All Documentation
Cloud Firewall
Cloud Firewall
All results for "
" in this service
All results for "
" in this service
What's New
Function Overview
Service Overview
CFW Infographics
What Is CFW?
Features
Editions
Application Scenarios
Constraints and Limitations
Security
Shared Responsibilities
Identity Authentication and Access Control
Data Protection Technologies
Audit and Logging
Service Resilience
Risk Monitoring
Certificates
Personal Data
Billing
Concepts Related to CFW
Permissions Management
Related Services
Change History
Billing
Billing Overview
Billing Mode
Overview
Yearly/Monthly Billing
Billing Items
Billing Examples
Renewing Subscriptions
Overview
Manually Renewing CFW
Auto-renewing CFW
Bills
Arrears
Billing Termination
Cost Management
Billing FAQs
How Is VPC Border (East-West) Traffic Charged?
How Is CFW Billed?
How Do I Change My CFW Edition?
How Do I Renew CFW?
How Do I Unsubscribe from CFW?
Change History
Getting Started
Overview
Step 1: Purchase CFW
Step 2: Enable EIP Protection
Step 3: Configure a Protection Policy
Configuring Intrusion Prevention
Configuring an Access Control Policy
(Optional) Step 4: View Protection Details
Viewing Network Traffic Analysis
Viewing Protection Event Logs
Getting Started with Common Practices
User Guide
Purchasing CFW
Purchasing Standard Edition
Purchasing Professional Edition
Changing CFW Specifications
Checking the CFW Dashboard
Managing EIP Protection
Enabling EIP Protection
Viewing EIP Information
Managing VPC Border Firewalls
VPC Border Firewall Overview
Enterprise Router Mode (New)
Step 1: Create a Firewall
Step 2: Add VPC Attachments
Step 3: Create and Configure Route Tables
Step 4: Modify VPC Route Tables
(Optional) Verifying Connectivity
Step 5: Enable or Disable a VPC Border Firewall
(Optional) Adding a Protected VPC
Enterprise Router Mode (Old)
Creating a VPC Border Firewall
Configuring an Enterprise Router
Enabling or Disabling a VPC Border Firewall
Managing ACL Rules
Adding a Protection Rule
Managing Protection Rules in Batches
Configuring a Rule Priority
Managing the Blacklist and the Whitelist
Adding an Item to the Blacklist or Whitelist
Editing the Blacklist or Whitelist
Removing a Blacklisted or Whitelisted Item
Managing IP Address Groups
Adding Custom IP Address Groups
Viewing a Predefined Address Group
Adding an IP Address
Delete an IP Address Group
Managing Service Groups
Adding a Custom Service Group
Viewing a Predefined Service Group
Adding a Service
Deleting a User-defined Service Group
Managing Domain Name Groups
Adding a Domain Name Group
Deleting a Domain Name Group
Policy Assistant
Managing Protection Rules
Checking the ACL Rule List
Editing a Protection Rule
Copying a Protection Rule
Deleting a Rule
Configuring Intrusion Prevention
Managing Intrusion Prevention
Checking the IPS Rule Library
Modifying the Action of a Basic Protection Rule
Customizing IPS Signatures
Managing the Antivirus Function
Security Dashboard
Traffic Analysis
Viewing Inbound Traffic
Viewing Outbound Traffic
Viewing Inter-VPC Traffic
Auditing Logs
Querying Logs
Log Management
Log Settings
Changing the Log Storage Duration
Adding Alarm Notifications
Log Structuring
Visualization
Quick Analysis
Log Field Description
System Management
Alarm Notification
Network Packet Capture
Creating a Packet Capture Task
Viewing a Packet Capture Task
Downloading Packet Capture Results
Multi-Account Management
Multi-Account Management Overview
Adding an Account to an Organization
Viewing Multi-Account Management
Configuring DNS Resolution
Security Reports
Creating a Security Report
Viewing/Downloading a Security Report
Managing Security Reports
Permissions Management
Creating a User Group and Granting Permissions
CFW Custom Policies
CFW Permissions and Supported Actions
Audit
Operations Recorded by CTS
Viewing Audit Logs
Monitoring
CFW Monitored Metrics
Configuring Alarm Monitoring Rules
Viewing Monitoring Metrics
Managing Projects and Enterprise Projects
Change History
Best Practices
Configuring Inbound and Outbound Access Policies
Configuring Access Policies for IP Address Groups and Service Groups
Configuring the VPC Border Firewall
Using CFW to Protect SNAT
SNAT Protection Overview
Connecting VPC1 and VPC-NAT to an Enterprise Router
Configuring a NAT Gateway
Configuring a Route Table for VPC1
Configuring a NAT Protection Rule
Precautions for Using CFW with WAF, Advanced Anti-DDoS, and CDN
Migrating Security Rules
Change History
API Reference
Before You Start
Overview
API Calling
Endpoints
Concepts
API Overview
API Calling
Making an API Request
Authentication
Returned Values
API
Firewall Management
Create Firewall
List Job Status
Delete firewall instance
list firewall list
Obtaining East-West Firewall Information
Create East West Firewall
Querying the Number of Protected VPCs
Changing the East-West Firewall Protection Status
List Firewall Detail
EIP Management
Querying the Number of EIPs
Enabling or Disabling an EIP,To enable and disable EIP, you must use ListEips to synchronize EIP assets before enabling EIP protection for the first time after purchasing EIP, and set the sync field to 1.
