立即咨询

电话咨询

微信咨询

立即试用
商务合作

Tencent Cloud EdgeOne-Edge Security Acceleration Platform

Tencent Cloud EdgeOne - Edge Security Acceleration Platform integrates DDoS/Bot Protection Platform and Web Application Firewall capabilities. It defends against DDoS attacks, blocks malicious Bot activities, and secures web applications at the edge layer, while optimizing resource loading speed. Suitable for multi-business scenarios, it balances security and acceleration to help enterprises build a solid edge security barrier.
立即咨询
数字化产品Web 安全Tencent Cloud EdgeOne-Edge Security Acceleration Platform

 

 

iconProduct Overviewicon
Traditional IDC Web service
High Latency Slow Start Vulnerable
EdgeOne 
Optimal Fast Secure

 

 

iconWhat is Tencent Cloud EdgeOne?icon

The cloud service that Accelerate and Protect applications on the Edge of the Internet

Secure
 Global Capacity: 10Tbps WAF / Anti-DDoS
Block at attackers' own local network
Piece of mind, billing based on clean traffics only 
Both L4 and L7, either a single IP or /24, with full log details & reporting
Bot mitigation 
Fast
Lastmile Latency < 60ms Intelligent Middle Mile
Distributed global network with 2800+ PoPs in all regions
Realtime optimizations on internal links among major Tencent regions
Latest technologies on data transmission efficiencies
Huge Cache Capacity
Simple
 Fast and Easy Onboarding Template Based Configs
Simple, integrated, and intelligent configurations
Easy on-boarding, with full API supports
Managed OWASP security rules, BOT definitions, and route optimizations 
Auto-adjusting rate limiting

 

 

iconProduct Highlightsicon

Static Content Acceleration
Dynamic Content Acceleration
DDoS Protection
Advanced Access Control
Monitoring Metrics & Reports

All in One
All Protect & Perform L4/7 features in one package
Quick & Easy Onboarding
Simple Professional Service process
 CNAME, Anycast IP
Better Visibility
Historical attack data, including L4 attacks
Rate limit features with great visibilities
AI based automatic protection

 

 

iconProduct Highlightsicon
 
All in One
All Protect & Perform L4/7 features in one package.
Quick & Easy Onboarding
Simple Professional Service process
CNAME, Anycast IP.
Better Visibility
Historical attack data, including L4 attacks
Rate limit features with great visibilities
AI based automatic protection.

 

 

iconEdgeOne Resources - Distributed & Connected Data Centresicon
 
Abundant Resource Reserves
2800+ PoPs worldwide, 160T reserved bandwidth
Three-layer construct based on core, backbone and cache nodes
Dedicated lines for edge interconnection to provide         ultimate performance
Resilient
Anycast network provides overallprotection up to 10Tbps, largest DDoSattack in history
Anycast nodes have multiple PNl andTransit lines to ensure high availability
Low latency
Edge based DNS service offers 30ms latency in average
worldwide
End-to-end latency <60ms, uninterrupted global gamingexperience
 
 
 
 
 

 

 

iconEdgeOne Global Resource Distributionicon

 

 

 

iconEdgeOne Product Architectureicon

EdgeOne deploy security measures at the edge closest to users and defend against malicious traffic, support L3/4/7 route optimisation, Persistent Connection and WebSocket

 

 

 

iconEdgeOne Security: Real-time Detection At The Edgeicon
 
Attack Detection
Based on DPDK, network packets are intercepted when passing through EdgeOne network. ML model is then built on traffic behaviour + AI Intelligent engine to determine the existence of attack and deploy countermeasures within 3 seconds.
Clean Traffic
Intelligently spread attacks across PoPs distributedglobally behind Anycast lPs assigned to customersdropping suspicious requests before reaching networkregions near the origins.
Layer 3/4 attacks automatically blocked with fullvisibility and reporting.
ldentification and protection for fingerprint and UDPwatermark application.
CC Attack Mitigation & Rate Limiting, with visiblereporting.
 
 
 

 

 

iconThe Best Integrated Multi-layer Protectionsicon

L4/7 accelerate & protect the same hostnames

CDN
Support static content caching, global PoPs coverage, QUIC compatible, WebSocket, gRPC and other access protocols.
Dynamic Acceleration
Real-time monitoring for latency and quality of route, intelligent dynamic route optimization for L4/L7 traffic forwarding request to origin
Layer 4 Proxy
CNAME proxy or static IP integration to TCP/UDP service, support load balancing and L4 dynamic acceleration.
DNS
Global domain name resolution, support intelligent DNS resolution and CNAME flattening, withstand over 1 million+ QPS and 50 billion+ daily requests at peak.
 
