:What security services does Alibaba Cloud provide when apsaradb for RDS is attacked?

Problem description

The security service that Alibaba Cloud provides for RDS instances when they are attacked.

Solution

When the Alibaba Cloud security system determines that a database is under attack, traffic scrubbing or black hole filtering is enabled. The following are details of different processing methods.

traffic scrubbing

Any of the following conditions can trigger traffic scrubbing for inbound Internet traffic:

Note: the RDS instance can still be normally accessed.

• PPS(Package Per Second) reaches 30,000.
• The BPS(Bits per Second) reaches 180MB.
• The number of new concurrent connections per second reaches 10,000.
• The number of active connections reaches 10,000.
• The number of inactive links reaches 100,000.

Black hole filtering

You can set any of the following conditions to trigger a black hole for inbound Internet traffic:

Note: after the black hole is triggered, RDS cannot be accessed within 4 hours.

• The BPS value reaches 2GB in Bits per Second.
• Traffic scrubbing is ineffective.

Application scope

• ApsaraDB RDS for MySQL
• ApsaraDB RDS for SQL Server