Help Center/ Cloud Firewall/ User Guide/ System Management/ Alarm Notification
Updated on 2025-12-15 GMT+08:00
View PDF

Alarm Notification

You can configure alarm notifications to monitor the status of CFW in real time. After the configuration, you can receive notifications if your assets are attacked, traffic exceeds the limit, or EIPs are not protected, helping you enhance asset security.

  • Alarm notifications depend on Simple Message Notification (SMN). SMN is a paid service. For details about its pricing, see SMN Pricing Details.
  • Before setting alarm notification, you are advised to create a message topic in SMN. For details, see Before You Publish a Message.

Alarm Notification Items

CFW supports the following alarm notification items.

Table 1 Alarm notification items

Alarm Notification Item

Description

Attack Alarm

If CFW detects an intrusion prevention event and the specified trigger conditions are met, an alarm notification will be sent.

High Traffic Warning

If the peak traffic passing through CFW reaches a certain percentage (for example, 70%, 80%, or 90%) of the purchased traffic processing capacity, and such excession occurs three or more times within 5 minutes, an alarm notification will be sent.

EIP Not Protected

If CFW detects unprotected EIPs under your account, it will send an alarm notification once a day.

Setting Alarm Notifications

You can set the alarm notification time, trigger condition, and recipient group, so that CFW can send notifications to recipients in the specified period of time using the method you configure (for example, by email or SMS message).

Attack Alarm

  1. Log in to the CFW console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
  4. In the navigation pane, choose System Management > Notifications.

    Figure 1 Alarm notifications

  5. In the Operation column of the Attack alarm, click Edit. On the notification item settings page that is displayed, configure notification parameters.

    The notification settings take effect immediately after being modified.

    Table 2 Attack alarm parameters

    Parameter

    Description

    Description

    IPS attack alarm

    Level

    Select the risk levels that trigger notifications.

    The options are Serious, High, Medium, and Low. Multiple options can be selected.

    For example, if you select High and Medium, the firewall will notify you by SMS message or email when detecting an intrusion with a high- or medium-level risk.

    Notification Time

    Select a time range for sending notifications.

    CFW sends notifications only within the alarm notification period. If an exception is detected outside this period, no notifications will be sent.

    Trigger Condition

    Configure the trigger condition.

    Alarm notifications are sent if the number of attacks is at least equal to the threshold configured for a certain period.

    Recipient Group

    Select a topic from the drop-down list to configure the endpoints for receiving alarm notifications.

    If there are no topics, click View Topic and perform the following steps to create a topic:
    1. Create a topic. For details, see Creating a Topic.
    2. Add one or more subscriptions to the topic. You will need to provide a phone number, email address, function, platform application endpoint, DMS endpoint, or HTTP/HTTPS endpoint to receive alarm notifications. For details, see Adding a Subscription.
    3. Confirm the subscription.

  6. Click OK.
  7. In the Status column of Attack alarm, click to enable it.

    The notification settings take effect immediately after being modified.

High Traffic Warning

  1. Log in to the CFW console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
  4. In the navigation pane, choose System Management > Notifications.

    Figure 2 Alarm notifications

  5. In the Operation column of the High Traffic Warning alarm, click Edit. On the notification item settings page that is displayed, configure notification parameters.

    The notification settings take effect immediately after being modified.

    Table 3 High traffic warning parameters

    Parameter

    Description

    Description

    An alarm is generated if the traffic reaches the specified percentage of the traffic processing capability you have purchased.

    Level

    Select a percentage. When the maximum peak inbound or outbound traffic reaches the percentage of the traffic processing capability you have purchased, an alarm notification is triggered.

    For example, you can select 70%, 80%, or 90%.

    If this parameter is set to 80%, an alarm notification is sent when the used traffic reaches 80% of the purchased traffic.

    Notification Time

    Select a time range for sending notifications.

    CFW sends notifications only within the alarm notification period. If an exception is detected outside this period, no notifications will be sent.

    Trigger Condition

    Once a day

    Recipient Group

    Select a topic from the drop-down list to configure the endpoints for receiving alarm notifications.

    If there are no topics, click View Topic and perform the following steps to create a topic:
    1. Create a topic. For details, see Creating a Topic.
    2. Add one or more subscriptions to the topic. You will need to provide a phone number, email address, function, platform application endpoint, DMS endpoint, or HTTP/HTTPS endpoint to receive alarm notifications. For details, see Adding a Subscription.
    3. Confirm the subscription.

  6. Click OK.
  7. In the Status column of High Traffic Warning, click to enable it.

    The notification settings take effect immediately after being modified.

EIP Not Protected

  1. Log in to the CFW console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
  4. In the navigation pane, choose System Management > Notifications.

    Figure 3 Alarm notifications

  5. In the Operation column of the EIP Not Protected alarm, click Edit. On the notification item settings page that is displayed, configure notification parameters.

    The notification settings take effect immediately after being modified.

    Table 4 Parameters of the alarm EIP Not Protected

    Parameter

    Description

    Description

    This alarm indicates that there are unprotected EIPs.

    Notification Time

    Select a time range for sending notifications.

    CFW sends notifications only within the alarm notification period. If an exception is detected outside this period, no notifications will be sent.

    Trigger Condition

    Once a day

    Recipient Group

    Select a topic from the drop-down list to configure the endpoints for receiving alarm notifications.

    If there are no topics, click View Topic and perform the following steps to create a topic:
    1. Create a topic. For details, see Creating a Topic.
    2. Add one or more subscriptions to the topic. You will need to provide a phone number, email address, function, platform application endpoint, DMS endpoint, or HTTP/HTTPS endpoint to receive alarm notifications. For details, see Adding a Subscription.
    3. Confirm the subscription.

  6. Click OK.
  7. In the Status column of EIP Not Protected, click to enable it.

    The notification settings take effect immediately after being modified.

References

To add assets to the EIP Not Protected alarm whitelist, click Add to Alarm Whitelist in the Operation column of the alarm. Select EIPs, add them to the whitelist on the right, and click OK. The whitelisted EIPs will no longer trigger this alarm.

Parent Topic: System Management