Alibaba Cloud CDN uses globally distributed edge nodes to accelerate and secure content delivery for enterprises and public service sectors. Alibaba Cloud CDN is an all-in-one content delivery service for a variety of sectors, such as public service, finance, media, retail, and transportation.
Secure acceleration for enterprises and public service sectors
Compared with standard Alibaba Cloud CDN and Dynamic Route for CDN (DCDN), secure acceleration for enterprises and public service sectors provides more security features. Therefore, the overall price of this feature is higher than that of standard Alibaba Cloud CDN and DCDN. If your services involve finance, public service, media, retail, or transportation and you want to learn more about secure acceleration for enterprises and public service sectors, click Consult the secure acceleration solution to submit an application.
- Secure acceleration for enterprises and public service sectors uses a special business model. For more information, click Consult the secure acceleration solution to submit an application.
- If you want to enable one or more features described in the following table Features, click Consult the secure acceleration solution to submit an application.
Scenarios
Scenario | Event |
---|---|
Public service |
|
Finance |
|
TV broadcasting and media |
|
Enterprise | Office automation (OA) and enterprise resource planning (ERP) systems have slow access performance, which affects work efficiency. |
Benefits
- DCDN: DCDN can identify dynamic and static content. Static content is cached on edge nodes. The delivery of dynamic content is accelerated by using an intelligent scheduling system.
- Intelligence and efficiency: Intelligent scheduling and protocol optimization accelerate content delivery and reduce costs.
- Professional services: Standard services such as real-time monitoring and monthly reports, emergency response, and major event protection reinforce the security of your business.
- Edge security: Alibaba Cloud CDN protects your business from attacks, tampering, and overloading based on more than 3,200 globally distributed edge nodes.
- Application layer security: Edge nodes are integrated with Web Application Firewall (WAF) to protect your business from Open Web Application Security Project (OWASP)-identified threats and HTTP flood attacks. This facilitates traffic management and reduces loads on origin servers.
- Network layer security: Edge nodes can intelligently detect DDoS attacks and interact with Anti-DDoS Pro to mitigate DDoS attacks.
- Data link layer security: Alibaba Cloud CDN provides independent nodes to ensure that resources deployed on these nodes are isolated. The ShangMi (SM) cipher suite is used to secure data transfer. Alibaba Cloud CDN also checks node consistency to ensure that your business is tamper-resistant.
- Edge availability: Alibaba Cloud CDN allows you to specify secondary origin servers to ensure the availability of origin servers. In addition, Alibaba Cloud CDN supports failover, monitoring, alerting, and the offline mode to further ensure origin server availability.
- Compliance: Alibaba Cloud has obtained 97 certificates of compliance and Alibaba Cloud CDN has obtained 47 certificates of compliance, including Level 3 Classified Protection of Cybersecurity, Level 4 Classified Protection of Cybersecurity for Alibaba Finance Cloud, Trusted Cloud, ISO27001, and PCI DSS.
Features
The following table describes the features of secure acceleration for enterprises and public service sectors.
Billable item | Billing rule | Setting |
---|---|---|
Business mode | Supports data transfer plans that can be used to offset data transfer fees. For more information about the specifications and pricing of data transfer plans, contact Alibaba Cloud customer service. | Select one |
Supports the pay-as-you-go billing method based on the following metering methods: pay-by-95th-percentile, average daily peak bandwidth per month, and pay-by-data-transfer per hour. You are charged for data transfer and bandwidth resources. Value-added services do not charge additional fees. For more information, contact Alibaba Cloud customer service. | ||
Content delivery acceleration | Delivery acceleration for static content: accelerates the delivery of static content, including small image files, large files, audio files, and video files. | Select one |
DCDN: accelerates the delivery of dynamic content by using an optimal route selected by the intelligent scheduling system. This improves user experience and ensures the stability of your services. | ||
Value-added services: support HTTPS and QUIC requests for static content, HTTPS, HTTP, and QUIC requests for dynamic content, and real-time log delivery. | Enabled | |
Application layer protection | Access control: supports hotlink protection based on the Referer header, URL authentication, IP whitelists and blacklists, and user-agent (UA) whitelists and blacklists. | Enabled |
HTTPS: supports SSL certificate management, HTTP/2, force redirect, Transport Layer Security (TLS) version control, HTTP Strict Transport Security (HSTS), keyless solutions, and the SM cipher suite. | Enabled | |
WAF: supports WAF Pro Edition and Business Edition. WAF can protect your services from common attacks identified by OWASP and data leakage, and ensure the security and availability of your services. | Enabled | |
Rate limiting: uses an exclusive rate limiting engine and blocks malicious requests based on default or custom policies. This ensures the stability of your services and prevents HTTP flood attacks. | Enabled | |
Bot traffic management: supports crawler whitelists, threat intelligence, and AI protection. This feature detects advanced crawlers, and minimizes the impacts of crawlers and automation tools. | Enabled | |
Region blacklist: allows you to configure a region blacklist to block requests from IP addresses in specific regions. This improves the security of your services. | Enabled | |
Network layer protection | Sandbox-free: If your websites is under HTTP flood attacks, Alibaba Cloud CDN mitigates the HTTP flood attacks without using sandboxes. This solution protects your services without degrading the performance of Alibaba Cloud CDN. | Enabled |
DDoS mitigation: Alibaba Cloud CDN is integrated with Anti-DDoS Pro to identify and mitigate DDoS attacks by using automatic traffic scheduling. We recommend that you use DDoS mitigation together with exclusive resource plans. | Enabled | |
IP blacklists: You can configure blacklists to temporarily or permanently block up to millions of IP addresses. | Enabled | |
Exclusive feature | Exclusive resources: Exclusive resources are provided to enterprises and public service sectors. These resources are isolated from those of other users to ensure service stability. | Enabled |
Service reports: Alibaba Cloud CDN provides comprehensive and periodic service reports about traffic, bandwidth, back-to-origin traffic and bandwidth, the number of requests, cache hit ratios, HTTP status codes, and statistics collected by region. | Enabled | |
SM cipher suite: Alibaba Cloud CDN supports the SM cipher suite, which is based on the BabaSSL standard. | Enabled | |
Offline mode: If an origin server fails, edge nodes can respond to requests with cached content. This ensures the availability of your service. | Enabled | |
Tamper-proof: prevents attackers from tampering with the content during content delivery. | Enabled | |
Origin protection: queries the IP addresses of CDN edge nodes during back-to-origin routing. Then, you can add the IP addresses to the whitelist on the origin server or origin server firewall to reinforce protection. | Enabled | |
IPv6: supports the IPv6 feature and addresses IPv6 performance issues. | Enabled | |
Unified resource management solution: provides a unified resource management solution for complex organization structure. This facilitates resource management for large companies. | Enabled | |
Certificates of compliance: Level 3 Classified Protection of Cybersecurity 2.0, ISO27000, PCI DSS, Trusted Cloud, and GDPR. | Enabled | |
Value-added service | Exclusive resource plans: provide exclusive IP addresses. This ensures the independence and stability of your service. | Optional |
Exclusive services: support platform services, after-sales services, and major event services. | Optional |
Security settings
References
- Secure content delivery solution
- What can Alibaba Cloud CDN do in the face of growing cybersecurity issues?
- Proper use of Alibaba Cloud CDN helps minimize security risks
- How can enterprises and public service sectors accelerate the delivery of content and comply with regulations?
- Alibaba Cloud CDN annual product upgrade: A new generation CDN service that provides easy-to-use, security-enhanced, and high-efficiency features
- How can enterprises and public service sectors improve edge security?