This topic describes the release notes of Anti-DDoS Pro, Anti-DDoS Premium, and Anti-DDoS Origin features.
Anti-DDoS Pro and Anti-DDoS Premium
|2021-03-26||Website Config||Custom combination of cipher suites is supported in Transport Layer Security (TLS)
After you add the domain name of a website to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can specify which cipher suite to use based on your business requirements.
|Create a custom TLS policy|
|2021-03-26||Website Config||Multiple domain names are supported to forward back-to-origin requests.
If you add the domain name of a website to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can specify more than one domain name that is mapped to your origin servers to forward back-to-origin requests. If you specify more than one IP address or domain name, Anti-DDoS Pro and Anti-DDoS Premium use IP hash load balancing to forward website traffic to the origin servers.
You can specify multiple domain names to forward back-to-origin requests in distributed business scenarios. This way, Anti-DDoS Pro or Anti-DDoS Premium is integrated with your network and the workload on a single origin server is reduced. This improves service stability and disaster recovery.
|Add a website|
|2021-03-26||Website Config||Remarks can be specified for a website.
After you add the domain name of a website to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can specify remarks for the website. If you add multiple websites to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can identify different services based on the remarks, which makes operations and maintenance (O&M) more efficient.
|Add a website|
|2021-03-26||Website Config||Custom header fields and field values are supported to label requests.
If you add the domain name of a website to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can specify a custom header field and the value of the field for the domain name. When the instance processes the requests of this domain name, the instance adds the custom header field to these requests. This allows you to collect statistics on and analyze the back-to-origin data. For example, you can accurately count the actual source ports of the requests.
|Mark back-to-origin requests|
|2021-03-26||Static Page Caching||Manual cache refreshing is supported for static page caching.
If you create custom rules for static page caching and the source content of the cached page changes, you can forcibly refresh the page cache in Anti-DDoS Pro or Anti-DDoS Premium to synchronize the latest content in time.
|Configure static page caching|
|2020-12-15||Website Config||The configurations of Enforce HTTPS Routing and Enable HTTP are provided.
If you add the domain name of a website to your Anti-DDoS Pro or Anti-DDoS Premium instance, you can enable Enforce HTTPS Routing or Enable HTTP for the website. If you enable Enforce HTTPS Routing, all HTTP requests from clients to the instance are redirected to HTTPS requests, which enhances business security. If you enable Enable HTTP, HTTPS requests to the instance are redirected to HTTP requests and then the HTTP requests are forwarded to the origin servers, which reduces the workload required to process HTTPS requests on the origin servers. All these features allow the instance to verify inbound requests and reduce the workload on downstream links and hosts.
|Add a website|
|2020-11-05||Alert Rules||Alert rules can be used to monitor multiple domain name metrics, such as queries per second (QPS) and abnormal status codes. This feature allows you to monitor the websites that are protected by your Anti-DDoS Pro or Anti-DDoS Premium instance and identify exceptions at the earliest opportunity.||Configure an alert rule for Anti-DDoS Pro or Anti-DDoS Premium|
|2020-10-27||Mitigation Settings > Custom Policies||Custom policies are supported. You can customize policies based on the IP address of your Anti-DDoS Pro or Anti-DDoS Premium instance and apply these custom policies to the instance.||Create custom mitigation policies for specific scenarios|
|2020-09-24||Attack Analysis||Attack Analysis is supported.
Attack Analysis is added to the left-side navigation pane of the Anti-DDoS Pro or Anti-DDoS Premium console. The Attack Analysis page displays the details about attack events to provide a clear view of the process and details of protection against distributed denial of service (DDoS) attacks. The details include an attack trend chart, attack source analysis, and protection flowchart.
|Use the attack analysis feature|
|2020-09-08||Security Overview||Traffic information about Secure Mainland China Acceleration (Sec-MCA) is provided
on the Security Overview page.
On the Security Overview page, you can query the inbound, outbound, and attack traffic of Sec-MCA. This way, you can understand the traffic, attack mitigation effects, and the deduction of protection quotas for Sec-MCA.
|Check the security overview|
|2020-08-04||Sec-Traffic Manager >
Cloud Service Interaction
|The Cloud Service Interaction feature allows you to configure your Anti-DDoS Pro or
Anti-DDoS Premium instance to interact with a Global Accelerator instance. This feature
delivers the following benefits:
||Create a cloud service interaction rule|
|2020-07-09||Mitigation Settings||Major changes:
||Configure the IP address blacklist and whitelist for an Anti-DDoS Pro or Anti-DDoS Premium instance|
|2020-06-22||Sec-MCA||The Sec-MCA feature in Anti-DDoS Premium provides protection at both Layer 4 and Layer 7. This feature accelerates network access for your services outside mainland China and protects your assets against DDoS attacks.||Configure Anti-DDoS Premium Sec-MCA|
|2020-05-19||Sec-Traffic Manager >
|Anti-DDoS Pro and Anti-DDoS Premium can interact with Dynamic Route for CDN (DCDN)
to scrub malicious traffic and accelerate content delivery:
||Create a CDN or DCDN interaction rule|
|2020-04-30||Sec-Traffic Manager >
|If attacks are detected, a sandbox is enabled for CDN-accelerated domain names that integrate with Anti-DDoS Pro or Anti-DDoS Premium. Traffic is redirected to an anti-DDoS scrubbing center. This ensures service availability.||Overview|
|2020-04-22||Sec-Traffic Manager >
|You can set the wait time of switching back in general scheduling rules. Before the wait time elapses, you can also manually switch traffic from Anti-DDoS Pro or Anti-DDoS Premium back to cloud resources.||Overview|
|2020-04-01||New API operations||New API operations are provided for you to manage and integrate Anti-DDoS Pro and Anti-DDoS Premium instances.||List of operations by function|
|2020-03-03||Anti-DDoS Premium interacting with CloudMonitor||Anti-DDoS Premium allows you to view basic O&M data in CloudMonitor. You can customize alert rules for Anti-DDoS Premium in the CloudMonitor console based on your requirements.||Configure an alert rule for Anti-DDoS Pro or Anti-DDoS Premium|
|2020-02-18||Integrated console and region selection|| The consoles of Anti-DDoS Pro and Anti-DDoS Premium are integrated.
||Differences between the features of Anti-DDoS Pro and Anti-DDoS Premium|
Anti-DDoS Origin (Basic and Enterprise)
|2019-12-18||Console||A new version of the console is available.
|2019-12-18||Assets||The Assets page.
page is changed to the |
The Assets page displays the protection status of activated assets within your Alibaba Cloud account. The page provides a quick overview of security risks for your assets from DDoS attacks. On the page, you can also increase the protection capacity for a specific asset. Supported assets include Elastic Compute Service (ECS) instances, Server Load Balancer (SLB) instances, and elastic IP addresses (EIPs).
|2019-12-18||Elastic protection||The preset protection threshold is changed to the elastic protection threshold. The
console no longer shows a score in the Security Credibility field.
In elastic protection mode, Anti-DDoS Origin allows you to assign an extra protection capacity for your assets based on the original basic protection capacity that is provided free of charge. The extra protection capacity assigned for an asset changes based on several factors. The factors include the number of resources that an anti-DDoS cluster consumes, available resources, historical attacks that your assets encounter, and security credits of your account.