다큐멘트 센터 Flood Shield 2.0 User Guide Threat Intelligence (Value Added Services)

Threat Intelligence (Value Added Services)

최신 업데이트:2024-10-25 14:27:05

Based on a large number of attack samples captured by CDNetworks, through feature engineering and expert rule analysis modeling strategies, Flood Shield 2.0 can generate accurate IP threat intelligence applicable to different scenarios. You can use threat intelligence to monitor traffic initiated by suspected malicious IPs, and if necessary, enable interception as a supplemental protection measure.

Threat intelligence mainly includes the following types:

  • Specific Attack Risk IPs: High-risk IPs that are intercepted by the Flood Shield 2.0 and continue to initiate attacks. The types of attacks include: DDoS Attack, Web Attack, Scraper, and Scanner.
  • Industry Attack Risk IPs: High-risk IPs that are intercepted by the Flood Shield 2.0 and continue to initiate attacks against specific industries.
  • Attack Resource Risk IPs: IP resources often used by hackers to initiate various types of attacks. This type of information is collected externally, and the main types of IPs include: Proxies, Cloud vendors, IDC vendors, Open-source Blacklist IP Reputation Databases, etc.

To configure Threat Intelligence:

  1. Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
  2. Go to Security part, Configurations > Policies.
  3. Find the hostname for which you want to configure security policies, click Self-Service Configuration for China Premium Service Onboarding.
  4. Go to Threat Intelligence tab. If this policy is off, turn it on.

Using Threat Intelligence

  • Find the type of threat intelligence you wish to handle and select the action you need to execute.
  • Click Publish Changes to make the configuration take effect.
이 문서의 내용이 도움이 되었습니까?
아니오
정상적으로 제출되었습니다.피드백을 주셔서 감사합니다.앞으로도 개선을 위해 노력하겠습니다.