Alibaba Cloud CloudMonitor has detected attacks against global central bank websites by Anonymous members, primarily by high volume DDoS and HTTP flood attacks.
Alibaba Cloud security experts recommend building a security defense emergency system that integrates Anti-DDoS Service Pro and Web Application Firewall (WAF).
Alibaba Cloud responds to high-risk incidents with a defense system that integrates Anti-DDoS Service Pro and WAF. The solution can be simply deployed by updating DNS resolution, and available for both cloud and on-premises (including non-Alibaba Cloud) systems.
Anti-DDoS Service Pro implements the SaaS security service to effectively defend against DDoS attacks when origin servers become unavailable under a large volume of DDoS attack traffic. This ensures the stability and reliability of the origin site.
Based on the powerful big data capability of Alibaba Cloud, WAF defends against SQL injection, XSS, common web server plugin vulnerabilities, Trojan uploads, unauthorized access to core resources, and other common OWASP attacks. It filters out massive numbers of malicious attempts to prevent leakage of users' website assets and data, helping enforce website's security and availability.
Considering the high complexity and resistance of this attack, you should contact a professional security service vendor and a service staff member to create a comprehensive solution.
Alibaba Cloud experts can help you to implement a robust security solution to protect your system against such attacks. The benefits of Alibaba Cloud security services include:
Data is the lifeblood of the financial industry. 91% of financial companies worldwide think they have data security risks.
Financial policymakers need to consider the broader context of Cloud Compute when formulating enterprise security policies.
At the same time, as more and more financial enterprises gradually transfer their businesses onto the cloud, they should also bring their security strategy more in line with the “cloud environment”. This new security strategy is very different from the previous makeshift solutions as cloud protection needs to be more comprehensively deployed.
Taking the basic topology of financial business systems as an example, App-side reinforcement and threat detection are used to limit security risks to within the app itself, while Anti-DDOS Pro and WAF (Web Application Firewall) are deployed at the entry/exit point of the cloud system so that network attacks are blocked before reaching the server load balancer, routers, switches, servers, or other applications.
In this tutorial, we'll discuss how to deploy Anti-DDoS, Content Delivery Network (CDN), and Web Application Firewall (WAF) all together to accelerate and secure our websites or web applications on Alibaba Cloud. For this solution to work correctly, you must have both Alibaba Cloud domestic and international accounts.
In case of "China service", for those who want to apply Anti-DDoS, CDN, and WAF features together on Alibaba Cloud environment, consider using SCDN(Secure CDN) on a Domestic account and WAF on an International account together. In case of International account, we cannot simultaneously utilize Anti-DDoS and CDN at the time of writing. In this way, this alternative can make it possible, before SCDN product on International account is released. Once again, this scenario works only for Chinese regions.
You can deploy Alibaba Cloud WAF and CDN (Content Delivery Network) together to speed up your website and protect against web attacks at the same time. We recommend that you use the following architecture: CDN (entry layer, website speed up) > WAF (intermediate layer, web attacks protection) > Origin.
Alibaba Cloud WAF and Anti-DDoS Pro and are fully compatible. You can use the following architecture to deploy WAF and Anti-DDoS Pro together: Anti-DDoS Pro (entry layer, DDoS attack protection) > WAF (intermediate layer, web attack protection) > Origin.
F5 Advanced WAF provides robust web application firewall protection, securing apps against threats including layer 7 DoS attacks, malicious bots, OWASP Top 10 threats and much more.
F5 Per-App VEs deliver the same scalable, secure and customizable application services as physical and virtual F5 ADCs - at a price and in a form factor appropriate for supporting individual apps.
Alibaba Cloud WAF is a web application firewall that monitors, filters, and blocks HTTP traffic to and from web applications. Based on the big data capacity of Alibaba Cloud Security, Alibaba Cloud WAF helps you to defend against common web attacks such as SQL injections, Cross-site scripting (XSS), web shell, Trojan, and unauthorized access, and to filter out massive HTTP flood requests. It protects your web resources from being exposed and guarantees your website security and availability.
Alibaba Cloud Anti-DDoS Pro is a paid service that features a set of high-defensive IPs, and acts as a protective barrier for the origin. It safeguards network servers under high volume DDoS attacks. After configuring the high defensive IPs for the network servers, all traffic passes through the Anti-DDoS Pro instance before rerouting to the origin.
Anti-DDoS Pro supports a peak protection bandwidth of 20Gbps ~ 600Gbps on servers inside and outside Alibaba Cloud. To make it more cost-effective, you are offered various flexible payment plans. Wherein, the fees are incurred according to the daily attack volumes.
Anti-DDoS Pro cleans all traffic, mitigates DDoS attacks, and then forward traffic to the origin. With malicious traffic mitigated, the origin gains higher availability and stability.
Additionally, with Anti-DDoS Pro enabled, traffic traction and re-injection are not necessary when your origin suffers DDoS attacks.
This certificate is designed for engineers who can use Alibaba Cloud Security products. It covers Alibaba Cloud's several security products like Server Guard, WAF, Anit-DDoS basic and Pro.
Data needed to get through, by whatever route it could. Privacy and security came later, with techniques such as encryption and authentication.
The same features that make the web so simple to use, also make it incredibly easy for so-called bots to harvest massive amounts of information. Software bots are very common, and it’s far from unusual for a typical website to receive several attempted bot attacks per day.
But with a properly tuned Web Application Firewall, you can stop them. Download this whitepaper to learn how you can protect your business against bot attacks.
Alibaba Clouder - October 21, 2019
Alibaba Clouder - June 24, 2020
Alibaba Clouder - March 3, 2021
Alibaba Clouder - April 16, 2020
Project AsiaForward Writers - January 13, 2022
Alibaba Clouder - January 4, 2021
More Posts by Alibaba Clouder