DDoS Protection
Customizable protection strategies thanks to Anycast's distributed architecture and "self-developed+AI recognition" cleansing algorithm.
灵活接口能
Effectively defend against SQLi, XSS attack and related Web attack thanks to Tencent's massive attack sample libraries, covers OWASP Top 10 scenarios and filter traffic to match characteristics.
Bot Management
Bot identification and protection - precise management of Bot access policies, one-click Captcha challenge setup, intelligent Bot behaviour analysis, and whitelisting.

 

 

iconEdgeOne Security: DDoS Protectionicon

Advantages of solution
Anycast distribution and various protection mechanism support Tbps level traffic
Protection around origin, filter attack traffic while making sure requests are uninterrupted
Customizable protection policies to defend against various attack
 Algorithm to identify and cleanse TCP related reflection attack without human intervention
Respond within seconds to ensure stable services

 

 

 

iconEdgeOne Security: DDoS Protectionicon

Geo/Regional blocking
IP blocklist/allowlist
Port number filtering
L3/4 layer payload message blocking
Protocol blocking -TCP, UDP, ICMP Others
Concurrent connection/ packet limit-Global, Per lP

 

 

iconEdgeOne Security: OWASP’s vulnerabilityicon
17 Types of Policy Rules
Web attack identification, Anti-DDoS, low false positive and negative, accurate and effective mitigation against threats like SQLi, XSS and etc in OWASP Top 10.
0-Day Virtual Patch
24x7 security monitoring team publishes high severity 0-day virtual patch without user intervention to shorten response time. With infamous Log4J vulnerability as example, EO offers patch deployment within hour and production in 2 hours to achieve nearly 100% protection.
AI Semantic Analysis
Layered filtering based on AI and semantic analysis integrated rules to further improve protection for complex attacks and reduce false positives.
API Friendly
Support exception rule, flexible whitelisting configuration for various APIs while accounting for site security and API request characteristic.

 

iconEdgeOne Security: Web Protectionicon
Temporarily block client
Clients are temporarily blocked when their requests match web accesscontrol rules
CC attack defense
Identify and mitigate massive HTTP/HTTPS floods triggered by highrequest frequency, request forgery and botnet-launched web applicationattacks, as well as provide managed rules created by Tencent securityexperts.
Custom rules
Customize matching hit rules and configure corresponding disposalmethods.
Managed rules
It provides managed rules to defend against OWASP top 10 and otherattacks, such as SQL injection, XSS, webshell upload, and commandinjection.

 

 

iconEdgeOne Security: Bot Managementicon

EdgeOne Bot threat modelling and dynamic identification

Identify malicious crawler with threat intelligence and comprehensive analysis through multiple identification and verification methods

Crawler program library contains 2,300 known crawlers that combined with threat level and fingerprint rules to provide protection accurately

 

iconEdgeOne Performance: Route and Performance Optimisationicon
Transport layer optimization
Self-developed QTCP and TQuic protocols optimize congestion window, retransmission and other techniques to improve network jitter for bandwidth maximization 
Long Persistent Connection, avoid establishing connection frequently Intelligent compression, improve transmission efficiency
Intelligent routing
Real-time network quality monitoring, dynamic quality map generation
Optimal routing algorithm and Port routing technology select most optimal path to avoid network congestion and failure
Private transmission protocol, dynamic FEC algorithm to improve performance
Intelligent Resolution
Support domain hosting, hand out IP directly and shorten resolution
Anycast distribution reduce corss-border latency and packet loss
Performance Web Software
Multi-threaded, reduce context switching overhead, > 10 million concurrent connection
Storage Engine, high I/O performance for direct disk read and write
Region Center
Multi-tier Cache Structure,maximize cache hit rate
Origin Dedicated Line,guarantee transmission quality between edge and origin 

 

 

iconMulti-integration VS. All-in-one platformicon

 

 

icondgeOne Features in OSI Layersicon

 

 

iconBest Overall CDN Leadericon

Tencent Cloud EdgeOne has the best overall performance in CDN industry

 

 

