Version Selection
If you are a business user with certain requirements for disaster recovery and traffic, we recommend that you choose the enterprise version of UWAF service. If the business traffic is greater than 100Mbps, it is recommended to choose the appropriate UWAF version according to the size and importance of your own business.
For the discontinued trial and advanced versions, the configuration of the historical users is retained and can still be used. For trial version users who have purchased more than 3 months, configuration editing will be restricted, that is, new configurations cannot be added and existing configurations cannot be modified. This does not affect the user configurations that have already taken effect.
Version Comparison
!> Note:
× indicates that this version does not support this feature
ULB represents that this item depends on the configuration of ULB
Function Description
| Product Parameter | Description | Enterprise Edition | Flagship Edition | Custom Edition | ULB Special Edition |
|---|---|---|---|---|---|
| HTTP | HTTP (80) port security protection | Yes | Yes | Yes | ULB |
| HTTPS | HTTPS (443) port security protection | Yes | Yes | Yes | ULB |
| HTTP2.0 | Security protection for HTTP2.0 business | Yes | Yes | Yes | ULB |
| Non-standard port | Secure protection of business ports other than 80 and 443 | Yes | Yes | Yes | ULB |
| External Cloud Source Station | The user’s application/source station is deployed outside the UCloud Global cloud | Yes | Yes | Yes | × |
| Basic protection | Common web attacks such as XSS, SQL injection, and command execution | Yes | Yes | Yes | Yes |
| Generic domain name | Add generic domain names for protection | Yes | Yes | Yes | Yes |
| TLS Configuration | Configurable global (all domains) TLS version and encryption suite | Yes | Yes | Yes | ULB |
| Bandwidth extension | Increase bandwidth through extension packages beyond version limit | Yes | Yes | Yes | ULB |
| Domain extension | Add more domains via extension packages beyond version limit | Yes | Yes | Yes | Yes |
| Additional dedicated IP points | Increase additional dedicated IP points through extension packages | Yes | Yes | Yes | × |
| Log extension package | Preserve logs for 180 days with extension package, meeting the protection requirements | Yes | Yes | Yes | Yes |
| Custom protection | Configurable custom protection rules with various conditions | Yes | Yes | Yes | Yes |
| 0Day Protection | Quickly protect the latest Web vulnerabilities | Yes | Yes | Yes | Yes |
| CC Protection | CC attack protection, default or custom protection strategy | Yes | Yes | Yes | Yes |
| CC Blocking IP | Check or unblock IP blocked by CC rules | Yes | Yes | Yes | × |
| Malicious IP Blocking | Block IPs that trigger protection rules multiple times | Yes | Yes | Yes | Yes |
| Regional IP Blocking | Implement access control for specific areas according to rules | Yes | Yes | Yes | Yes |
| Information Security Protection | Perform corresponding protection filtering according to the rules on response content | Yes | Yes | Yes | Yes |
| IP Query | Query the access and attack conditions of IP to the domain | Yes | Yes | Yes | Yes |
| Black and White list | Add IP, IP segments to block specific IP’s access | Yes | Yes | Yes | Yes |
| Log Service | Real-time log search query and download | Yes | Yes | Yes | Yes |
| Certificate Management | Adding, Deleting, and Binding of SSL certificates | Yes | Yes | Yes | ULB |
| Interception page | Customized warning or blocking page after triggering rules | × | Yes | Yes | × |
| Webpage anti-tampering | Prevent web pages from being tampered to a certain extent | Yes | Yes | Yes | × |
| Security Alert | Send safety risk or business abnormal alarm through message or email | Yes | Yes | Yes | Yes |
The available areas currently supported by ULB Special Edition can be seen in Pricing Explanation.
Apart from ports under 80 not being supported by non-standard ports, other ports are all supported.
Performance and Quota Comparison
| Product Parameter | Enterprise Edition | Flagship Edition | Customized Edition | ULB Special Edition* |
|---|---|---|---|---|
| Bandwidth (Outside/Inside Cloud) | 40Mbps/ 120Mbps | 60Mbps/ 200Mbps | 100Mbps/ 300Mbps | ULB |
| Total domain number* (piece) | 20 | 50 | 70 | 20 |
| Generic domain number* (piece) | 2 | 5 | 7 | 2 |
| Dedicated IP points (piece) | 3 | 5 | 10 | × |
| Domain deployment region (piece) | 1 | 2 | 3 | ULB’s location |
| QPS | 3000 | 5000 | 10000 | ULB |
| System rules (domain / piece) | 20 | 40 | 50 | 20 |
| CC rules (domain / piece) | 10 | 20 | 30 | 10 |
| CC protection peak* (QPS) | 50000 | 100000 | 300000 | ULB |
| Malicious IP Blocking* (domain/piece) | 5 | 5 | 5 | 5 |
| Regional IP Blocking (domain/piece) | 10 | 10 | 10 | 10 |
| Information Security Protection (domain/piece) | 10 | 20 | 30 | 10 |
| IP Query (piece/day) | 30 | 30 | 30 | 30 |
| Black/White list (domain/piece) | 500 | 1000 | 3000 | 500 |
| Global black/white list | 10 | 10 | 10 | 10 |
| Log Query and Download | Support | Support | Support | Support |
| Log 180 Days Storage | × | Support | Support | × |
| Web page anti-tampering (domain/piece) | 20 | 20 | 20 | × |
| Generic domain name | Support | Support | Support | × |
| Interception page | × | Support | Support | × |
| Customized requirement | × | Support | Support | Support |
?> Remark:
ULB Special Edition: ULB Special Edition WAF needs to be bound to at least 1 ULB. If bound to multiple ULBs, cumulative billing is adopted, and version quotas will also be accumulated.
