Alibaba Cloud provides you with various DDoS mitigation solutions. You can select an appropriate solution based on your business requirements. This topic describes the DDoS mitigation solutions and application scenarios.
The DDoS mitigation solutions include Anti-DDoS Origin Basic, Anti-DDoS Origin Enterprise, Anti-DDoS Pro, Anti-DDoS Premium, and GameShield. Anti-DDoS Origin Basic is provided free of charge. The following table describes these solutions.
Solution | Overview | Scenario | Mitigation capability |
---|---|---|---|
Anti-DDoS Origin Basic | Anti-DDoS Origin Basic can defend against up to 5 Gbit/s of DDoS attacks free of charge for the public IP address of an Alibaba Cloud asset. The asset can be an Elastic Compute Service (ECS) instance, Server Load Balancer (SLB) instance, Elastic IP Address (EIP), EIP that is associated with a NAT gateway, simple application server, or Web Application Firewall (WAF) instance. | Business that has basic requirements on security. Anti-DDoS Origin Basic is automatically enabled after you purchase an Alibaba Cloud service. We recommend that you use other security solutions for additional protection if your business has higher requirements on security. | The maximum mitigation capability is 5 Gbit/s.
For more information, see Editions. |
Anti-DDoS Origin Enterprise | Anti-DDoS Origin Enterprise improves the mitigation capability for an Alibaba Cloud
asset. The asset can be an ECS instance, SLB instance, EIP, EIP that is associated
with a NAT gateway, simple application server, or WAF instance.
You can apply the mitigation capability of Anti-DDoS Origin Enterprise to Alibaba Cloud assets with a simple configuration. |
|
Anti-DDoS Origin Enterprise provides best effort protection. For more information, see unlimited protection. |
Anti-DDoS Pro and Anti-DDoS Premium | Anti-DDoS Pro and Anti-DDoS Premium protect servers on the Internet against volumetric
DDoS attacks. These servers may be deployed on Alibaba Cloud or provided by a third
party.
After the configuration, traffic that is destined for your origin server is forwarded to Anti-DDoS Pro or Anti-DDoS Premium for scrubbing. Only service traffic is forwarded to the origin server. This ensures the stability and reliability of the origin server. |
|
|
GameShield | GameShield protects against DDoS attacks and HTTP flood attacks in the gaming industry.
Similar to Anti-DDoS Pro and Anti-DDoS Premium, GameShield can defend against Tbit/s-level DDoS attacks. GameShield can also defend against TCP-based HTTP flood attacks that are specific to the gaming industry. |
|
GameShield provides Tbit/s of mitigation capability. |