After you purchase an Anti-DDoS Origin Enterprise instance, you can add the IP addresses
of your Elastic Compute Service (ECS) instances, Server Load Balancer (SLB) instances,
Web Application Firewall (WAF) instances, or your elastic IP addresses (EIPs) to Anti-DDoS
Origin Enterprise for protection.
Prerequisites
An Anti-DDoS Origin Enterprise instance is purchased. For more information, see
Purchase an Anti-DDoS Origin Enterprise instance.
Note Anti-DDoS Origin Enterprise instances must reside in the same region as the assets
that you want to protect. The assets are cloud resources such as Elastic Compute Service
(ECS) instances, Server Load Balancer (SLB) instances, Web Application Firewall (WAF)
instances, and elastic IP addresses (EIPs).
Procedure
- Log on to the Traffic Security console.
- In the left-side navigation pane, choose .
- In the top navigation bar, select the resource group and region of your instance.
- On the Manage Instances page, find the Anti-DDoS Origin Enterprise instance. In the Actions column, click
Add Protected Asset.
Note Add Protected Asset appears only if no IP addresses of cloud services are added to the instance. If the
IP address of a cloud service is added to the instance, you can click Manage in the Actions column. On the Instances page, click Add Protected Asset.

- Optional:Authorize Anti-DDoS Origin Enterprise to access other cloud services.
- If you use Anti-DDoS Origin Enterprise for the first time, you must follow the instructions
that are provided on the page to complete the authorization for the cloud services
within your account.
Note The authorization prompt appears only if you use the Anti-DDoS Origin Enterprise instance
for the first time. If authorization is complete, no prompts appear.
- If the authorization is complete, skip this step.
- In the Add Protection Asset dialog box, add the IP address of a cloud service that you want to protect, and click
OK.
Note
- You must enter the IP addresses of ECS, SLB, and WAF instances, and EIPs within your
Alibaba Cloud account. These instances and EIPs must be in the same region as the
Anti-DDoS Origin Enterprise instance.
- You must separate multiple IP addresses with commas (,).

After the configuration is complete, Anti-DDoS Origin Enterprise protects the IP address
that you added.
FAQ: