Traffic Security Manager displays the architecture of the traffic protection solution that is provided by Alibaba Cloud and the protection status of your network assets. This helps you analyze the traffic protection-related weaknesses of your service and view the solutions to reinforce security. This topic describes how to use Traffic Security Manager.

Procedure

  1. Log on to the Traffic Security console.
  2. In the left-side navigation pane, click Traffic Security Manager.
  3. On the Traffic Security Manager page, view the architecture of the traffic protection solution that is provided by Alibaba Cloud and the protection status of your network assets. Traffic Security Manager
    You can view the number of all network assets that belong to the current Alibaba Cloud account. The network assets can belong to Elastic Compute Service (ECS), Server Load Balancer (SLB), Elastic IP Address (EIP), NAT Gateway (NAT), or Virtual Private Cloud (VPC). You can also view the number of attacked network assets and check whether each security service of Alibaba Cloud is activated for the account. If a security service is activated, the icon for the service is green. If a security service is not activated, the icon for the service is dimmed. For example, Anti-DDoS Origin shown in the preceding figure is activated and Cloud Firewall shown in the figure is not activated.

    The following table provides brief introductions to some of the security services of Alibaba Cloud for reference. To obtain more details about a service and how to activate the service, you can click the service name in the table to view the documentation of the service. You can also submit a ticket to obtain technical support.

    Protection layer Security service Brief introduction
    Business Protection Layer Cloud Firewall Cloud Firewall provides software as a service (SaaS) firewalls in the public cloud. Cloud Firewall allows you to manage the access control policies for north-south traffic and manage the microsegmentation policies for east-west traffic in a centralized manner. North-south traffic indicates the traffic between the Internet and your business systems, and east-west traffic indicates the traffic between your business systems.
    Application Protection Layer Web Application Firewall Web Application Firewall (WAF) provides a comprehensive security solution that protects your websites and applications by using reverse proxies. WAF identifies malicious web traffic based on traffic characteristics and prevents server performance deterioration caused by intrusions into your website servers.
    API Security API Security checks the traffic on your business APIs and allows only the API requests that comply with your API specifications.
    Anti-Bot Service Anti-Bot Service provides a comprehensive anti-bot solution that protects your websites, applications, and APIs, and prevents security risks caused by the weaknesses in your business systems.
    Network Protection Layer Anti-DDoS Pro Anti-DDoS Pro provides anti-DDoS capabilities by using reverse proxies. If your servers on the Internet experience volumetric DDoS attacks, Anti-DDoS Pro helps ensure business continuity and application availability.
    Anti-DDoS Origin Anti-DDoS Origin provides anti-DDoS capabilities for services such as ECS, SLB, WAF, and EIP.
    GameShield GameShield provides a specialized network security solution that protects against DDoS attacks and HTTP flood attacks in the gaming industry.
    Near-origin Protection Layer NTA This service allows you to analyze, manage, and monitor threats in network traffic in a visualized manner. This service is deployed at the boundary of your network.
    Near-origin Protection Near-origin Protection blocks traffic that is initiated outside mainland China.
    Note Near-origin Protection is available only in Anti-DDoS Pro, Anti-DDoS Premium, and Anti-DDoS Origin.