What is Edge Security Acceleration Platform EO?
Official Last Updated Time: 2025-09-04 15:10:11
Edge Security Acceleration Platform EO (Tencent Cloud EdgeOne, hereinafter referred to as EdgeOne) is the first truly integrated edge security acceleration platform based on a new architecture. It provides comprehensive security protection, network & application performance acceleration, leading edge computing and perfect monitoring and operation analysis capabilities. Currently, EdgeOne's four product segments have gradually matured, providing developers with diversified technical solutions:
Edge acceleration:By optimizing HTTP/HTTPS, TCP/UDP network transmission and combining dynamic and static content, we provide efficient acceleration services for diversified business content in a one-stop minimalist mode.
Edge security:Provide comprehensive security protection capabilities such as DDoS/WAF/Bot/rate limitation for business through distributed architecture, further open up the security capabilities for the benefit of all, and provide users with normalized protection.
edge mediaRelying on Tencent's more than 20 years of in-depth accumulation of network and audio/video technologies, the media capabilities will be further sunk to the edge nodes to improve the quality and efficiency of multimedia services.
Edge Development:Flexible programming based on business development needs, combined with AI to provide developers with rich and easy-to-use tools to support rapid development, deployment and management of edge applications
Product Architecture
EdgeOne mainly provides users with DDoS protection, CC attack protection, Web protection, Bot management, CDN static content acceleration, dynamic-static hybrid intelligent acceleration, edge function, four-layer proxy, DNS resolution and other rich capabilities. The product architecture is shown in the figure below:
Product Features
Edge Acceleration
Intelligent acceleration of dynamic and static content
Based on Tencent Cloud's edge nodes in global availability zones, EdgeOne allows terminals to dispatch to the service node closest to the user when initiating a request, with static cacheable files responding directly and quickly to the user's request in accordance with the caching rules, and dynamic files selecting the optimal return path to access based on self-researched protocol optimization and return link detection, which can effectively reduce the user's access latency and improve the response speed.
Flexible DNS record management
EdgeOne provides authoritative DNS record resolution capability. Users can host DNS records in EdgeOne products through NS access, providing rich DNS capabilities such as DNS record resolution, DNSSEC, customized NS, weighted resolution, line resolution, and so on, and at the same time, it helps to accelerate the direct IP out after accessing EdgeOne, which can further improve the access to the content. DNS resolution performance after accessing EdgeOne accelerated service.
Full-link HTTPS certificates
EdgeOne supports to provide you with full-link HTTPS certificate management capability, providing edge HTTPS certificate configuration, free HTTPS certificate automatic application/deployment/renewal capability, edge two-way authentication, back-to-source two-way authentication, and other advanced HTTPS capabilities, which help your business realize HTTPS encryption according to the actual business requirements in full-link access.
Global site one-click configuration
Through the global site one-click configuration, users can quickly and easily complete the site's comprehensive configuration management, helping users to significantly simplify the complexity of the same type of domain name business configuration, reducing the pressure of operation and maintenance.
Customizable rules engine capabilities
EdgeOne provides highly customizable edge acceleration services through a rich rules language that allows users to customize request configuration matching conditions and execution operations within the rules engine, allowing users to flexibly customize the service's caching rules, network protocols, HTTP headers, and response content within EdgeOne.
Highly available source-site load balancing
Load balancing supports multi-level backup sources to achieve high availability of services, and can support active detection of the health of the source station to help users shield the faulty service source station in advance and schedule the service traffic to the healthy source station, which can effectively provide the stability and availability of services.
Multi-version business configuration management
EdgeOne's support for version control and management of the current site configuration, you can safely test the new business capabilities in version management, and realize rapid deployment, rollback, can achieve rapid iteration of the business at the same time, through the version management to further improve the stability of the business operation and maintenance and continuous availability.
TCP/UDP Layer 4 Proxy Forwarding
Layer 4 Proxy is a TCP/UDP protocol-based acceleration service provided by EdgeOne. Through EdgeOne's widely distributed Layer 4 Proxy nodes, unique DDoS protection module, and intelligent routing technology, it realizes end-user proximity access, edge traffic cleansing, and port listening and forwarding, and provides high-availability and low-latency DDoS protection and Layer 4 acceleration services for Layer 4 applications.
Edge Security
T-level DDoS protection
Based on the powerful DDoS traffic cleaning center, EdgeOne provides all users with platform-level default DDoS protection capabilities and resources by default, which can solve the daily protection needs of most sites, and at the same time, it supports the provision of standalone DDoS protection to provide automatic cleaning capabilities for high-traffic DDoS attacks, which can strongly protect the security of users' business.
