The Anti-DDoS Pro provides high-capacity attack protection, can effectively resist various high-volume DDoS attacks, and supports the defense against attack of layer 3 to 7 layers.
Main functions of Anti-DDoS Pro include:
1. Management and Configuration
- Supports the creation of Anti-DDoS Pro instance, and can manage the created Anti-DDoS Pro instance.
2. Support Forwarding Settings
- Support the creation of non-web service (IP address) and web service (domain) forwarding rules;
- Supports the forwarding settings of TCP, UDP, HTTP and HTTPS protocols, websocket protocols, multiple-IP back-to-origin, and domain name back-to-origin.
3. Multiple Protection Configuration Rules
- Supports IP black list/white list, URL white list, CC automatic protection and custom protection configurations for fine protection.
- Supports advanced Web Service configurations such as non-standard port access, HTTP address forcible back-to-origin, HTTP visit jump, etc.
4. Flexible Protection Billing Scheme
- Supports elastic protection. Saves costs for you by billing by the actual attack bandwidth.
5. Quick Access
- Enables quick access to Anti-DDoS Pro services in cname-based manner.
6. Massive Attack Protection
- Supports Telecom+Unicom+CMCC's ISP line, 400G of maximum single ISP line capability, total defense capability of T level.
7. Accurate Report Display
- Provides you with a comprehensive understanding of Anti-DDoS Pro services by presenting demonstrations such as DDoS attack reports, forwarding traffic, CC reports, etc.
8. Covered common attack types, see the following table:
||Black list/TCP/UDP/other protocol load feature filterings
|Protocol vulnerability & threat protection
||IP Spoofing; LAND attack; Fraggle attack; Smurf attack; Winnuke attack; Ping of Death attack; Tear Drop attack; IP Option control attack; IP fragment control message attack; TCP tag legality detection attack; Oversize ICMP control message attack; ICMP redirection control message attack; ICMP unreachable control message attack
|Scan pry threat protection
||Port scan attack; Address scan attack; TRACERT control message attack; IP source station routing option attack; IP timestamp option attack; IP routing record option attack, etc.
|Transport layer threat protection
||SYN flood attack; ACK flood attack; SYN-ACK flood attack; FIN/RST flood attack; TCP fragment flood attack; UDP flood attack; UDP fragment flood attack; ICMP flood, etc.
|Application threat protection
||HTTP get /font attack; CC attack; HTTP slow header/post attack; HTTPS flood attack; SSL DoS/DDoS attack; TCP connection exhaustion attack; Sockstock attack; TCP retransmission attack; TCP null connection attack; SIP flood, etc.