This topic describes how to view protection settings and details for each resource under an Alibaba Cloud account in the Anti-DDoS Basic console. It also provides an overview of protection against DDoS attacks. You can change protection configurations based on your business requirements.

Background information

Anti-DDoS Basic is enabled by default. It provides a protection capacity of up to 5 Gbit/s for Elastic Compute Service (ECS), Server Load Balancer (SLB), and Elastic IP Address (EIP) instances. The protection against DDoS attacks for the preceding assets that belong to an Alibaba Cloud account is provided free-of-charge.
You must take note of the following items when using Anti-DDoS Basic:
  • You can configure an appropriate cleaning threshold based on your business requirements. The throughput of DDoS attacks that an asset encounters may exceed the specified value of a cleaning threshold. In such cases, Anti-DDoS Basic starts cleaning attack traffic to ensure business continuity.
  • You must take note of the protection capacity that is used for an instance to protect against DDoS attacks. If the bandwidth of a DDoS attack is no less than the specified cleaning threshold, Anti-DDoS Basic provides traffic cleaning free of charge. The default black hole triggering threshold for an asset changes based on the region that hosts the asset. For more information, see Default black hole triggering thresholds for Anti-DDoS Basic.
  • Activate Anti-DDoS Pro based on your business requirements. If the bandwidth of a DDoS attack on an asset exceeds the default black hole triggering threshold for the asset, requests to the asset are forwarded to a black hole. We recommend that you use Anti-DDoS Pro to improve protection capacity. For more information about Anti-DDoS Pro, see What is Anti-DDoS Pro?.

Procedure

  1. Log on to the Alibaba Cloud Anti-DDoS Basic console.
  2. On the top of the Assets page, select a region.
  3. On the Assets page, view DDoS Attack Protection Information. The DDoS Attack Protection Information section provides the following links to specific topics.
    • Click Default Basic Protection Threshold to view default black hole triggering thresholds for different assets that reside in each region.
    • Click Blackholing to view Alibaba Cloud black hole policies.
    • Click Anti-DDoS Pro to go to the Instance List page of the Anti-DDoS Pro console. You can activate Anti-DDoS Pro based on your business requirements.
    Overview of protection against DDoS attacks

    For more information, see Assets.

  4. You can change the value of a cleaning threshold based on your business requirements.
    1. On the Assets page, select the ECS, SLB, EIP (including NAT), or Others tab based on the type of cloud service for which you want to configure a cleaning threshold.
      • ECS: includes a list of IP addresses for ECS instances.
      • SLB: includes a list of IP addresses for SLB instances.
      • EIP (including NAT): includes a list of IP addresses for EIP and NAT instances.
        Note ECS or SLB instances that have Elastic IP addresses associated are sorted into EIP instances.
      • Others: includes a list of IP addresses for instances that are hosted by other service providers.
    2. In a list of instances, find the target instance, and click the IP address of the instance.
      If excessive instances exist, we recommend that you search for the target instance by using the instance ID, instance name, or instance IP as the search condition.Assets
      Open the Instance Details page. The Instance Details page shows the peak daily traffic, number of daily data packets, and a list of DDoS attacks for the last seven days.Instance details
    3. On the Instance Details page, click Cleaning Settings, and select Manual Setting or Default in the Cleaning Threshold field.Configure cleaning settings
    For more information, see Configure a cleaning threshold.