Out-of-the-box Web protection
EdgeOne integrates Web protection at the edge to help users filter and block malicious traffic at the edge, providing a variety of capabilities such as managed rules, rate limiting, customized protection rules, CC protection, and more, to effectively protect the security and reliability of your business.
Intelligent Bot Management
EdgeOne can effectively mitigate the risk of Bot crawlers on users' websites and improve the security of websites through rich Bot feature control, combined with Tencent Cloud's own security database, which provides users with client profiling, intelligent analysis and other capabilities.
edge media
Instant Video Processing
Through the edge video instant processing, users upload videos to the VOD source station, no need to wait for the video transcoding processing in the source station, allowing users to watch the instant transcoding processed multi-bitrate video within seconds, reducing the user's transcoding video storage costs, and at the same time more flexible to adapt to different terminals and network environments on the transcoding format, bit rate playback requirements.
Instant image processing
It supports users to process, cache and respond to images directly through EdgeOne edge servers. Users only need to store the original images in the business source station, and can adaptively adjust the image format and size according to the requesting endpoints, which effectively reduces the user's image storage and management costs, and improves the page loading speed and performance of the page access.
Edge Development
Flexible Edge Functions
Edge nodes in EdgeOne's global availability zones provide a Serverless code execution environment for users. Users only need to write function code and corresponding trigger rules within the edge function, and there is no need to configure and manage infrastructure such as servers, so that they can elastically and securely run code within edge nodes close to users and respond to user requests.
EdgeOne Pages
Enables users to complete website web page development within the edge node, allowing developers to rapidly build and deploy static sites and Serverless applications, simplifying the service deployment process and server management costs, and delivering a high-performance website experience.
Custom Image Generation
With EdgeOne's powerful edge computing capability, image generation can complete image rendering according to your business needs in a super fast way, customize the content of the images you need for your business, and make use of reusable templates and rich API interfaces, which can help you to quickly mass produce the images you need and reduce the difficulty of image business processing.
Why EO?
EdgeOne serves many industries such as finance, gaming, social entertainment, e-commerce/new retail and traditional enterprises (logistics/ticketing/airline/hotel), and is mainly applied to enterprise websites or APP business with acceleration needs or security protection needs to solve the following problems:
Operational network issues:In cross-operator/cross-region scenarios, the response to user client requests for resources is slow and the packet loss rate is high. EdgeOne provides users with nearby node services through globally distributed edge nodes and bandwidth reserves, caches static resources in edge nodes for fast response to users, and optimizes links to achieve the best back-to-source path access and reduce latency for dynamic resources by means of private protocols.
Operational security issues:Users' business may experience high volume of DDoS attacks, vulnerability attacks, bot crawlers and other malicious requests. Traditional solutions require multiple security products to be used on top of each other, and DDoS protection and CDN products usually cannot be shared. EdgeOne provides one-stop security protection, and through intelligent security policies and user-defined security policies, malicious requests can be intercepted at the edge nodes, avoiding centralized transmittal to the source firewall for processing, and comprehensively responding to the security challenges of the digital business.
High O&M complexity:Traditional products require multiple products to be stacked in order to realize reliable network acceleration services and security protection for business, usually requiring the operation and maintenance of multiple products and high complexity of configuration access, business troubleshooting and monitoring workload. EdgeOne, as a one-stop platform, highly integrates the security and acceleration capabilities, allowing users to one-stop solution to all the network performance issues and security protection, effectively simplifying the complexity of operation and maintenance of the business. EdgeOne is a one-stop platform with highly integrated security and acceleration capabilities.
EO Product Advantages
Official last update: 2024-12-25 10:43:52
Innovative integrated protection architecture dramatically improves performance
EdgeOne is a truly integrated edge security acceleration platform based on a new architecture, providing comprehensive security protection, network & application performance acceleration, leading edge computing, and perfect monitoring and operation analysis capabilities, which can comprehensively meet network security and acceleration needs. In the face of unexpected heavy traffic, the system can accurately schedule traffic to Unicast edge nodes through DNS+BGP hybrid intelligent resolution, avoiding network congestion and guaranteeing high-quality user experience with leading performance in the industry.
One-stop management reduces O&M costs
It provides rich functions including DNS records, dynamic and static content distribution acceleration, DDoS protection, Web protection, Bot management, four-layer proxy, media processing, edge function, etc. Using EdgeOne one-stop service can greatly improve the efficiency of operation and maintenance, realize the rapid troubleshooting and resolution of problems, and make the business more stable and reliable, and the product price is much more cost-effective than purchasing the single-product combination solution separately. The price of the product is more cost-effective and the operation and maintenance service is more worry-free than purchasing a combination of single products separately.
