When your service is added to an Anti-DDoS Proxy instance, the instance automatically applies a global mitigation policy. This policy supports two modes: a traditional mode, which offers three fixed protection levels (Loose, Normal, and Strict), and an AI Autopilot mode, in which the SecOps Agent intelligently generates and optimizes policies based on your business profile. By selecting the right policy level, you control the trade-off between protection strength and the risk of false positives.
How it works
The anti-DDoS engine accumulates mitigation rules from large volumes of real-world attack events. When a volumetric attack with known characteristics targets your instance's IP address, the global mitigation policy intercepts the traffic before it reaches your origin server.
The policy is instance-wide: every website, application service, and cross-region service node added to the same Anti-DDoS Proxy instance is protected by the same policy.
The global mitigation policy activates only when the IP address of the Anti-DDoS Proxy instance is under attack. It does not affect traffic during normal operation.
Choose a policy
The global mitigation policy supports the following two protection policies:
Policy | Overview | Edition requirements | Use cases |
Traditional | Provides three fixed protection levels: Loose, Normal, and Strict. You can manually select a protection level based on your business needs. For more information about the protection levels, see Traditional policy. |
| Choose this mode when you require a specific protection level. |
AI Autopilot |
|
| Suitable for scenarios where you want an intelligent and personalized protection policy. |
Prerequisites
A website service or non-website service is added to Anti-DDoS Proxy. For more information, see Add websites or Manage forwarding rules.
AI Autopilot mode: Supported only by the Enhanced. The Standard does not support this mode.
Traditional policy
In traditional mode, you can adjust the protection policy:
Log on to the Anti-DDoS Proxy console.
In the left-side navigation pane, choose .
On the Protection for Infrastructure tab, in the Anti-DDoS Global Mitigation Policy section, adjust the Mitigation Policy. You can select Loose, Normal, or Strict.
Policy | Mitigation method | Description |
Loose |
| The Loose global mitigation policy protects only against packets that have clear attack characteristics. However, traffic of complicated attacks may be transparently transmitted to your origin server. We recommend that you select this policy only if false positives are generated for your service. |
Normal |
| The Normal global mitigation policy balances between service availability and protection effectiveness. This policy is suitable for most services and can mitigate common DDoS attacks. |
Strict |
| The Strict global mitigation policy provides strong protection. In rare cases, false positives may be generated. We recommend that you select this policy only if attack traffic is transparently transmitted to your origin server. |
AI Autopilot (Beta)
AI Autopilot mode is available only for Enhanced instances of Anti-DDoS Proxy (Chinese Mainland) and Anti-DDoS Proxy (Outside Chinese Mainland). If your instance is not an Enhanced instance, the Start Auto-Pilot button is not displayed.
Enable AI Autopilot mode
Log on to the Anti-DDoS Proxy console.
In the left-side navigation pane, choose .
On the Protection for Infrastructure tab, select the target Enhanced Edition instance (indicated by the
tag) from the instance list on the left.In the Anti-DDoS Global Mitigation Policy section on the right, click Start Auto-Pilot.
In the SecOps Agent dialog box, configure the following settings and click OK.
Insights: The SecOps Agent automatically analyzes your historical traffic data to generate a business profile based on the following dimensions:
Business type: For example, e-commerce platform, gaming, or content service. You can add or remove tags.
Service region distribution: For example, China export or global coverage.
Traffic fluctuation pattern: For example, event-driven or stable traffic.
Business scale: For example, medium-scale or large-scale.
If the AI-generated profile does not match your actual business, you can manually modify the tags to ensure the protection policy better fits your business needs.
Tell Us More (Optional): You can specify your protection requirements in the following ways:
Click quick-access tags: For example, Starter Plan, E-Commerce Peak, Game Launch, Financial Security, Live Streaming, or API Protection.
Use natural language: Describe your business scenario and protection needs in the text box. For example: "I need protection for the upcoming 618 shopping festival. Traffic is expected to be 100 times higher than usual."
In the confirmation dialog box that appears, verify the intelligent profiling tags and click OK.
View the AI Autopilot policy
After the mode is enabled, the DDoS Global Mitigation Policy section displays the AI Autopilot indicator. In the Live section, you can view proactive adjustments the system makes in response to real-time attack patterns.
Policy description: A list of specific protection rules customized by the SecOps Agent based on the business profile.
Policy adjustments:
Maintain: If the current policy is appropriate, you can ignore the prompt.
Replace: When the SecOps Agent identifies an opportunity for optimization, it adjusts the policy based on its analysis. No manual intervention is required. The system provides the reason for the adjustment.
Adjust the automated protection policy
In AI Autopilot mode, you can adjust the protection policy at any time by using the SecOps Agent.
In the Anti-DDoS Global Mitigation Policy section, click SecOps Agent.
In the SecOps Agent dialog box, perform the following operations:
Modify the intelligent profile: Modify the tags for business type, service region distribution, traffic fluctuation pattern, and business scale in the intelligent profile.
Add protection requirements: In the Tell Us More section, adjust the quick-access tags or use natural language to add new protection requirements, such as "Strengthen protection for the upcoming 618 shopping festival."
Click OK. The SecOps Agent re-analyzes and adjusts the protection policy based on the updated information.
Switch policies
Switch to traditional policy:
In the Anti-DDoS Global Mitigation Policy section on the right, click Quit.
Select a protection level (Loose, Normal, or Strict) and click OK.
Switch to AI Autopilot: See Enable AI Autopilot mode.
Billing
During the public beta, AI Autopilot is available at no extra charge for users of the Anti-DDoS Proxy Enhanced Edition. For more information about the editions, see Differences between Standard Edition and Enhanced Edition.