Features
Cloud Firewall (CFW) comes in the standard edition. On the CFW console, you can check CFW status, access control, intrusion prevention, traffic analysis, and log audit statistics.
Item |
Description |
---|---|
Dashboard |
You can check enabled and disabled firewalls. |
Assets |
You can check and manage EIPs. |
Access Control |
You can control access at Internet borders. |
Intrusion Prevention |
You can detect and prevent against intrusions from Internet traffic by selecting a protection mode and determining whether to enable basic protection. Basic protection includes threat detection and vulnerability scanning.
|
Traffic Analysis |
You can check the following statistics:
|
Log Audit |
You can check the following types of logs:
You can use Log Tank Service (LTS) on Huawei Cloud to record all CFW logs, including attack event, access control, and traffic logs. |
Menu |
Tab |
GUI Element |
Restriction |
---|---|---|---|
Access Control > Access Policies |
Protection Rules |
Operation column of the rule list |
Rule priority can be configured. |
Add Rule |
Rule priority can be configured. |
||
Add Rule |
Only the TCP protocol is supported. |
||
Blacklist |
Add to Blacklist |
Only the TCP protocol is supported. |
|
Whitelist |
Add to Whitelist |
Only the TCP protocol is supported. |
|
NOTE:
Huawei bypass blocking engine allows all traffic by default. |
Engine |
Function |
Protocol |
Scenario |
---|---|---|---|
Hillstone engine |
The firewall in-path engine completes security detection and protection for user traffic and then sends the traffic to the target ECS. This engine provides various detection functions and flexible blocking policies. |
TCP, UDP, ICMP, Any, and ICMPv6 |
Protection for Internet borders and VPC borders |
Huawei engine |
The firewall engine is deployed in out-of-path mode. It mirrors user traffic for analysis and delivers policies to block threat sessions. The out-of-path deployment does not change the direction of user traffic and has no impact on services. |
TCP |
Internet border protection |
Feedback
Was this page helpful?
Provide feedbackFor any further questions, feel free to contact us through the chatbot.
Chatbot