Configuring Scenarios

Last updated: 2020-02-17 10:15:26

PDF

Use Cases

DDoS High Defense IP supports custom DDoS advanced defense policies, which can be set according to business characteristics or attack behavior. Usually, each DDoS high defense IP instance is bound to a maximum of one DDoS advanced defense policy. When you have multiple high-defense IP instances under your account, you can choose a maximum of 5 DDoS advanced protection policies.
In order to meet the actual business needs or to deal with changing attack methods, users may need to constantly optimize the policy configuration. To simplify the fine protection management of DDoS, DDoS High Defense IP provides business scenario setting feature. By creating business application scenarios, Backend Background collects, identifies and automatically generates advanced protection policies to achieve flexible configuration or maintenance policies.

Create a business scenario

  • Method one :
    If the DDoS High Defense IP instance purchased by the user is not configured with a business scenario, log in. DDoS Protection Management console Select * * DDoS High Defense IP * *-> * * Defense configuration * * in the left navigation, and the prompt as shown in the following figure will pop up. Click * * create * * to create a business scenario.

A maximum of 5 business scenarios can be created.

  • Method two :
  1. Login DDoS Protection Management console In the left navigation, select * * DDoS High Defense IP * *-> * * Defense configuration * *, and on the configuration page, select * * DDoS Advanced Defense Policy * *-> * * create Business scenario * *.
  1. On the create business scenario page, enter the following parameters according to the actual business characteristics, and click "OK" to complete the setting of a business scenario.
    • ** Business name: ** Required, enter the business name, the length is 1-32 characters, there is no restriction on character types.
    • ** Platform development: ** Check the corresponding type of platform development. There are PC client, mobile, TV and host to choose from.
    • ** Subdivision category: ** Select the type of business to which the business belongs. There are games, apps, websites or other types to choose from.
    • Basic Information:
      • Do you have any overseas customers?
        Check "Yes" or "No", and the configuration item for the corresponding generation policy is to turn off or enable [reject overseas Traffic].
      • Will you initiate a TCP request?
        Check [Yes] or [No]. When you select "Yes", the port on which Enter initiates the TCP request is required. When there are multiple request service ports, all of them are filled in and separated by English ",".
      • Will you initiate UDP service traffic (such as DNS request, NTP request, etc.)?
        Check [Yes] or [No]. When you select [Yes], you need Enter to initiate the port of UDP service traffic. When there are multiple request service ports, all of them are filled in and separated by English ",".
    • Additional information: (click [show more +] to select parameters)
      • Does the UDP load have fixed characteristics?
        Check [Yes] or [No]. By default [No], Enter UDP load feature content is required when [Yes] is selected.
      • Is there a fixed feature of TCP load?
        Check [Yes] or [No]. By default [No], Enter TCP load feature content is required when [Yes] is selected.
      • Is there a Web API service? (separated by English ",")
        Check [Yes] or [No]. Default [No], Enter API business URL is required when [Yes] is selected. When there are multiple API service URL, all of them are filled in and separated by English ",".
  1. After analyzing the business scenario created by the user, Backend Background automatically generates an item with the name of "business scenario." _ The advanced protection policy named "policy_ serial number" (such as "test_policy_1"). Users can configure or adjust the protection policy independently according to the actual special business protection needs.
  • If you only own one DDoS high defense IP instance (resource), if you create only one business scenario, the generated advanced defense policy will be automatically bound to the current instance (resource).
  • ** When the business scenario information is modified, the corresponding high-level protection policy will automatically synchronize the relevant configuration item information. ** If the advanced protection policy is adjusted, it will not be synchronized to the corresponding business scenario information.
  • When one or more instances (resources) are bound with the advanced defense policy of "business scene name _ policy_ serial number", if the repost rule parameters (such as the following parameters) of one of the instances (resources) are modified, Then the corresponding configuration item information in the corresponding advanced protection policy will be automatically synchronized. .
  • (Layer-4) non-website business: TCP/UDP Protocol, repost port range.
  • (Layer-7) website business: HTTP/HTTPS Protocol, repost port defaults to 80Universe 443.

Modify and delete business scenarios

  1. Login DDoS Protection Management console In the left navigation, select * * DDoS High Defense IP * *-> * * Defense configuration * *.
  2. Click * * DDoS Advanced Protection Policy * *, locate the destination business scenario, and click * * configure * * or * * Delete * * to modify or delete it.

When the destination business scenario is deleted, the corresponding advanced protection policy will also be deleted.

For more information, see Manage DDoS advanced protection strategy .