This topic describes how to view the DDoS mitigation information about assets that belong to your Alibaba Cloud account and how to improve the DDoS mitigation capability of an asset. The assets are assigned public IP addresses.
Procedure
- Log on to the Traffic Security console.
- In the left-side navigation pane, click Assets.
- On the Assets page, view the description of DDoS attack mitigation or DDoS mitigation information about each asset.
- In the DDoS Attack Protection Information section, you can perform the following operations:
- Click Default Basic Protection Threshold to view default thresholds at which Anti-DDoS Origin Basic automatically triggers blackhole filtering in each region.
- Click Blackholing to view the blackhole filtering policy of Alibaba Cloud.
- Click Anti-DDoS Origin to go to the Manage Instances page. You can purchase Anti-DDoS Origin instances based on your business requirements. For more information, see Purchase an Anti-DDoS Origin Enterprise instance.
- You can perform the following steps to view the DDoS mitigation information about each asset:
- Click the tab based on the type of assets that you want to view. For example, you can click ECS.
- In the asset list, view the DDoS mitigation information about each asset.
Parameter Description Instance ID/IP The public IP address of an asset. You can click the public IP address of an asset to go to the IP Address Details panel. Then, you can view the traffic trends of the asset and the details of the events that occurred on the asset.
IP Status The security status of an asset. - Normal.
- Cleaning. You can cancel traffic scrubbing. For more information, see Cancel traffic cleaning.
- Black Hole Activated. You can view the blackhole filtering events. For more information, see View the point in time when blackhole filtering is triggered for an asset and the reason why blackhole filtering is triggered.
Mitigation Capabilities The mitigation capability of an asset. The capability indicates the maximum bandwidth of DDoS attacks that can be mitigated. If the bandwidth that is consumed by DDoS attacks exceeds the mitigation capability of the asset, blackhole filtering is triggered for the asset. For more information about how to improve the mitigation capability of an asset, see Step 4.4
Traffic Scrubbing Threshold The minimum bandwidth that must be reached before traffic scrubbing is triggered. The bandwidth is measured in Mbit/s and packets per second (pps). For more information, see Configure a traffic scrubbing threshold.
- In the DDoS Attack Protection Information section, you can perform the following operations:
- Improve the mitigation capability of an asset. If the mitigation capability of Anti-DDoS Origin Basic cannot meet your business requirements, you can use Anti-DDoS Origin Enterprise, Anti-DDoS Pro, or Anti-DDoS Premium based on your business scenarios. For more information, see the Scenario-specific anti-DDoS solutions section of this topic.
- Use Anti-DDoS Origin Enterprise to protect an asset
The following procedure describes how to use Anti-DDoS Origin Enterprise to protect an ECS instance. You can use this example as a reference for other types of assets.
- Select the public IP address of the ECS instance for which you want to protect on the ECS tab and click Add Anti-DDoS Origin.
- In the Anti-DDoS Origin panel, find the required instance and click Add in the Operation column. In the message that appears, click OK.
Note If no Anti-DDoS Origin Enterprise instances exist, go to the buy page to purchase an instance. For more information, see Purchase an Anti-DDoS Origin Enterprise instance. - Use Anti-DDoS Pro or Anti-DDoS Premium
In the left-side navigation pane, click Network Security. Then, click Anti-DDoS Pro or Anti-DDoS Premium to go to the related console. For information about the configurations of Anti-DDoS Pro or Anti-DDoS Premium, see Quick start.
- Use Anti-DDoS Origin Enterprise to protect an asset
Supported regions
The following table lists the regions in which Anti-DDoS Origin Basic is available.
District | Region |
---|---|
Asia Pacific | India (Mumbai), Thailand (Bangkok), Philippines (Manila), Japan (Tokyo), Indonesia (Jakarta), Malaysia (Kuala Lumpur), South Korea (Seoul), Singapore, Australia (Sydney), China (Hong Kong), China (Chengdu), China (Guangzhou), China (Heyuan), China (Shenzhen), China (Ulanqab), China (Hohhot), china (Zhangjiakou), China (Beijing), China (Qingdao), China (Fuzhou-Local Region), China (Nanjing-Local Region), China (Shanghai), China (Hangzhou), China East 1 MYbank, Zhengzhou (CUCC Joint Venture), and China North 2 Finance |
Europe & Americas | UK (London), Germany (Frankfort), US (Virginia), and US (Silicon Valley) |
Middle East | SAU (Riyadh) and UAE (Dubai) |