×
Community Blog Six Advantages of Alibaba Cloud DDoS Protection and Four Solutions to Resist DDoS Attacks!

Six Advantages of Alibaba Cloud DDoS Protection and Four Solutions to Resist DDoS Attacks!

This article introduces the six advantages of Alibaba Cloud's DDoS defense service and four solutions to ensure your cloud security.

Introduction

As the traffic from cyber-attacks keeps breaking records, the number of attacks has also become more frequent and the attack methods have become more and more diverse. Due to the interconnected nature of our IT infrastructure today, DDoS attacks are inevitable for both external business and internal enterprise applications. The damage caused by DDoS attacks blocks the server of the origin site, makes the real users inaccessible, and can cause additional issues in the future, such as the leakage of core business data, a sharp decline in the number of users, economic losses, and brand reputation.

Alibaba Cloud's various business entities, such as Tmall, Taobao, AutoNavi, Ant Financial, and Lazada, have accumulated rich experience in DDoS attack protection in their global operations and resisted an average of 2500 cloud DDoS attacks per day. *How does Alibaba Cloud defend the attacks?

Alibaba Group's Defense Methods

Global DDoS Cleaning Center Responds to Network Traffic Attacks Easily

As a self-use DDoS protection mechanism for various business entities of Alibaba Group, Alibaba Cloud has successfully defended against multiple malicious traffic attacks. It has been deployed in China, Japan, Malaysia, Singapore, India, Indonesia, Germany, the United Kingdom, and the United States to reduce business security risks. Fifteen DDoS Scrubbing Centers were built, with a total protection bandwidth exceeding 10 Tbps.

Utilizing the global DDoS protection network and Anycast and GSLB technologies, you can dispatch Alibaba Cloud to distribute global protection nodes, pull attack traffic to the nearest cleaning center automatically, clean and remove malicious traffic, and return the filtered normal traffic to the original server. Alleviate the load of cross-border network links and use global resources to resist large traffic attacks launched worldwide to improve overall protection capabilities

AI Protection Engine Fights against Resource-Consuming Attacks Automatically

Alibaba Cloud Anti-DDoS is based on big data computing and machine learning. It builds an AI intelligent anti-DDoS system to realize automatic protection against complex resource-consuming DDoS attacks (CC attacks) by adjusting according to the attack conditions quickly and automatically. Then, it adjusts protection strategies to reduce the cost of safe operation and maintenance, so relevant personnel can face complex DDoS attacks and ensure the smooth operation of the business.

Six Advantages of Alibaba Cloud Anti-DDoS service

Compared to traditional DDoS attack security solutions, Alibaba Cloud Anti-DDoS has six advantages: easy deployment, high network quality, large protection capabilities, stable and available systems, and AI smart protection technology:

  • Easy Deployment in Five Minutes

Two access methods are provided: DNS resolution and IP direct pointing to achieve access protection for website function variable names and business ports. There is no need to install any software or hardware or adjust the routing configuration, and the deployment and startup can be completed in five minutes.

  • 10 Tbps+ Defense Bandwidth

Fifteen worldwide cleaning centers provide more than 10 Tbps+ bandwidth, effectively resisting all kinds of DDoS attacks based on the network layer, transport layer, and application layer.

  • AI Smart Protection

It can identify attacking IP accurately and filter and clean automatically by aiming at network traffic-based attacks and resource-exhausted DDoS attacks through automatic optimization of protection algorithms and deep learning.

  • Flexible Configuration

It supports flexible protection bandwidth adjustments. Users can upgrade it by themselves without adding any physical equipment or making business adjustments. There is no service interruption throughout the process.

  • Protect the Safety of the Source Station

The real origin server address is hidden through the reverse proxy access protection service, so the attacker cannot find the origin site address, thereby ensuring the origin site security.

  • Open and Compatible

The source station system is not limited to Alibaba Cloud. It can protect the local computer room and multi-cloud environment easily.

Four DDoS Defense Solutions

Anti-DDoS Basic Free Plan

Alibaba Cloud Anti-DDoS does not need to be activated and configured for Alibaba Cloud users. As long as you have an Alibaba Cloud account, you can enjoy this basic protection scheme for free, with up to 5 Gbps of basic DDoS protection. Note: The free Anti-DDoS basic protection capabilities on the cloud may differ by region, ranging from 500M to 5G.

Anti-DDoS Origin Enterprise

DDoS-native protection can load the defense capabilities directly into Alibaba Cloud ECS, SLB, WAF, and EIP without changing the IP. There are no restrictions on the number of four-layer ports and seven-layer functional variable names. It is easy to deploy. After purchase, you only need to bind the IP address of the cloud product that needs to be protected. It is suitable for users that need to protect multiple public IPs, service bandwidth greater than 1Gbps, QPS greater than 5000, and IPv6 access traffic.

The recommended package match for common situations is listed below:

  • If you only need to defend against DDoS attacks, we recommend using the deployment method of Load Balancing + Native Protection Enterprise Edition. Load Balancing discards the traffic of unmonitored protocols and ports to obtain better protection effects.
  • If you need to defend against DDoS attacks, web attacks, and CC attacks, we recommend using the deployment method of Web Application Firewall + Native Protection Enterprise Edition. WAF defends against CC attacks, and DDoS-Native Protection Enterprise Edition defends against traffic attacks to obtain better protection.

Anti-DDoS Premium – A Robust Defense Solution

In high-risk scenarios, such as game launches, promotional festivals, and online live broadcasts, users can expect attacks from malicious competition, such as DDoS attacks and blackmailing, leading to business unavailability. Anti-DDoS Premium can hide the source site address. Alibaba Cloud will provide unlimited cleaning resources regardless of the source site in the local computer room or other clouds, with no upper limit on protection, and leverage the global cleaning center resources to ensure full protection.

According to the frequency of attacks, it is divided into two plans:

  • Insurance Plan: Fully protected, 24 hours a day, twice a month
  • Unlimited Plan: Unlimited real-time, full protection

GameShield

In addition to defending against TB-level DDoS attacks, GameShield can solve CC attacks of the TCP protocol unique to the gaming industry with lower protection costs and better results!

Compared with traditional single-point DDoS defense solutions, GameShield Smart Scheduling diverts normal player traffic and hacker attack traffic to different nodes to minimize large traffic attacks. End-to-end encryption allows small traffic that simulates user behavior, and the attack cannot reach the client.

At the same time, in a traditional defense mechanism, hackers can lock the attack target IP easily. The smart scheduling and identification of GameShield can make users invisible and make hackers visible. Every attack will damage the hacker once, and the attacking equipment and puppets will no longer be available repeatedly, subverting the past situation of unequal DDoS offensive and defensive resources.

For Hong Kong, Macao, and Taiwan

As mentioned above, Alibaba Cloud has established multiple cleaning centers worldwide. Businesses in Hong Kong, Macao, and Taiwan can use the Hong Kong cleaning center nearby to handle access traffic. In addition, specific regions provide high-quality dedicated lines based on demand. This reduces latency (Latency) by 20% compared to public networks, reduces cross-border public network packet loss rates (Packet Loss), and improves user access quality.

You can learn more about Alibaba Cloud Anti-DDoS Premium by visiting https://www.alibabacloud.com/help/doc-detail/153308.htm

Original content from Alibaba Cloud TC Content

Disclaimer: The views expressed herein are for reference only and don't necessarily represent the official views of Alibaba Cloud.

0 0 0
Share on

Alibaba Clouder

2,630 posts | 644 followers

You may also like

Comments

Alibaba Clouder

2,630 posts | 644 followers

Related Products