 

iconTencent Cloud EdgeOne Qualification Certificationicon
PCI DSS
PCI DSS Level 1 Service Provider Joint third-party evaluation agency ATSEC to provide security compliance services around the world
GDPR
Comply with EU GDPR user data protection rules
HIPAA
Publish the HIPAA Self-Assessment Report Passed the requirements of ePHI on protecting the security and privacy of user information
CSA STAR 
International Cloud Security Alliance Gold Level Certification
MPAA
In compliance with Motion Picture Association of America
K-ISMS
Korea Information Security Management System The third company in the world after Amazon and Microsoft
 
ISO 27701
The world's first cloud service provider certified by ISO/IEC 27701:2019 personal privacy security protection
CISPE
The first company in China to be certified by the European Cloud Computing Service Providers Alliance Personal Data Protection Code of Conduct
MTCS
Certification to Singapore Multi-Tier Cloud Security (MTCS) T3 Level Standard

 

 

iconComprehensive Protection with Quick & Easy Onboardingicon

Tip: Quick & Easy onboarding to enable basic features with fine-tuning allowed at a later stage

 

 

iconProprietary Algorithms to Optimize Full Stack Performanceicon
Proprietary algorithms to identify the best path to origin
Detect real-time network latency and quality, to build routing model.
Proprietary algorithm for routing optimization, effectively avoiding poor quality and congested links.
Proprietary packet loss concealment solutions
Incorporates latency and packet loss for accurate network quality detection.
Adaptive network transmission packet loss prediction method, significantly reduces packet loss rate.

 

 

iconResearch of network optimization and applicationicon

Tencent Cloud published "AutoPlex: Inter-Session multiplexing Congestion Control for Large-Scale Live Video Services" in ACM SIGCOMM 2022 WORKSHOP and awarded with praises by acadamia and industry experts. This paper achieved CDN adaptive congestion control for audio and video transmission across WAN.

 

 

iconBeyond HTTP/2.0icon
Transfer Protocols
TCP / UDP / HTTP / HTTPS / QUIC
Push Protocols
RTMP / RTMPS / WebRTC / SRT / QUIC
Playback Protocols
RTMP / FLV / HLS / WebRTC / Dash

Independent TQUIC-SDK
Tencent Cloud's proprietary TQUIC-SDK is a lightweight network library developed based on Google's QUIC protocol stack. 
Key metrics: Latency, TTFF, and success rate
Cache optimization + scheduling precision improvement
Metric collection + correlation analysis
Congestion control optimization
TTFB optimization: First window optimization + 0 RTT ratio improvement

 

 

iconEdge Functions – JS on the Edgeicon

JS Execution Capabilities on Edge Servers, offloadingorigin computing & unnecessary round trips

On-Demand cache prewarming

Security and Performance functions both available

Example (previous client):
Changing colour selection

 

 

iconPerformance, Availability and Scalabilityicon
 
 
It’s easy to test and compare average download time, but not so easy to verify situational performance in different scenarios
Availability is much better on the Edge due to its distributed nature and redundancy levels 
Scalability due to the IAAS service model

 

 

iconAnycast based Security Protectionicon

By leveraging the strengths of Anycast architecture, EdgeOne offers a global protection capability up to 10 Tbps

Traditional scrubbing architecture
Attack protection relies on the protection capabilities of individual nodes. General nodes and large central nodes offer 10–100 and 200–800 Gbps protection respectively.
Large-scale attacks can easily damage the business. As the protection capacity of individual nodes is low, when they are attacked, there will be the risk of continuous scheduling, which will greatly increase the latency
EdgeOne architecture
EdgeOne adopts the Anycast architecture to perform near-origin scrubbing when under attack. The aggregate protection capability can reach 15 Tbps, far exceeding the largest DDoS attack ever recorded (3.45 Tbps).
EdgeOne can identify and mitigate most DDoS attacks within few seconds, with a 99.9% attack mitigation efficiency.

