cloudflare · patriciasantaana · Dec 6, 2024 · Nov 25, 2024 · Nov 25, 2024 · Dec 6, 2024
@@ -12,7 +12,7 @@ import { GlossaryTooltip } from "~/components"
 
 ## Autonomous Edge
 
-The Cloudflare Autonomous Edge is powered by the denial-of-service <GlossaryTooltip term="daemon" prepend="A daemon is ">daemon</GlossaryTooltip> (`dosd`), which is a home-grown software-defined system. A `dosd` instance runs in every single server in every one of [Cloudflare global network's data centers](https://www.cloudflare.com/network/) around the world. These `dosd` instances can detect and mitigate DDoS attacks autonomously without requiring centralized consensus. Cloudflare users can configure this system through [DDoS Attack Protection managed rulesets](/ddos-protection/managed-rulesets/).
+The Cloudflare Autonomous Edge is powered by the denial-of-service <GlossaryTooltip term="daemon" prepend="A daemon is ">daemon</GlossaryTooltip> (`dosd`), which is a home-grown software-defined system. The flow tracking daemon, `flowtrackd`, is our stateful mitigation platform alongside `dosd`. A `dosd` instance runs in every single server in every one of [Cloudflare global network's data centers](https://www.cloudflare.com/network/) around the world. These `dosd` instances can detect and mitigate DDoS attacks autonomously without requiring centralized consensus. Cloudflare users can configure this system through [DDoS Attack Protection managed rulesets](/ddos-protection/managed-rulesets/).
 
 Another component of Cloudflare’s Autonomous Edge includes the [Advanced TCP Protection](/ddos-protection/advanced-ddos-systems/overview/advanced-tcp-protection/) system. This is Cloudflare's TCP state tracking machine for detecting and mitigating the most randomized and sophisticated TCP-based DDoS attacks in unidirectional routing topologies — such as the case of [Magic Transit](/magic-transit/). Advanced TCP Protection is able to identify the state of a TCP connection and then drops, challenges, or rate-limits packets that do not belong to a legitimate connection.
 
@@ -22,4 +22,4 @@ For more information, refer to our blog post [A deep-dive into Cloudflare’s au
 
 Complementary to the Autonomous Edge, Cloudflare’s entire global network is overwatched by a global version of `dosd`. This component protects Cloudflare’s entire global network by detecting and mitigating globally distributed volumetric DDoS attacks.
 
-The centralized systems run in Cloudflare's core data centers. They receive samples from every global network data center, analyze them, and automatically send mitigation instructions when detecting an attack. The system is also synchronized to each of our customers’ web servers to identify their health and trigger any required mitigation actions.
+The centralized systems run in Cloudflare's core data centers. They receive samples from every global network data center, analyze them, and automatically send mitigation instructions when detecting an attack. The system is also synchronized to each of our customers' web servers to identify their health and trigger any required mitigation actions.
@@ -33,6 +33,12 @@ Once attack traffic matches a rule, Cloudflare's systems will track that traffic
 | Log | Records matching requests in the Cloudflare Logs. |
 | Use rule defaults | Uses the default action that is pre-defined for each rule. | 
 
+## Thresholds
+
+Thresholds vary for each rule and there are different thresholds globally and per colocation. Within a rule, the traffic is fingerprinted and the thresholds are per fingerprint, and it is difficult to know ahead of time which rules, colocations, or fingerprints your traffic generates, so the threshold numbers are not necessarily valuable.
+
+Instead, Cloudflare's DDoS Protection system provides the sensitivity adjustment. If you experience a false positive, you can decrease the sensitivity. You can also use the `Log` action to help find an appropriate sensitivity level. You can decrease the sensitivity while in `Log` mode until the rule no longer matches.
+
 ## Time to mitigate
 
 - Immediate mitigation for Advanced TCP and DNS Protection systems.

@@ -16,3 +16,5 @@ Cloudflare provides unmetered and unlimited <GlossaryTooltip term="distributed d
 The protection is enabled by Cloudflare’s [Autonomous DDoS Protection Edge](/ddos-protection/about/components/#autonomous-edge), which automatically detects and mitigates DDoS attacks.
 
 The Autonomous Edge includes multiple dynamic mitigation rules exposed as [managed rulesets](/ddos-protection/managed-rulesets/), which provide comprehensive protection against a variety of DDoS attacks across layers 3/4 and layer 7 of the OSI model.
+
+[Adaptive DDoS Protection](/ddos-protection/managed-rulesets/adaptive-protection/) also learns your unique traffic patterns and adapts to them to provide better protection against sophisticated DDoS attacks on layer 7 and layers 3/4. Your Internet properties can be secured from sophisticated TCP and DNS DDoS attacks using [Advanced DDoS Protection](/ddos-protection/advanced-ddos-systems/overview/) that leverages stateful inspection and traffic profiling.
@@ -22,7 +22,7 @@ To configure additional protection against DDoS attacks, refer to the related Cl
 
 ## Enterprise plan
 
-Cloudflare’s DDoS protection systems automatically detect and mitigate DDoS attacks. Additionally, the systems may flag suspiciously-looking incoming traffic from legacy applications, Internet services, or faulty client applications as malicious and apply mitigation actions. If the traffic is in fact legitimate, the mitigation actions can cause service disruptions and outages in your Internet properties.
+Cloudflare's DDoS protection systems automatically detect and mitigate DDoS attacks. Additionally, the systems may flag suspiciously-looking incoming traffic from legacy applications, Internet services, or faulty client applications as malicious and apply mitigation actions. If the traffic is in fact legitimate, the mitigation actions can cause service disruptions and outages in your Internet properties.
 
 To prevent this situation, Cloudflare recommends that you perform these steps to get started:
Original file line number	Diff line number	Diff line change
Expand Up		@@ -16,3 +16,5 @@ Cloudflare provides unmetered and unlimited <GlossaryTooltip term="distributed d
		The protection is enabled by Cloudflare’s [Autonomous DDoS Protection Edge](/ddos-protection/about/components/#autonomous-edge), which automatically detects and mitigates DDoS attacks.

		The Autonomous Edge includes multiple dynamic mitigation rules exposed as [managed rulesets](/ddos-protection/managed-rulesets/), which provide comprehensive protection against a variety of DDoS attacks across layers 3/4 and layer 7 of the OSI model.

		[Adaptive DDoS Protection](/ddos-protection/managed-rulesets/adaptive-protection/) also learns your unique traffic patterns and adapts to them to provide better protection against sophisticated DDoS attacks on layer 7 and layers 3/4. Your Internet properties can be secured from sophisticated TCP and DNS DDoS attacks using [Advanced DDoS Protection](/ddos-protection/advanced-ddos-systems/overview/) that leverages stateful inspection and traffic profiling.