ChinaCache Security Solution

WAF 120x120 copy

Ultimate security protection against all types of cyber-attacks

ChinaCache Security Solution Overview

Modern applications’ openness leaves vulnerabilities for attackers to infiltrate your infrastructure which could lead to server downtime, user data breach, and more. ChinaCache’s Cloud Shield security solution provides broad protection for websites and applications against all common types of sophisticated attacks, including DDoS, web application, and direct to origin attacks, leveraging its high-bandwidth, globally distributed network with multiple tiered architectures.

Cloud Security Benefits

data encrypt

Seamless Protection

From Layer 3 to Layer 7, ChinaCache gets you covered. Each PoP in our globally distributed network is built with proprietary DDoS mitigation technologies and AI-powered WAF engine to protect you from all common attacks including Ping floods, ICMP floods, OWASP Top 10 threats, malicious bots, and more. The rulesets are updated continuously by ChinaCache’s advanced threat intelligence to improve accuracy and to provide protection against zero-day vulnerabilities.

network setup

Advanced Performance

Cloud Shield security solution provides global protection without sacrificing performance. It is fully integrated with ChinaCache’s global edge delivery platform. By bringing the security logics to the edge, ChinaCache can terminate malicious requests faster and serve the legitimate users directly from its edge cache.

data analysis

Real-Time Control and Visibility

It is important to see what you are dealing with when it comes to cyber threats. ChinaCache provides real-time attacks and mitigation statistics on its Portal. The same set of data is also available to be ingested to your own security intelligence platform via API. Also, with self-provisioning portal, you can create your own specific rules based on your business needs.


Comprehensive WAF Rulesets

On top of the rulesets created and maintained by ChinaCache, its security product also incorporates rulesets from open source communities such as OWASP, Common Vulnerabilities and Exposures (CVE), and Chinese National Vulnerability Database (CNVD). The WAF protects against common attacks, including injection attacks, cross-site scripting, sensitive data exposure, website tempering, directory traversal attack, and more. WAF rules can be customized and managed in real-time via Portal or API based on customers’ each unique request scenarios. All traffic going through WAF is logged and analyzed so that the customers can have 100% visibility into their traffic.

Bot Behavioral Management

ChinaCache Cloud Shield is built with a sophisticated machine-learning engine to dynamically detect good bots from malicious bots to protect applications against web scrappers, malicious API connections, content tampering, user-specific information stuffing, and more. Customers can also create an access control list for bots and customize mechanisms, such as CAPTCHA and JavaScript challenge, to filter away the requests from malicious bots, as an additional layer of protection.

Security scanning and alerting

On top of security protection, ChinaCache developed a new generation intrusion detection system, Cloud Scan, using full traffic mirroring technology and big data analysis. Cloud Scan focuses on web-level intrusion detection to scan for potential threats, discover business risks, generate audit information, and provide alerting or notification to customers.


3-Level Anti DDoS Scrubbing Center

ChinaCache works closely with local Internet Service Providers to strategically deploy three-tiered scrubbing centers around the world for more substantial distributed attacks. Each location within the three-tiered scrubbing center can scrub up to 1 Tbps of DDoS traffic with a total of 30 Tbps (and growing) capacity.

Level 1 – ISP level backbone protection

Level 2 - Hardware firewall with proprietary IP reputation database

Level 3 – Application layer with in-depth packet inspection and device fingerprinting