Querying the EIP List
ACL Rule Management
Creating an ACL Rule
Batch Delete Acl Rules
Updating an ACL Rule
Updating Rule Actions in Batches
List Acl Rule Tags
Obtaining the Rule Hit Count
Deleting the Rule Hit Count
Delete Acl Rule
Querying a Protection Rule
Setting the Priority of an ACL Protection Rule
Blacklist and Whitelist Management
Creating a Blacklist or Whitelist Rule
Updating the Blacklist or Whitelist
Deleting a Blacklist or Whitelist Rule
Querying a Blacklist or Whitelist
Address Set Management
Adding an Address Set Member
Batch Delete Address Items
Deleting an Address Set Member
Querying Address Set Members
Adding an Address Set
Querying IP Address Sets
Querying Address Set Details
Updating Address Set Information
Deleting an Address Set
Service Set Management
Creating a Service Member
Batch Delete Service Items
Obtaining the Service Set List
Creating a Service Set
Querying Service Set Details
Modifying a Service Set
Deleting a Service Set
Querying the Service Set Member List
Deleting a Service Member
Domain Parse and Domain Set Management
Add Domain Set
Delete Domain Set
Update Domain Set
list domain sets
list domains
add domains
delete domains
Querying the DNS Server List
Updating the DNS Server List
Querying the IP Address for Domain Name Resolution
IPS Management
Querying the IPS Switch Status
Enabling or Disabling IPS
Querying the Protection Mode
Switching the Protection Mode
Log Management
List Log Config
Add Log Config
Update Log Config
Querying Flow Logs
Querying Access Control Logs
Querying Attack Logs
Appendix
Status Code
Error Codes
Obtaining a Project ID
Change History
SDK Reference
SDK Overview
FAQs
Consulting
Does CFW Support Off-Cloud Servers?
Can CFW Be Shared Across Accounts?
What Are the Differences Between CFW and WAF?
What Are the Differences Between CFW, Security Groups, and Network ACLs?
What Are the Priorities of the Protection Settings in CFW?
How Do I Calculate the Number of Protected VPCs and the Peak Protection Traffic at the VPC Border?
Can WAF, Advanced Anti-DDoS, and CFW Be Deployed Together?
Regions and AZs
What Are Regions and AZs?
Can CFW Be Used Across Clouds or Regions?
About Functions
What Details Can I Get from Logs?
How Does CFW Control Access?
What Are the Precautions for Configuring a Protection Rule to Block IP Addresses?
Why Are Unprotected EIPs Displayed in CFW Attack Logs?
Troubleshooting
How Do I Troubleshoot CFW Protection When Service Traffic Is Abnormal?
Why Are Traffic and Attack Logs Incomplete on the Traffic Analysis Page?
Why Does a Configured Policy Not Take Effect?
What Do I Do If IPS Blocks Normal Services?
What Do I Do If There Is No Data in Access Control Logs?
What Are the Precautions for Configuring a NAT64 Defense Policy?
Why Some Permissions Become Invalid After a System Policy Is Granted to an Enterprise Project?
How Does Huawei Cloud CFW Detect and Defend Against Attacks Exploiting the Apache Log4j Remote Code Execution Vulnerability?
How Does Huawei Cloud CFW Detect and Defend Against Attacks Exploiting the Spring Framework Remote Code Execution Vulnerability?
Network Traffic
What Does Traffic Analysis Provide?
How Does CFW Collect Traffic Statistics?
What Do I Do If My Service Traffic Exceeds the Protection Bandwidth?
What Is the Protection Bandwidth Provided by CFW?
What Are the Differences Between the Data Displayed in Traffic Trend Module and the Traffic Analysis Page?
APIs
What is Object_Id?
What Is Firewall_Instance_Id?
Billing
How Is CFW Billed?
How Do I Change My CFW Edition?
How Do I Renew CFW?
How Do I Unsubscribe from CFW?
Change History
Videos
General Reference
Glossary
Service Level Agreement
White Papers
Endpoints
Permissions