Aegis Anti-DDoS provides advanced security protection policies against DDoS attacks. You can bind the policies to protective IPs or IPs protected by protection packs based on the needs of your business platform, and then use features such as protocol disabling, port disabling, IP blocklist/allowlist, message characteristic filtering policies and null session prevention to achieve targeted protection capabilities for the platform. For more information on the configuration, see Custom Advanced Security Policy.
Adding an Advanced Security Policy
- Go to the Aegis Anti-DDoS Console, click Advanced Anti-DDoS Policy* in the left pane, and click **Add Policy. After successful addition, click Configuration in the "Operation" column to enter the policy configuration page.
- Select the disabled protocol and port to be configured, set the IP blocklist/allowlist, and filter the message characteristics. You can optionally enable the prevention against traffic from outside China and null sessions. Click OK to finish adding the policy.
Binding an Advanced Security Policy Directly to a Protected IP
- Click Advanced Anti-DDoS Policy* in the left pane, and click a **Policy ID.
- Click List of bound IPs and click Add IP.
Binding a DDoS Protective IP with an Advanced Security Policy
- Click DDoS Protective IP and click "Protective IP".
- Click Advanced configuration on the DDoS Protective IP page. Click Bind, select an advanced anti-DDoS policy in the "Configure Advanced Anti-DDoS Policy" pop-up and click OK.
Configuring an Advanced Security Policy for a Protected IP Under a DDoS Protection Pack
- Click DDoS Protection Pack and click a protection pack ID.
- On the DDoS protection pack details page, click Protected IP List, select the IP to be configured and click "Configure advanced security policy".