tencent cloud


DDoS Protection Level

Last updated: 2022-04-28 10:10:18

    This document introduces the use cases of different protection levels and the actions Anti-DDoS Advanced (Global Enterprise Edition) takes to defend against DDoS attacks. You can follow this guide to set the DDoS protection levels in the console.

    Use Cases

    Anti-DDoS Advanced provides three available protection levels for you to adjust protection policies against different DDoS attacks. The details are as follows:

    Protection LevelProtection ActionDescription
  • Filters SYN and ACK data packets with explicit attack attributes.
  • Filters TCP, UDP, and ICMP data packets that are not compliant with the protocol specifications.
  • Filters UDP data packets with explicit attack attributes.
  • This cleansing policy is loose and only defends against explicit attack packets.
  • We recommend choosing this protection level when normal requests are blocked. Complex attack packets may pass through the security system.
  • Note:

    • If you need to use UDP in your business, please contact Tencent Cloud Technical Support to customize an ideal policy for not letting the level Strict affect normal business process.
    • The level Medium is chosen by default for your Anti-DDoS Advanced (Global Enterprise Edition) instance. You can set the DDoS protection level for your business needs and also the cleansing threshold. Attack traffic will be cleansed when it is detected higher than the threshold you set.


    You have purchased an Anti-DDoS Advanced (Global Enterprise Edition) instance and set the object to protect.


    1. Log in to the Anti-DDoS Advanced (Global Enterprise Edition) Console and click Anti-DDoS Advanced (New) -> Configurations->DDoS Protection on the left sidebar.
    2. Select an Anti-DDoS Advanced instance ID in the list on the left, such as "xxx.xx.xx.xx bgpip-000003n2".
    3. Set the protection level and cleansing threshold in the DDoS Protection section on the right.

      If you have a clear concept about the threshold, set it as required. Otherwise leave it to the default value. Anti-DDoS will automatically learn through AI algorithms and calculate the default threshold for you.

    Parameter Description:

    • Level
      If the protection is enabled, the level Medium is chosen by default for your Anti-DDoS Advanced (Global Enterprise Edition) instance. You can adjust the DDoS protection level for your business needs.
    • Cleansing Threshold
      • This indicates a value to trigger cleansing. Cleansing will not be triggered by the traffic below the threshold you set even though it is found malicious.
      • If the protection is enabled, your Anti-DDoS Advanced instance will use the default cleansing threshold after your business is connected, and the system will generate a baseline based on historical patterns of your business traffic. You can also set the cleansing threshold for your business needs.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support