Anti-DDoS:Use Anti-DDoS Origin Enterprise to protect an asset from DDoS attacks

Prerequisites

Before you purchase an Anti-DDoS Origin Enterprise instance, make sure that you know the IP address that is attacked and the region where the asset resides.

Step 1: Purchase an Anti-DDoS Origin Enterprise instance

1. Go to the Anti-DDoS Origin buy page.
2. Configure the following parameters and complete the purchase of an Anti-DDoS Origin Enterprise instance.

   Parameter	Description
   Product Type	The service that you want to purchase. Select Anti-DDoS Origin.
   Mitigation Plan	The mitigation plan of the Anti-DDoS Origin instance. Default value: Enterprise. You cannot change the value of this parameter.
   IP Version	The IP version of the Anti-DDoS Origin instance. Valid values: IPV4 and IPV6.
   Region	The region where the Anti-DDoS Origin Enterprise instance resides. Important The Anti-DDoS Origin Enterprise instance must reside in the same region as the asset that you want to protect.
   Business Scale	The average network bandwidth of the service that you want to protect. For more information about how to estimate the scale of your service, see Business scale estimation.
   IP Addresses	The total number of public IP addresses that you want to protect. The minimum value that you can specify for this parameter is 100. If you want to protect more public IP addresses, you can increase the value.
   Mitigation Logs	Specifies whether to enable the mitigation logs feature. The mitigation logs feature provides full log analysis and reports of protected traffic. Valid values: On and Off. Note This feature is in public preview. During the public preview, this feature is free of charge. After you enable this feature, Mitigation Analysis (Beta) appears in the left-side navigation pane of the console.
   Resource Group	The resource group of the Anti-DDoS Origin instance. A resource group is a group of resources that belong to an Alibaba Cloud account. You can manage members, permissions, and resources in a resource group. You can select an existing resource group or create a resource group. For more information, see Create a resource group.
   Duration	The validity period of the Anti-DDoS Origin instance. You can select Auto-renewal based on your business requirements.

3. Click Buy Now and complete the payment.
   After you purchase the Anti-DDoS Origin Enterprise instance, you can go to the Manage Instances page to view the instance and add the public IP addresses that you want to protect to the instance as protected objects. For more information, see Add an object for protection.

Step 2: Add the public IP address of an asset to the Anti-DDoS Origin Enterprise instance

The following sections describe the methods to add an object to the Anti-DDoS Origin Enterprise instance for protection.

Add an object on the Protected Asset IP page

1. Log on to the Traffic Security console.
2. In the left-side navigation pane, choose Network Security > Anti-DDoS Origin > Protected Objects.
3. In the top navigation bar, select the resource group and region of your instance.
4. On the Protected Asset IP page, select the Anti-DDoS Origin Enterprise instance that you purchased and click Add Protected Asset.
5. If you use Anti-DDoS Origin Enterprise for the first time, you must follow the instructions that are provided on the page to complete the authorization for the assets within your Alibaba Cloud account.
6. In the Add Protected Asset dialog box, enter the public IP address of your asset that you want to protect and click OK.
   Note

   • You must enter the public IP address of an asset within your Alibaba Cloud account. The asset must be in the same region as the Anti-DDoS Origin Enterprise instance.
   • You must separate multiple public IP addresses with commas (,).

Add an object on the Manage Instances page