Anti-DDoS Pro


Anti-DDoS Pro


The Anti-DDoS Pro provides high-capacity attack protection, can effectively resist various high-volume DDoS attacks, and supports the defense against attack of layer 3 to 7 layers.

Main functions of Anti-DDoS Pro include:

1. Management and Configuration

  • Supports the creation of Anti-DDoS Pro instance, and can manage the created Anti-DDoS Pro instance.

2. Support Forwarding Settings

  • Support the creation of non-web service (IP address) and web service (domain) forwarding rules;
  • Supports the forwarding settings of TCP, UDP, HTTP and HTTPS protocols, websocket protocols, multiple-IP back-to-origin, and domain name back-to-origin.

3. Multiple Protection Configuration Rules

  • Supports IP black list/white list, URL white list, CC automatic protection and custom protection configurations for fine protection.
  • Supports advanced Web Service configurations such as non-standard port access, HTTP address forcible back-to-origin, HTTP visit jump, etc.

4. Flexible Protection Billing Scheme

  • Supports elastic protection. Saves costs for you by billing by the actual attack bandwidth.

5. Quick Access

  • Enables quick access to Anti-DDoS Pro services in cname-based manner.

6. Massive Attack Protection

  • Supports Telecom+Unicom+CMCC's ISP line, 400G of maximum single ISP line capability, total defense capability of T level.

7. Accurate Report Display

  • Provides you with a comprehensive understanding of Anti-DDoS Pro services by presenting demonstrations such as DDoS attack reports, forwarding traffic, CC reports, etc.

8. Covered common attack types, see the following table:

Attack Classification Description
Exception Filter Black list/TCP/UDP/other protocol load feature filterings
Protocol vulnerability & threat protection IP Spoofing; LAND attack; Fraggle attack; Smurf attack; Winnuke attack; Ping of Death attack; Tear Drop attack; IP Option control attack; IP fragment control message attack; TCP tag legality detection attack; Oversize ICMP control message attack; ICMP redirection control message attack; ICMP unreachable control message attack
Scan pry threat protection Port scan attack; Address scan attack; TRACERT control message attack; IP source station routing option attack; IP timestamp option attack; IP routing record option attack, etc.
Transport layer threat protection SYN flood attack; ACK flood attack; SYN-ACK flood attack; FIN/RST flood attack; TCP fragment flood attack; UDP flood attack; UDP fragment flood attack; ICMP flood, etc.
Application threat protection HTTP get /font attack; CC attack; HTTP slow header/post attack; HTTPS flood attack; SSL DoS/DDoS attack; TCP connection exhaustion attack; Sockstock attack; TCP retransmission attack; TCP null connection attack; SIP flood, etc.
Update Time:2019-04-19 15:19:34