cloudflare · patriciasantaana · Dec 4, 2024 · Nov 22, 2024 · Dec 4, 2024 · Dec 4, 2024
@@ -9,8 +9,12 @@ head:
 
 ---
 
+import { Render } from "~/components"
+
 Cloudflare's Advanced DNS Protection, powered by [`flowtrackd`](https://blog.cloudflare.com/announcing-flowtrackd/), provides stateful protection against DNS-based DDoS attacks, specifically sophisticated and fully randomized DNS attacks such as [random prefix attacks](/dns/dns-firewall/random-prefix-attacks/about/).
 
+<Render file="mt-advanced-ddos-systems-onboarding" />
+
 ## How it works
 
 Cloudflare's Advanced DNS Protection works by first learning your traffic patterns and forming a baseline of the type of DNS queries you normally receive. Later, the system will be able to distinguish between legitimate and malicious queries, protecting your DNS infrastructure without impacting legitimate traffic.

@@ -9,8 +9,12 @@ head:
 
 ---
 
+import { Render } from "~/components"
+
 Cloudflare's Advanced TCP Protection, powered by [`flowtrackd`](https://blog.cloudflare.com/announcing-flowtrackd/), is a stateful TCP inspection engine used to detect and mitigate sophisticated out-of-state TCP attacks such as randomized and spoofed ACK floods or SYN and SYN-ACK floods.
 
+<Render file="mt-advanced-ddos-systems-onboarding" />
+
 ## How it works
 
 Advanced TCP Protection can simultaneously protect against different kinds of attacks:

@@ -0,0 +1,9 @@
+---
+{}
+---
+
+:::note
+Advanced TCP and DNS Protection systems are automatically enabled in `Monitor` mode with the default thresholds for new Magic Transit customers and their [authorized prefixes](/magic-transit/how-to/advertise-prefixes/).
+
+Magic Transit customers can also enable the Advanced DDoS systems when the prefixes are ready, change the sensitivity level, or adjust the thresholds by contacting their account team.
+:::