Basic information for security services
Many security services of the Open Telekom Cloud are free of charge. Identity and Access Management (IAM), Anti-DDoS, and standard encryption* for services such as EVS, SFS, RDS are among them.
Key Management Service (KMS)
For the use of the Key Management Service (KMS) of customer-generated encryption keys (Customer Master Key, CMK) and for the execution of API calls, fees are charged according to usage. Default encryption keys (Default Master Key, DMK) are free of charge. Usage of generated keys is billed on an hourly basis. The free volume for KMS comprises 20,000 API calls (free tier). API calls beyond this are subject to a charge: 1,000 calls generate costs of 0.3 cents
Web Application Firewall (WAF)
The Web Application Firewall protects web domains. Its special feature is that the hours are split into tiers on a scale.
| | Equals Web Application Firewalls | |
| | | |
| | | |
| | | |
Cost of WAF, conversion to monthly WAFs that are used full-time (approximate values)
As with the other scales, the scales are quantity-based, i.e., in the case of ten commissioned WAFs, the first scale is used for the first three WAFs, the second for the following four and the third for the last three. Additional costs for requests occur: one million requests will be charged with 60 cents. Apart from requests and WAF instances, there are no other costs. You can create as many rules/policies as you want without incurring any additional costs.
Dedicated Web Application Firewall (DWAF)
In addition to the Web Application Firewall (WAF), there is also the Dedicated Web Application Firewall (DWAF) for protecting web servers. The DWAF requires the Elastic Load Balancer (ELB) in front of the WAF as internet-facing ELB and optionally behind the WAF for multiple web servers. There are dedicated virtual systems with 2 variants (100Mbit/s and 500Mbit/s bandwidth and a maximum of 2000 queries per second (QPS), respectively 10000 QPS for the larger variant) as well as exclusive dedicated resources/instances for customers. Billing is per instance/hour.
| | | |
Dedicated WAF WI-100
100 Mbit/s; 2000 QPS | | | |
Dedicated WAF WI-500
500 Mbit/s; 10000 QPS | | | |
Database Security Service (DBSS)
Database Security Service (DBSS) is an intelligent security service for databases. Based on machine learning and big data analysis technologies, the service checks databases for SQL injection attacks and identifies high-risk processes. Billing is per instance/hour.
Host Security Service (HSS)
The Host Security Service (HSS) helps to monitor and manage assets on servers, eliminate risks and defend against intrusion attempts (intrusion detection) and website manipulation. In addition, advanced protection and security functions are available that help to easily identify and manage threats. Billing is per asset (container node / ECS) with activated agent per hour.
| | | |
| | | |
| | | |
Web Tamper Protection (WTP) | | | |
| | | |
* Fees for the use of the Key Management Service (KMS) are charged according to usage. The usage of the generated keys is on an hourly basis. The free volume for KMS includes 20,000 API calls. API calls beyond this are subject to a charge: 1,000 calls generate costs of 0.3 cents.
