Item | Description |
Status Monitoring | Displays real-time input/output traffic, connection count, and intercepted traffic for all devices within the cluster. |
Shows real-time input/output traffic, input-intercepted traffic, and input-intercepted packet count for server IP addresses. |
Displays server connection status (source IP, destination IP, source port, destination port, protocol status). |
Supports connection count statistics for server address pairs (source IP address, destination IP address). |
Ranks server TOP N information (traffic, packet count, intercepted traffic, intercepted packet count, device). |
Supports online packet capture and analysis. |
Supports viewing dynamic and static blacklists and whitelists. |
Traffic Diversion and Blackhole | Supports BGP traffic diversion. |
Supports RIP and RIPng traffic diversion. |
Supports OSPFv2/v3 traffic diversion. |
Supports static route traffic diversion. |
Supports policy-based route traffic diversion. |
Supports custom diversion configuration (diversion and diversion removal time settings). |
Supports manual viewing of diversion status. |
Supports viewing diversion history records. |
Supports logging of router action commands |
Supports customization of automatic blackhole routing policies |
Supports TOP traffic ranking-based traffic steering |
Supports presetting of router actions |
Supports ACL-based traffic redirection and IP blocking |
Supports whitelist protection for routing steering |
Supports configurable blackhole counting cycles (e.g., first steering, second steering, third steering... with customizable unblocking time for each steering event) |
Supports steering API interface, including querying steering status, initiating/revoking steering, and configuring IP address ranges or specific IPs for steering rules via the API |
Supports traffic steering based on the total traffic of one or multiple address groups (defines a traffic threshold; when the combined traffic of all addresses within the rule exceeds the threshold, the TOP1 address by traffic in the group is steered) |
Traffic Re-injection | PBR Traffic Re-injection |
GRE Traffic Re-injection |
MPLS Traffic Re-injection |
MPLS VPN Traffic Re-injection |
VLAN Layer 2 Traffic Re-injection |
Dual-Arm Layer 3 Traffic Re-injection |
Attack Defense | Customizable Attack Rule Thresholds(supports manual input for SYN, TCP, UDP, ICMP, and IP protection trigger thresholds) |
Supports Character/16-bit Hex Signature Filtering |
Supports Customizable Signature Packet Frequency Rate Limiting |
Supports Automatic Blacklisting of Source IPs When Signature Packet Frequency Exceeds Limits |
Supports Automatic Blacklisting of Source IPs Based on Occurrence Count of Single-Packet Signatures |
Supports Source/Destination Feature Tagging, with Blacklisting or Allowlisting of Source IPs Based on Tags |
Support filtering based on packet size. |
Support rate limiting based on specified packet length. |
Support configuring the number of packets allowed to pass within a specified time period (by source IP or destination IP). |
Support configuring the traffic volume allowed to pass within a specified time period (by source IP or destination IP). |
Support customizing the timeout for each rule's blacklist. |
Support forcibly terminating connections for blacklisted source IPs. |
Support globally blacklisting source IPs or blacklisting specific servers. |
Support rule actions: continue, pass, or exit locally. |
Support shared register data within rules. |
Support bidirectional signature filtering. |
Support relative signature offset filtering starting from TCP data. |
Support signature filtering based on specified offset positions. |
Support whitelisting source IPs based on signature values. |
Support whitelisting source IPs based on packet size. |
Support traffic rate limiting. |
Support packet rate limiting. |
Support real-time connection number-based blacklisting of source-destination IP address pairs. |
Filter Rule | Support configuring access control policies based on (geolocation, source IP address, destination IP address, source port, destination port, protocol number, and flag bits). |
HTTP Protection Plugin | Support user-transparent JS verification |
Support interactive verification with skip button |
Support customizable interactive question verification |
App Security | Support transparent forwarding mode domain protection (HTTP domains and HTTPS domains) |
Support reverse proxy mode domain protection (HTTP domains and HTTPS domains) |
Support custom protection rule configuration (Method, URL, source IP, Referer, User - Agent, Content - Length, Host, HTTP code, HTTP version) |
Support various disposal results (frequency limitation, interception, interception and blacklisting, release, release and trust) |
Support viewing real - time domain information |
Support real - time acquisition of domain attack analysis records |
Support domain whitelist protection |
Support Layer 2 and Layer 3 routing configuration |
Game Protection Plugin | Maximum connection limit for source and destination addresses |
Server maximum connection protection |
Automatic release of idle connections |
DNS Protection Plugin | DNS domain name blacklist and whitelist |
DNS domain name access control and rate limiting |
Defense against DNS cache poisoning attacks |
Protection against DNS spoofing attacks |
Protection against domain hijacking |
DNS domain name redirection |
Dynamic DNS cache proxy |
DNS failover protection |
DNS TOP N ranking |
Defense against random DNS domain name attacks |
Protection against DNS Query and Reply Flood attacks |
Static Sampling Plugin | UDP Sampling Plugin(Automatically defends against UDP flood attacks) |
ICMP Sampling Plugin(Automatically defends against ICMP flood attacks) |
IP Sampling Plugin(Automatically defends against IP flood attacks) |
Deployment Method | Support transparent series deployment, bypass dual - arm deployment, bypass single - arm deployment (Note: The original text repeated "bypass dual - arm deployment", here only translated once), and also supports single - unit hybrid mode deployment. It can adopt routing mode deployment, and a single device can freely switch working modes according to the actual environment |
Attack Tracing | Supports recording attack source addresses and actively analyzing the geographical location and network route of the attacking IPs |
Supports Unified Cluster Management | Enables unified viewing, management, and configuration of the status and network data of all distributed nodes, with no upper limit on the maximum managed cluster capacity |
Custom Security Reports | Security reports can be exported |
Supports configuring scheduled tasks for automatic export of security reports |
Log Reports | Attack Logs(Includes attack start/end time, peak attack traffic, peak blocked traffic, packet count, blocked packet count, and attacking source IPs) |
Traffic Logs(Device traffic logs, per-server traffic logs—including inbound traffic, outbound traffic, blocked traffic, and connection attempts—default storage period: 30 days) |
Connection Monitoring Logs |
Attack Statistical Analysis Reports |
Custom system identification | Facilitate identification and humanized management for multi - node and multi - cluster users |
Device management source address restriction | Source address access can be restricted |
License configuration | Support free switching between AFC and AFD (Clear the database before switching) |
Users | Support two - factor authentication (Including account password login and email verification code login) |
Login
Products and Solutions
Supports defense against traffic-based attacks such as SYN Flood, UDP Flood, ICMP Flood, ACK Flood, DNS Flood, HTTP Flood, and SIP Flood.
Technical Documents
Software Download