- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Creating a User Group and Granting Permissions
- Checking the Dashboard
- Purchasing and Changing the Specifications of CFW
- Enabling Internet Border Traffic Protection
- Enabling VPC Border Traffic Protection
-
Configuring Access Control Policies to Control Traffic
- Access Control Policy Overview
- Configuring Protection Rules to Block or Allow Traffic
- Adding Blacklist or Whitelist Items to Block or Allow Traffic
- Viewing Protection Information Using the Policy Assistant
- Managing Access Control Policies
- Managing IP Address Groups
- Domain Name Management
- Service Group Management
- Attack Defense
- Viewing Traffic Statistics
- Viewing CFW Protection Logs
- System Management
- Viewing Audit Logs
- Viewing Monitoring Metrics
-
Best Practices
- CFW Best Practice Summary
- Purchasing and Querying CFW via API
- Migrating Security Policies to CFW in Batches
- Configuration Suggestions for Using CFW with WAF, Advanced Anti-DDoS, and CDN
- Allowing Internet Traffic Only to a Specified Port
- Allowing Outbound Traffic from Cloud Resources Only to a Specified Domain Name
- Using CFW to Defend Against Network Attacks
-
API Reference
- Before You Start
- API Overview
- API Calling
-
API
- Domain Name Management
- VPC Protection
- Rule Hit Count
- IPS Switch Management
- East-west Protection
- ACL Rule Management
- Blacklist and Whitelist Management
- Log Query Management
- Protection Mode Management
- Cloud Firewall Information Management
- Service Group Management
- Service Group Member Management
- EIP Management
- Address Group Member Management
- Address Group Management
- Appendix
- Change History
- SDK Reference
-
FAQs
-
About the Product
- Does CFW Support Off-Cloud Servers?
- Can CFW Be Shared Across Accounts?
- What Are the Differences Between CFW and WAF?
- What Are the Differences Between CFW, Security Groups, and Network ACLs?
- How Does CFW Control Access?
- What Are the Priorities of the Protection Settings in CFW?
- Can WAF and CFW Be Deployed Together?
- How Long Are CFW Logs Stored by Default?
- Regions and AZs
- Troubleshooting
-
Network Traffic
- How Do I Calculate the Number of Protected VPCs and the Peak Protection Traffic at the VPC Border?
- How Does CFW Collect Traffic Statistics?
- What Is the Protection Bandwidth Provided by CFW?
- What Do I Do If My Service Traffic Exceeds the Protection Bandwidth?
- What Are the Differences Between the Data Displayed in Traffic Trend Module and the Traffic Analysis Page?
- How Do I Verify the Validity of an Outbound HTTP/HTTPS Domain Protection Rule?
- Billing
-
About the Product
- Videos
Show all
How Do I Calculate the Number of Protected VPCs and the Peak Protection Traffic at the VPC Border?
Pay-per-use firewalls are charged based on the actual protection status. The maximum bandwidth of a pay-per-use firewall (total traffic that can pass through the firewall) is 1 Gbit/s.
Yearly/Monthly CFW: By default, the CFW professional edition protects two VPCs, providing 200 Mbit/s protection for VPC border traffic. To protect more inter-VPC traffic, you can purchase more VPC protection quotas. Each quota provides 200 Mbit/s protection for VPC border traffic.
For example, CFW protects two VPCs (200 Mbit/s in total) by default. To protect 1 Gbit/s VPC border traffic, you need to purchase four more quotas (4 x 200 Mbit/s). The VPC border protection traffic = Default protection traffic (200 Mbit/s) + 4 x VPC protection quotas (200 Mbit/s) = 1 Gbit/s.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
