Introduction to Architecture and Principles

Introduction to DDoS Attacks

A Denial of Service Attack (DoS), also known as a flood attack, is a technique of network assault, which aims at consuming the network or system resources of a target computer to a point of interruption or halt, causing unavailability of the service to the intended clients.

A Distributed Denial of Service attack (DDoS) is when a hacker uses two or more compromised computers on the network as “zombies” to carry out a denial of service attack on a particular target.

Brief Introduction to High Security Principle

High security service is an added protection service launched to counter the unavailability of internet servers (including non-{{channelName}} cloud hosts) after suffering a DDoS attack with a large amount of traffic. This service provides customers with the ability to protect against DDoS, CC attacks, and can protect against SYN Flood, ACK Flood, UDP Flood, ICMP Flood, connection exhaustion attacks, DNS Request/Response Flood, HTTP Get/Post Flood, etc. from third to seventh layer attacks.

Normally, users directly access the source station.

After configuring the high security service, the customer transfers the business into high security (for the business with a domain name, resolve the domain name to the IP or CNAME of high security; for the business without a domain name, replace the business IP with the high security IP), thereafter, all public network traffic will go to the high security data center first, the high security data center will clean and filter the attack traffic, and forward the normal traffic to the source IP, ensuring the source station provides stable and normal service.

Note:

Users refer to those who access the customer's business.

Customers refer to those who purchase high security service.