 

 

iconRate Limiting with Better Visibility & Reportingicon

IP Level Traffic Reporting with Aggregation Analysis

 

 

iconPast service experience in large-scale eventsicon
10 Tbps
Volcano managed to provide up to 10Tbps resources to serve unexpected short burst of traffic due to game version updates and e-commerce promotions
60 seconds
With docker container - any single node can complete resource preparation, IP request, deploy container and programs in 60 seconds
5 minutes
Volcano predict available bandwidth of each node and serve 1Tbps of burst resource in 5 minutes

 

 

iconPlansicon

 

 

iconSupport & Serviceicon
Standard Service
Self-service available for FAQ, Documents, Newsletter Subscription, API, and SDK  
24 x 7 hotline for inquiry and ticket system  
Cloud Support Specialist for handling case  
Technical Service Manager
Response Time
Service outage < 15 minutes
System anomaly < 20 minutes Service anomaly < 4 hours  
Inquiry < 8 hours
Add-on for Mediacorp
Preventive Maintenance  
Stability Monitoring and Service Report   
IM real-time response   
Training and enablement  
Architecture and Resource Optimization  
High Availability Calibration
Professional Solution
Event Support  
Managed Integration  
Ad-hoc Change Request  
Customization

 

 

iconSupport & Serviceicon
Technical support team
24 x 7 professional support
Monthly customer-level service reports
Comprehensive and fast response
IM real-time response (QQ/Slack/WeCom)
Call support 
E-Mail communication 
Online consultation

 

 

iconCase: Game account and lobby accelerationicon
Customer Background
This customer provides a unified account platform for overseas games e.g. login and lobby features. It is deployed in Singapore to serve players from Europe, America, Middle East, and South America. Customer focus on performance on acceleration, concurrent QPS and WAF protection to provide high quality experience for their overseas players.
Solutions
Feature group: HTTPS Acceleration + WAF + DDoS Protection
EdgeOne handles millions of concurrent QPS requests through global PoPs to allow players connect via EdgeOne dedicated line for dynamic acceleration and optimize latency by 37.5%.
DDoS Protection easily defend against 10 Tbps attack, help customer reduce global security threat.
Managed WAF rules and AI WAF effectively block bad traffic while ensuring zero false positive.
Global Application Acceleration Platform (GAAP) ensure fast and stable gaming and communication for game servers and lobbies.
 
 
 

 

 

iconCase: E-Commerceicon
 
Customer Background
This customer is an international e-commerce platform covering Singapore, Malaysia, Philippines, Thailand, Vietnam, Brazil, Mexico, Colombia, Chile, Poland and many more. Award winner of "YouGov 2022 Top 10 Best Brand In The World". It focuses on stability and performance especially during key promotional events.
Solutions
Feature group: HTTPS Dynamic Acceleration + CC + WAF + BOT Protection
EdgeOne provides acceleration for small image, video on demand and product information to achieve request forwarding to regional origins in customer's key business area.
EdgeOne ensures stable business during customer's promotional events e.g. 5.5 and 6.6 where it is able to handle traffic volume peaked at 1.5 Tbps, requests up to 3.59 Million QPS and keep hit rate above 97% in average.
EdgeOne WAF and BOT anti-crawler features mitigated numerous malicious DDoS and CC attacks during promotional events, ensuring stable operation.
 
 
 
 
 

 

 

 

产品推荐

赛美特SRM供应商管理系统
赛美特 SRM 供应商管理系统作为供应链采购协同管理系统与采购询价系统,整合产业链上下游供应商与服务商,覆盖采购申请、询比价、合同、送货、质检、结算全流程。系统优化组织与流程,延伸采购管理至全产业链,助力企业管控成本、提升响应速度,增强市场竞争力。
免费试用
查看详情
Link AI企业级AI智能体搭建平台
Link AI企业级AI智能体搭建平台,专注AI客服与私域销售智能体搭建。助SEO优化从业者快速部署智能应答系统,精准匹配用户搜索意图,提升页面交互体验与转化率,强化私域流量的搜索可见性与粘性。
免费试用
查看详情
盈高IP地址管理系统IPAM
盈高IP地址管理系统IPAM是针对IP管理实际工作中遇到的问题,专门研发的一款IP地址管理工具。从IP地址的规划、分配、使用、回收等四个维度切入,通过电子化、自动化、信息多元化的IP地址管理模式,提高IP地址的管理工作效率,节省时间及人力成本,提高数据资产安全性,实现IP地址的全生命周期数字化管理。
免费试用
查看详情
金蝶云星辰冻品行业ERP管理系统
金蝶云星辰冻品行业ERP管理系统,商品多品类、规格管理、批次保质期管理、溯源管理、价格管理等精细化管理。通过零售的称重条码打印设备,对非标产品进行预包装,包装好后进行标准化的售卖,提升销售效率。助力业务员指定销售业绩,帮助业务员对客户进行分层管理多元化客户运营。
免费试用
查看详情