outside the Chinese mainland can purchase and use this mode.
   Region	Chinese mainland: applies to scenarios where service servers are deployed in Chinese Mainland. Outside the Chinese mainland: applies to scenarios where service servers are deployed in Asia Pacific (Hong Kong and Singapore are supported currently). The average access latency in Chinese Mainland is about 300 ms. If service servers are deployed in other regions, you are advised to purchase the AAD international edition.
   Line	Chinese mainland: Only BGP is supported. Outside the Chinese mainland: Only AnyCast is supported.
   Service Access Point	The following access points are available in Chinese Mainland. Select an access point based on your service location. North China 1: China Mobile, China Telecom, China Unicom, Beijing Education Network, Dr. Peng, Hebei Broadcast & Television, and Chongqing Broadcast & Television are supported. CN East 2: China Mobile, China Telecom, and China Unicom are supported. Outside the Chinese mainland, only the Asia-Pacific access point is supported. This line applies to scenarios where service servers are deployed in the Asia-Pacific region (currently, Hong Kong and Singapore are supported). The access quality of users in the Chinese mainland is not guaranteed. The average access delay in the Chinese mainland is about 300 ms.
   IP Type	IPv4: To protect an IPv4 origin server, you need to select IPv4. IPv6: To protect an IPv6 origin server, you need to select IPv6. Only IPv4 addresses can be protected outside the Chinese mainland.
   Protection package	This parameter is available only in areas outside the Chinese mainland. Basic protection: provides advanced protection twice a month for services with low DDoS attack risks. Unlimited protection: provides advanced protection for unlimited times, which is suitable for defending against services with high DDoS attack risks.
   Basic Protection Bandwidth	The basic protection bandwidth is purchased by customers. If the peak attack traffic is less than or equal to the basic protection bandwidth, customers do not need to pay extra fees. To achieve enhanced protection, use the Elastic Protection Bandwidth parameter.
   Elastic Protection Bandwidth	If you set this parameter to a value larger than the basic protection bandwidth, additional charges ensue when attack traffic exceeding the basic protection bandwidth is scrubbed. You can modify the elastic protection bandwidth as needed after you have purchased an AAD instance. NOTE: The elastic protection bandwidth must be greater than or equal to the basic protection bandwidth. If the two are set to the same value, the elastic protection bandwidth function does not take effect.
   Protected Domain Names	This parameter is available only when Access Type is set to Website. By default, 50 ports are provided. You can pay for more. A maximum of 200 ports are supported.
   Forwarding Rules	This parameter is available only when Access Type is set to IP Access in areas outside the Chinese mainland. By default, 50 forwarding rules are provided. You can pay for more. A maximum of 200 forwarding rules are supported.
   Service Bandwidth	Specifies the service bandwidth for the AAD instance to forward scrubbed traffic to origin servers. The value ranges from 100 Mbit/s to 5000 Mbit/s. Collect statistics on the peak inbound and outbound traffic of all services to be connected to the AAD instance. The service bandwidth must be greater than both the peak inbound and outbound traffic. CAUTION: If the service bandwidth of your instance is lower than peak inbound or outbound traffic, packet loss may occur and your services may be affected. In this case, upgrade the service bandwidth in a timely manner. For details about upgrading specifications, see Upgrading Instance Specifications. Assume that you have two services (service A and service B) to access AAD. The peak traffic of service A does not exceed 50 Mbit/s, and the peak traffic of service B does not exceed 70 Mbit/s. The total traffic does not exceed 120 Mbit/s. In this case, you only need to ensure that the maximum service bandwidth of the purchased instance is greater than 120 Mbit/s.

6. Set Required Duration and Quantity, as shown in Figure 2. Table 2 describes the parameters.
   Figure 2 Setting Required Duration and Quantity
   

   Table 2 Parameter description

   Parameter	Description	Example Value
   Instance Name	Enter a name for the AAD instance you are purchasing. The name can contain a maximum of 32 characters. The name can contain only letters, digits, underscores (_), and hyphens (-).	CAD-0001
   Enterprise Project	This option is only available when you are logged in using an enterprise account, or when you have enabled enterprise projects. To learn more, see Enabling the Enterprise Center. You can use enterprise projects to more efficiently manage cloud resources and project members. NOTE: default: indicates the default enterprise project. Resources that are not allocated to any enterprise projects under your account are listed in the default enterprise project. The default option is available in the Enterprise Project drop-down list when you purchase AAD with a registered Huawei Cloud account.	N/A
   Required Duration	Set this parameter as required.	N/A
   Quantity	Select the number of instances to be purchased. By default, each user can purchase a maximum of five instances.	1

   

   The Auto-renew option is optional. If you tick Auto-renew, the system will automatically renew the AAD instance before it expires.

7. Click Next.
8. On the Details page, select the agreement and click Submit Order.
   

   For regions outside the Chinese mainland, the payment can be made only after the order is approved.

9. Pay for the order on the payment page.