A comprehensive DDoS protection service for enterprise to intelligently defend sophisticated DDoS attacks, reduce business loss risks, and mitigate potential security threats. Its ensures the availability of network links and improves business continuity. Backed by its large-scale and distributed operating system and more than a decade of experience in defending against security attacks, Flou customers can purchase DDoS service to protect their cloud assets

• Traffic Scrubbing Against DDoS Attacks.

Detects and prevents attacks such as SYN flood, ACK flood, ICMP flood,

UDP flood, NTP flood, DNS flood, and HTTP flood.

• DDoS Attack Display

Allows you to view DDoS attacks in the console and search for DDoS

attacks by IP address, status, and event information.

• DDoS Traffic Analysis

Allows you to monitor and analyze the traffic of a DDoS attack, and view

the attack traffic protocol and the top 10 IP addresses that have launched

most attacks.

• Easy deployment

You can connect your services to Anti-DDoS by using domain names or IP. The process requires up to five minutes. You do not need to install hardware or software or configure routers.

• Massive protection bandwidth

Anti-DDoS can mitigate a minimum of 8 Tbit/s of DDoS attacks in the Chinese mainland, and a minimum of 2 Tbit/s outside the Chinese mainland. These services protect servers against DDoS attacks at the network layer, transport layer, and application layer.

• Precise protection

Anti-DDoS provide precise protection against various attacks on transactions, encryption services, Layer 7 applications, smart terminals, and online services.

• Intelligent protection

Anti-DDoS automatically optimize protection algorithms and learn service traffic baselines from the protection analysis of volumetric and resource exhaustion DDoS attacks. This enables the services to identify malicious IP addresses, scrub traffic, and filter out attack traffic.

• Burstable protection

Anti-DDoS support burstable protection. You can configure this feature in the Anti-DDoS console. The settings take effect within seconds, and you do not need to install additional devices. Your services are not interrupted during the process. Therefore, you do not need to make any adjustments to your services.

• Origin server security ensured

Anti-DDoS hide the IP addresses of origin servers. This way, attackers cannot identify the address of your origin server. This increases the security of your origin server.

• Protection against volumetric DDoS attacks

Volumetric DDoS attacks at the transport layer congest networks, leave data centers unavailable, interrupt your services, or even make the services stop responding. Based on technologies such as proxy, detection, rebound, authentication, blacklist, whitelist, and packet compliance, Anti-DDoS implement IP reputation investigation, near-origin traffic scrubbing, and in-depth packet analysis of network fingerprints, user behavior, and content characteristics. These technologies block and filter out threats based on custom rules. This enables the protected services to provide external services even under continuous attacks.

• Protection against resource exhaustion DDoS attacks (HTTP flood attacks)

Anti-DDoS integrate intelligent protection engines to protect against resource exhaustion DDoS attacks when application-layer services are interrupted under attacks. Anti-DDoS also support URL-level threat filtering at custom frequencies to improve the protection success rate, protection efficiency, and work efficiency of O&M personnel.

• Stability and high availability

Anti-DDoS use high-availability network protection clusters to prevent single point of failures and redundancy. The processing capabilities of Anti-DDoS can be scaled up. They also offer automatic detection and attack policy matching to provide real-time protection and a scrubbing service availability of up to 99.99%.

Anti-DDoS monitor the inbound traffic of traffic scrubbing centers and the CPU and memory resources of all servers in the traffic scrubbing centers. This helps ensure the availability of the traffic scrubbing centers. They also monitor the availability of server engines and have automatic disconnection and recovery mechanisms of the servers.

Anti-DDoS monitor the availability of back-to-origin links, and automatically switch to secondary links when primary links are unstable. This ensures link availability.

Anti-DDoS perform health checks on protected origin servers. If an origin server is not running at optimal capacity, the service traffic is forwarded to another origin server. They also monitor the HTTP status codes of origin servers and initiate back-to-origin or switchover operations when errors are detected.

• Traffic scheduling

Anti-DDoS schedule traffic based on cloud service-specific security events and DNS resolution. If no DDoS attacks occur, they are dormant, and service traffic is directly forwarded to the origin server. If DDoS attacks occur, they automatically enable DDoS mitigation. You can customize the scheduling templates of Anti-DDoS to automatically schedule DDoS mitigation based on your business requirements.