Hassle-free clean traffic billing
Most of the security products in the market adopt (guaranteed + flexible) billing method, the traffic includes business traffic + attack traffic, EdgeOne adopts “clean traffic” billing mode, i.e., no billing for requests blocked by the security protection function, and only billing for the traffic and request usage processed by the security protection function. This billing method can help users better manage their budgets and reduce unintended bills from large attacks.
Rich and flexible console capabilities
The console provides an integrated management console that combines domain name resolution, site acceleration, security protection, rule engine, four-layer proxy, edge function, logging service, data analysis, and more than 10 rich capabilities to help you perform one-stop security protection and content acceleration at the edge, and through the flexible configuration of rules and edge functions, it can help you flexibly configure the business response and back to the source according to the demand. rules to realize flexible edge business processing.
Massive node and bandwidth resource reserves
Edge security acceleration platform EO resources in 70+ countries and regions, the entire network bandwidth of 200Tbps +, covering the global availability of 3200 + acceleration nodes and 50 + small and medium-sized operators access, of which the number of nodes in the domestic 2300 +, the number of nodes overseas 900 +, a single node storage capacity of up to 40 TB ~ 1.5 PB, the bandwidth load can be up to 40 Gbps ~ 200 Gbps or more! It can effectively improve cross-region and cross-carrier access quality problems and cope with traffic surge scenarios.
Distribution of nodes in the territory
| region | Specific area |
| Eastern China | Shanghai, Jiangsu, Zhejiang, Anhui, Jiangxi, Shandong, Fujian |
| Northern China | Beijing, Tianjin, Shanxi, Hebei, Central Inner Mongolia Autonomous Region |
| central China | Henan Province, Hubei Province, Hunan Province |
| northwestern | Shaanxi, Gansu, Qinghai, Ningxia Hui Autonomous Region, Xinjiang Uygur Autonomous Region, Western Inner Mongolia Autonomous Region |
| South China | Guangdong Province, Hainan Province, Guangxi Zhuang Autonomous Region |
| southwestern | Chongqing, Sichuan, Guizhou, Yunnan, TAR |
| northwest | Heilongjiang Province, Jilin Province, Liaoning Province, eastern Inner Mongolia Autonomous Region |
Offshore Node Distribution
| region | Specific area |
| North America | United States, Mexico, Canada |
| South America | Brazil, Colombia, Peru, Ecuador, Chile, Argentina |
| Asian | Hong Kong, China, Macau, Taiwan, Japan, Korea, Mongolia, Vietnam, Laos, Singapore, Thailand, Philippines, Myanmar, Cambodia, Malaysia, Indonesia, India, Bangladesh, Nepal, Pakistan, Kuwait, Kyrgyzstan, Qatar, Israel, Turkey, Iraq, Saudi Arabia, Oman, United Arab Emirates, Bahrain, Lebanon, Jordan, Kazakhstan. Uzbekistan, Azerbaijan, Brunei |
| continent | Djibouti, Kenya, Madagascar, Mauritius, Egypt, South Africa, Algeria |
| Oceania | Australia, New Zealand |
| European | Italy, Austria, Poland, Finland, Denmark, Belgium, Sweden, Spain, France, Netherlands, Germany, United Kingdom, Norway, Romania, Latvia, Bulgaria, Czech Republic, Switzerland, Hungary, Portugal, Greece |
Easy-to-use access experience
EdgeOne provides users with an easier access experience than traditional CDNs and security products, offering free HTTPS certificates, configuration templates, one-click global site configuration, and preset security rules to make it easier for users to access EdgeOne and lower the threshold of use.
Rich and professional service experience
The EdgeOne team has rich experience in business migration, re-warranty and daily operation and maintenance, and is equipped with advantageous service resources such as massive business cutover and major project protection, 7 × 24 hour monitoring, proactive discovery and response, effectively shortening the response cycle.