For example, if you bind 2 ULBs, then you need to pay 7300 yuan/month, you can support 40 domains in total, and other quotas will be doubled.
Total Number of Domain Names/Generic Domain Names: One generic domain can be added for every 10 domain quota. Under normal circumstances, only 2 generic domain names can be added for the enterprise version, and the same applies to other versions.
CC Protection Peak*: the CC protection peak in the table is the value obtained from the experimental environment test, and the actual protection peak is related to the network environment and the number of new connections.
Malicious IP Blocking*: if the attack type of the rule is “all”, only one can be set, and no other rules of attack type can be added. If there are rules of specific attack types, rules of attack type “all” cannot be added.
If the version quota cannot meet your needs, you can buy extension packages. For details, click: Extension Package Function
Parameter Description
| Parameter | Description |
|---|---|
| Bandwidth (Outside/Inside Cloud) | If the source station/application is deployed inside the UCloud Global cloud (e.g. UHost host) and is in the same region as the actual deployment of UWAF, it enjoys internal cloud bandwidth and is restricted by the internal cloud bandwidth threshold. In other cases, it is regarded as public network source station and is restricted by the external cloud bandwidth threshold. If the user’s business bandwidth exceeds the version limit, there may be risks such as increased request delay and business link disconnection. |
| Domain number | The maximum number of domains that can be added in this version. For every 10 domain quotas, 1 generic domain name can be added. The domain quota can be increased by purchasing extension packages. |
| Dedicated IP points | One dedicated IP point can bind a WAF protection IP to a domain independently. Compared with domains sharing EIP, domains using dedicated IP will not affect other domains when under traffic attack. More points can be obtained by purchasing extension packages. |
| Domain deployment region | The working area where the domain configuration is generated. It is recommended to choose a region close to the source station to reduce access delay. |
| QPS | The maximum returned source QPS supported by this version. QPS is the response rate per second, which can represent the maximum throughput. If this limit is exceeded, there may be risks such as increased request delay and business link disconnection. |
| System rules | Customize rules according to IP, User-Agent, Referer, request method, request content and other fields. Each field can choose conditions such as contains, greater than, regex, multiline match, etc. |
| CC rules | Based on the request frequency of the origin IP to a certain file or path, block or pop up a captcha to limit the request frequency of IP with high frequency. |
| CC protection peak | The maximum concurrent link number of this version. If this limit is exceeded, there may be risks such as increased request delay and business link disconnection. |
| Malicious IP Blocking | IPs that trigger protection rules multiple times are blocked. IPs that trigger malicious IP blocking rules will be added to the blacklist. |
| Regional IP blocking | Define whether to block or allow a request based on the regional origin of the request IP. |
| Information security protection | Phone numbers, IDs, etc. are desensitized to prevent leaks. Besides, it can also block based on the response content. The format of the response content should be text/html or text/plain. It can also disguise the response content or change the response blocking based on the response code of the source station. |
| IP Query | The IP query function can query the basic information of the specified IP and the request statistical information of the IP accessing WAF within the specified time period. |
| Black/white list | Requests from IPs or IP segments in the blacklist will be blocked. Requests from IPs or IP segments in the whitelist will be allowed and not subject to security checks. |
| Log Query and Download | By default, you can query the recent 10,000 attack and access logs within 3 days and download the request and attack logs within 7 days. If you need longer log storage and download services, please buy and start the log extension package service (users above the flagship version provide 180 days of log storage for free). |
| Log 180 Days Storage | Attack logs and access logs are stored for 180 days. Users can download the attack or access logs of the recent 180 days on the console. |
| Web page anti-tampering | Add html/htm static pages to prevent this page from being maliciously tampered by hackers. |
| Generic domain name | Add generic domain names for protection. |
| Interception page | Customize the alert interception page content after triggering rules, supporting html and txt formats. |
| Customized requirement | If some functions cannot be adjusted on the console, please consult technical support. |