EO application scenarios and solutions
Official last update: 2025-04-01 10:31:02
Poor quality of user visits
Business Pain Points:Due to the wide distribution of subscribers, when accessing across regions and carriers, there will be aSlow loading, lagging or even access failurepresent situation
Common Scenarios:
- Website static file loading, e.g. portal/personal blog/forums
- Game/app/video and other kinds of download scenarios
- Payment/login interfaces are unstable, e.g., e-commerce platform access loading/trading
Applicable industries:Industry-wide applicability, more obvious in gaming/e-commerce/social entertainment industry
Solution:EdgeOne throughNodes around the worldThe following are some of the features that can be provided to site usersNearest Node AccessIn addition, it effectively improves the user's access experience
Business traffic bursts
Business Pain Points:The site's server has limited bandwidth resources and performance, and in the event of aCentralized access for a large number of usersWhen this is done, it will result in aSource station cannot carrywhich results in the userAccess unavailable
Common Scenarios:
- Game Releases/Updates
- Live Sports Events
- Top Drama Releases
- e-commerce promotion
- OTA Upgrade
Applicable industries:Industry-wide application, more obvious in gaming/e-commerce industry
Solution:Utilizing EdgeOne Self-developed global dispatch systemIt can flexibly respond to the traffic surge of the business and guarantee the smooth operation of the business.
be subjected to a cyber-attack
Business Pain Points:The site's servers are susceptible to traffic-based and HTTP DDoS attacks when exposed directly on the public network, leading toThe service is inaccessible
Common Scenarios:Sites and applications that provide services directly to the Internet over public IPs
Applicable industries:Gaming/finance/e-commerce/social entertainment/SaaS services, etc.
Solution:EdgeOne for all accessed site domainsProvide reverse proxy access services that include security capabilities by default, which reduces unnecessary public network exposure of the source station and reduces the risk of attacks. At the same time, it provides the targetTraffic-based DDoS attacks, HTTP DDoS attacksprotection
Exploiting Web security vulnerabilities to gain access to data and system privileges
Business Pain Points:Hackers can exploit known or 0-Day Web vulnerabilities to break into a site's service components or systems, steal critical data or gain advanced privileges on the system, resulting in the emergence of aData breaches, data tampering, malicious extortionand other issues
Common Scenarios:Sites or applications that store customer data or business data
Applicable industries:Online Payment/Retail/E-commerce/Finance/Social Industry
Solution:: EdgeOne provides sites with richVulnerability Attack Protection. By supporting semantic analysis ofHosting rules identify access behaviors that exploit vulnerabilitiesmergeSupports automatic updates and automatic deployment.Effectively protect site security, reduce the risk of external attacks to steal sensitive data and system privileges
Use of crawler tools to fake human access and abuse services
Business Pain Points:Casual access to the crawler tool may result inWebsite traffic anomalies and increased load on the backend affect the normal user access experience.Meanwhile malicious crawlers canCrawling commercial information for unfair competition or abuse of services(e.g., automatically registering a large number of accounts for coupons, free trial qualifications), andFurther theft of valuable account privilegesetc. (e.g., vault crashing, brute force account cracking, etc.)
Common Scenarios:Sites or applications that provide transactional services (e.g., login, registration, payment, querying) or SaaS services (e.g., information querying, price querying, big model dialog services, etc.)
Applicable industries:Retail/e-commerce/finance/education/SaaS services, etc.
Solution:EdgeOne provides a rich set of Bot Management StrategyBy means of theIntelligent Analysis Technology and Tencent Security Big DataRisky crawler access behavior can be quickly detected, providing visualization of crawler behavior; and providingFlexible disposition and confrontation strategiesThe following are some of the most common ways to control the behavior of crawlers and to reduce the risks associated with crawler access.
Comparison of EdgeOne's functionality with CDNs and other products
Official last update: 2025-08-27 18:01:31
Edge security acceleration platform EO (Tencent Cloud EdgeOne, hereinafter referred to as EdgeOne) is a comprehensive upgrade product of content distribution network CDN, which can provide richer functions, more flexible configuration methods, and easier ways to get started. Compared with CDN products, it not only covers the original CDN acceleration capabilities, but also provides security protection, edge functions, In addition to the original CDN acceleration capability, it also provides security protection, edge function, media instant processing, four-layer proxy, DNS resolution and other capabilities, solving the problems of poor user access quality, unstable access and high risk of attacks in the gaming, e-commerce, video, retail, finance and other industries through one-stop services.
clarification
The EdgeOne Security Acceleration Platform EO and the Content Delivery Network CDN are two different products. The EdgeOne packages and add-on packages that you have purchased are not applicable to the CDN product, and similarly, the resource packages purchased within the CDN are not applicable to EdgeOne.
Edge Security Acceleration Platform EO provides different platform capabilities depending on the package you purchase, see details:Package Options Comparison。
Please refer to the billing instructions for “clean traffic” only:Notes on “clean traffic” billing。
The following table gives you an overview of where EO, the Edge Security Acceleration Platform, has made significant upgrades:
| Product Advantages | Edge Security Acceleration Platform EO | Content Delivery Network CDN | Whole Site Acceleration Network ECDN | Secure Acceleration SCDN | |
| richer functionality | Static content delivery acceleration | ✓ | ✓ | ✓ | ✕ |
| Intelligent acceleration of dynamic content | ✓ | ✕ | ✓ | ✕ | |
| DDoS/CC protection | ✓ | ✕ | ✕ | ✓ | |
| Bot protection | ✓ | ✕ | ✕ | ✓ | |
| Web protection | ✓ | ✕ | ✕ | ✓ | |
| traffic scheduling | ✓ | ✕ | ✕ | ✕ | |
| Customize the Push Live Log field | ✓ | ✕ | ✕ | ✕ | |
| (math.) an edge function | ✓ | ✕ | ✕ | ✕ | |
| Instant Video Processing | ✓ | ✕ | ✕ | ✕ | |
| Instant image processing | ✓ | ✕ | ✕ | ✕ | |
| rules engine | ✓ | ✕ | ✕ | ✕ | |
| Quadruple Agent | ✓ | ✕ | ✕ | ✕ | |
| DNS record hosting | ✓ | ✕ | ✕ | ✕ | |
| A more hassle-free billing model | Package Mode | ✓ | ✕ | ✕ | ✓ |
| Resource Kit Credits | ✓ | ✓ | ✕ | ✕ | |
| Billing for post-protection traffic only | ✓ | ✕ | ✕ | ✕ | |
| Pay when you exceed your usage | ✓ | ✕ | ✕ | ✕ | |
| “Clean traffic” billing | ✓ | ✕ | ✕ | ✕ | |
| Simpler and more flexible configuration | Site Global One-Click Configuration | ✓ | ✕ | ✕ | ✕ |
| Scenario-based recommended configuration | ✓ | ✕ | ✕ | ✕ | |
| Free Certificates | ✓ | ✕ | ✕ | ✕ | |
Restrictions on the use of EO
Official last update: 2025-01-07 17:54:42
Domain name filing
Access to Tencent Cloud Edge Security Acceleration Platform EO site domain name, acceleration zone selection for theWithin mainland ChinaOrGlobal Availability ZoneIf your domain name has not yet completed the ICP registration, you can use the Tencent Cloud ICP RecordIf your current site domain name has not completed the ICP registration, you can only choose to use it. If your current site domain name has not completed ICP registration, you can only choose to use theGlobal Availability Zone (excluding Mainland China)Regional acceleration.
Creditworthiness check
The Edge Security Acceleration Platform EO performs the domain name addition when theDomain Credit Check. If your domain name has generated any of the following behaviors, resulting in a low credit rating and blacklisting, Edge Security Acceleration Platform EO will prohibit the account from continuing to access the domain name:
- The site's domain name was previously published on the Edge Security Acceleration Platform, EO, in a serious violation.
- The account where the site's domain name is located had generated a large amount of outstanding debt on Tencent Cloud.
- The site domain name is attributed to Tencent Computer Butler Malicious Domains.
Content checking
When you use the Edge Security Acceleration Platform EO services in mainland China, you should ensure that you comply with the laws, regulations, policies, etc. in mainland China, and also ensure that your qualifications, capabilities and use of behavior are in compliance with local laws, regulations and policies.
When your domain name, including but not limited to the following content, we will block the offending content, and in serious cases, we will no longer provide security acceleration services:
- Game Private Service category.
- Pirated games/software/pirated video sites.
- Offending hospital and pharmaceutical websites.
- pornographic content.
- Drug-related content.
- Gambling-related promotional content, gambling-related games category.
Product quotas and specification limits
| typology | Description of restrictions |
| Accessible sites and domain name restrictions | If the site has already been accessed via NS mode, no further access is allowed. If the site has been accessed in CNAME mode, multiple sites in CNAME mode are allowed at the same time. The site domain name only supports English domain names, and does not support Chinese or Korean to punycode access. |
| Limitations on the number of sites | The number of sites accessed under the same account should not exceed 1000, otherwise it will lead to abnormal querying of modules such as first-level navigation data overview and billing data. |
| reserved status code | 499, 521-599 are EdgeOne reserved status codes and it is recommended that you avoid using them in your business to prevent conflicts. |
| (math.) an edge function | For restrictions on the use of edge functions, see:Edge Functions-Overview。 |
| Other quotas | Each function item may have different quota quantities according to the current bound package level, e.g. clear cache, warm-up cache, number of rule engines, etc. Detailed quotas are available for reference:Package Selection Comparison。 |
English